CN110519291B - Data transmission authentication method and system based on edge calculation and channel correlation - Google Patents

Data transmission authentication method and system based on edge calculation and channel correlation Download PDF

Info

Publication number
CN110519291B
CN110519291B CN201910832490.4A CN201910832490A CN110519291B CN 110519291 B CN110519291 B CN 110519291B CN 201910832490 A CN201910832490 A CN 201910832490A CN 110519291 B CN110519291 B CN 110519291B
Authority
CN
China
Prior art keywords
data
frame
authentication
channel information
channel
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910832490.4A
Other languages
Chinese (zh)
Other versions
CN110519291A (en
Inventor
陈宜
许爱东
文红
蒋屹新
张宇南
廖润发
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
CSG Electric Power Research Institute
Original Assignee
University of Electronic Science and Technology of China
CSG Electric Power Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China, CSG Electric Power Research Institute filed Critical University of Electronic Science and Technology of China
Priority to CN201910832490.4A priority Critical patent/CN110519291B/en
Publication of CN110519291A publication Critical patent/CN110519291A/en
Application granted granted Critical
Publication of CN110519291B publication Critical patent/CN110519291B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

The invention discloses a data transmission authentication method and a data transmission authentication system based on edge calculation and channel correlation, wherein the method comprises the following steps: s1, initial authentication: when the terminal node and the edge calculation server carry out data transmission, the edge calculation server carries out upper layer authentication on an initial data packet, extracts corresponding channel information as reference channel information of the data packet authentication, and determines a correlation coefficient threshold value at the same time; s2, calculating the channel correlation of the channel information: when the edge computing server receives a new continuous data frame, extracting the channel information of the current data frame and computing the channel correlation coefficient of the channel information corresponding to the previous frame data packet; s3, judging the validity of the continuous data frames: the validity of successive data frames is checked by means of a binary hypothesis. The method carries out authentication and identification on the data frame based on the channel correlation, and has the advantages of low calculation complexity and high data authentication accuracy.

Description

Data transmission authentication method and system based on edge calculation and channel correlation
Technical Field
The invention relates to security authentication protection of data transmission, in particular to a data transmission authentication method and system based on edge calculation and channel correlation.
Background
With the rapid development of the internet of things technology, various terminal devices widely applied will generate massive data. The traditional cloud computing system cannot meet practical requirements in the aspects of matching massive edge data, real-time control, network traffic load, cloud data privacy safety and the like, and a newly-emerging edge computing technology for executing computing on the edge side of a network just can provide edge intelligent services for Internet of things equipment. The edge computing server is close to the terminal node, and the access nodes are numerous and are easy to be attacked. The security and privacy protection of data transmission between the communication terminal node and the edge computing server are the key points of application, and if the security of the data cannot be guaranteed, the system has no practical significance, so that a data transmission security protection authentication scheme suitable for an edge computing scene is needed to be designed.
The high strength of the traditional data security and privacy protection based on cryptography faces large computational complexity, so that terminal nodes with limited energy and computing capacity are difficult to adopt, the computing resources and the like of the edge computing server are far inferior to those of a cloud computing system, and the traditional data security and privacy protection based on cryptography cannot meet practical requirements. The physical layer channel characteristic authentication is to utilize the space-time uniqueness of channel information, directly extract the channel characteristic information from a received data packet and realize the authentication by comparing the similarity of the channel characteristics; the method does not need complex upper layer encryption and decryption operation, has the advantages of high speed and high efficiency, and is very suitable for the legality authentication of the lightweight data packet under the edge computing system. Compared with a cloud computing system, the edge computing server is close to the terminal node, and the terminal node transmits the data packet to the edge computing server in a short distance, so that the distortion of the channel information carried by the data packet is small when the data packet reaches the edge server, and the extraction is easy. The channel information contains rich characteristics, and the channel characteristics carried by the data frame in the coherence time have high correlation, so the channel correlation of the channel information is a statistical index which can better reflect the change of the channel characteristics.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a data transmission authentication method and a data transmission authentication system based on edge calculation and channel correlation.
The purpose of the invention is realized by the following technical scheme: the data transmission authentication method based on the edge calculation and the channel correlation comprises the following steps:
s1, initial authentication: when the terminal node and the edge calculation server carry out data transmission, the edge calculation server carries out upper layer authentication on an initial data packet, extracts corresponding channel information as reference channel information of the data packet authentication, and determines a correlation coefficient threshold value at the same time;
s2, calculating the channel correlation of the channel information: when the edge computing server receives a new continuous data frame, extracting the channel information of the current data frame and computing the channel correlation coefficient of the channel information corresponding to the previous frame data packet;
s3, judging the validity of the continuous data frames: the validity of successive data frames is checked by means of a binary hypothesis:
if the channel correlation of the current data frame is greater than the correlation coefficient threshold value, the current data frame is legal, the edge calculation server receives the data frame, replaces old reference channel information with the channel information of the current data frame, and returns to the step S2 to perform channel correlation calculation on the next frame data packet;
if the channel correlation of the current data frame is smaller than the correlation coefficient threshold value and the current data frame is illegal, the edge calculation server discards the data frame and returns to the step S1 to perform the initial authentication again.
Wherein the step S1 includes the following substeps:
s101, when the terminal node transmits data with the edge computing server, the edge computing server performs upper layer authentication on the previous 2 frame data packets:
if the authentication fails, directly discarding the previous two frames of data packets, returning to the step S101, and taking the next frame of data packet as the 1 st frame of data packet (setting the index of the next frame of data packet to be 1) to continue the upper layer authentication;
if the continuous 2 frame data packets are successfully authenticated, the edge server receives the 2 frame data packets, and extracts the corresponding channel according to the received signal waveformInformation
Figure GDA0002362761270000021
Wherein the content of the first and second substances,
Figure GDA0002362761270000022
representing channel information from the terminal node to the edge calculation server extracted from the signal waveform of the 1 st frame data packet;
Figure GDA0002362761270000023
indicating channel information of the terminal node to the edge calculation server extracted from the signal waveform of the 2 nd frame data packet,
Figure GDA0002362761270000024
a plurality of matrixes which are m rows and 1 column;
s102, calculating an initial channel correlation coefficient rho:
Figure GDA0002362761270000025
wherein the content of the first and second substances,
Figure GDA0002362761270000026
is composed of
Figure GDA0002362761270000027
The covariance of (a) of (b),
Figure GDA0002362761270000028
is composed of
Figure GDA0002362761270000029
The variance of (a) is determined,
Figure GDA00023627612700000210
is composed of
Figure GDA00023627612700000211
The variance of (a) is determined,
Figure GDA00023627612700000212
is composed of
Figure GDA00023627612700000213
The correlation coefficient of (a), is a complex number,
Figure GDA00023627612700000214
presentation pair
Figure GDA00023627612700000215
Carrying out a mould taking operation;
s103, determining a threshold value of a correlation coefficient threshold, namely combining the rho with η0Making a comparison if p is less than η0Then η will be0Set as the threshold value of the authenticated correlation coefficient threshold, i.e. let η be η0If ρ is greater than η0Then ρ is set as the threshold value for determining correlation coefficient threshold for authentication, i.e. η is made equal to ρ, where η is the threshold value for determining correlation coefficient threshold for data frame authentication, η0And (4) setting a correlation coefficient threshold value for the system initially.
Preferably, the method adopted by the upper layer authentication includes, but is not limited to, a symmetric cryptographic algorithm and an asymmetric cryptographic algorithm, and the method adopted by the channel information extraction includes, but is not limited to, a least square channel estimation algorithm and a minimum mean square error channel estimation algorithm.
The step S2 includes the following sub-steps:
s201, when the edge computing server receives the data of the (k + 1) th frame, k is an integer not less than 2, and corresponding channel information is extracted
Figure GDA0002362761270000031
S202, calculating
Figure GDA0002362761270000032
Correlation of (2)
Figure GDA0002362761270000033
Wherein the content of the first and second substances,
Figure GDA0002362761270000034
for channel information
Figure GDA0002362761270000035
The covariance of (a) of (b),
Figure GDA0002362761270000036
is composed of
Figure GDA0002362761270000037
The variance of (a) is determined,
Figure GDA0002362761270000038
is composed of
Figure GDA0002362761270000039
The variance of (a) is determined,
Figure GDA00023627612700000310
is composed of
Figure GDA00023627612700000311
The correlation coefficient of (a), is a complex number,
Figure GDA00023627612700000312
presentation pair
Figure GDA00023627612700000313
And carrying out a modulus taking operation.
The step S3 includes the following sub-steps:
edge compute server passing binary assumptions
Figure GDA00023627612700000314
And checking the validity of the continuous data frames, wherein η represents a threshold decision threshold of a correlation coefficient of data frame authentication:
null hypothesis
Figure GDA00023627612700000315
When rhok< η, indicating channel information
Figure GDA00023627612700000316
Is less than the correlation coefficient gateLimiting the decision threshold value, wherein the (k + 1) th frame data packet is illegal, discarding the data frame by the edge computing server and returning to the step S1, taking the next frame data packet as the 1 st frame data packet (setting the index of the next frame data packet to be 1), and performing the initial authentication and the reference channel information extraction again;
alternative assumptions
Figure GDA00023627612700000317
When rhokWhen > η, the channel information is expressed
Figure GDA00023627612700000318
The correlation is greater than the threshold decision threshold of the correlation coefficient, i.e. the channel information
Figure GDA00023627612700000319
Highly correlated, k +1 th frame data is legally wrapped, and the edge calculation server receives the data frame and then uses the new channel information
Figure GDA00023627612700000320
Replacing old reference channel information
Figure GDA00023627612700000321
The process returns to step S2 to calculate the channel correlation coefficient of the next frame data packet.
The data transmission authentication system based on the edge calculation and the channel correlation comprises an edge calculation server and terminal equipment connected with the edge calculation server through a network;
the terminal equipment is used for interacting with the edge computing server to realize data transmission to the edge computing server;
and the edge calculation server is used for interacting with the terminal equipment, finishing initial data packet authentication with the terminal equipment based on upper layer authentication, determining a correlation coefficient threshold value, and verifying the validity of continuous data packets by realizing physical layer channel authentication based on channel correlation.
Wherein the edge computing server comprises:
the initial authentication establishing and authenticating module is used for performing upper-layer authentication on an initial data packet when receiving data from the terminal equipment, extracting corresponding channel information as a reference of the data packet authentication, and determining a correlation coefficient threshold value;
the channel correlation calculation module is used for extracting the channel information of the current data frame and calculating the channel correlation of the channel information corresponding to the legal data packet of the previous frame when receiving the new continuous data frame;
the data frame validity judging module is used for checking the validity of the continuous data frames through a binary hypothesis: judging whether the channel correlation of the current data frame is greater than a correlation coefficient threshold judgment threshold value, judging that the current data frame is legal, receiving the data frame, replacing old reference channel information with the channel information of the current data frame, and continuing to authenticate the next frame data; and judging that the current data frame is illegal when the channel correlation of the current data frame is smaller than the correlation coefficient threshold judgment threshold, discarding the data frame, and performing initial authentication again.
The invention has the beneficial effects that: the edge computing server extracts the channel information when receiving the signal, verifies the legality of the data frame based on the channel correlation of the channel information, has the advantages of low computing complexity and high data authentication accuracy, and improves the security of system authentication data; in the edge computing system with numerous access nodes and low computing resources, the data packet transmitted between the edge computing server and the terminal node is quickly and accurately authenticated, and the method is very suitable for real-time application of large-scale terminal mass data in an edge computing scene.
Drawings
FIG. 1 is a flow chart of a method of the present invention;
FIG. 2 is a diagram illustrating a success rate of data authentication based on channel correlation according to an embodiment;
fig. 3 is a schematic block diagram of the system of the present invention.
Detailed Description
The technical solutions of the present invention are further described in detail below with reference to the accompanying drawings, but the scope of the present invention is not limited to the following.
As shown in fig. 1, the data transmission authentication method based on edge calculation and channel correlation includes the following steps:
s1, initial authentication: when the terminal node and the edge calculation server carry out data transmission, the edge calculation server carries out upper layer authentication on an initial data packet, extracts corresponding channel information as reference channel information of the data packet authentication, and simultaneously determines a correlation coefficient threshold value:
wherein the step S1 includes the following substeps:
s101, when the terminal node transmits data with the edge computing server, the edge computing server performs upper layer authentication on the previous 2 frame data packets:
if the authentication fails, directly discarding the previous two frames of data packets, returning to the step S101, and taking the next frame of data packet as the 1 st frame of data packet (setting the index of the next frame of data packet to be 1) to continue the upper layer authentication;
if the continuous 2 frame data packets are successfully authenticated, the edge server receives the 2 frame data packets, and extracts corresponding channel information according to the received signal waveform
Figure GDA0002362761270000041
Wherein the content of the first and second substances,
Figure GDA0002362761270000042
representing channel information from the terminal node to the edge calculation server extracted from the signal waveform of the 1 st frame data packet;
Figure GDA0002362761270000051
indicating channel information of the terminal node to the edge calculation server extracted from the signal waveform of the 2 nd frame data packet,
Figure GDA0002362761270000052
a plurality of matrixes which are m rows and 1 column;
s102, calculating an initial channel correlation coefficient rho:
Figure GDA0002362761270000053
wherein the content of the first and second substances,
Figure GDA0002362761270000054
is composed of
Figure GDA0002362761270000055
The covariance of (a) of (b),
Figure GDA0002362761270000056
is composed of
Figure GDA0002362761270000057
The variance of (a) is determined,
Figure GDA0002362761270000058
is composed of
Figure GDA0002362761270000059
The variance of (a) is determined,
Figure GDA00023627612700000510
is composed of
Figure GDA00023627612700000511
The correlation coefficient of (a), is a complex number,
Figure GDA00023627612700000512
presentation pair
Figure GDA00023627612700000513
Carrying out a mould taking operation;
s103, determining a threshold value of a correlation coefficient threshold, namely combining the rho with η0Making a comparison if p is less than η0Then η will be0Set as the threshold value of the authenticated correlation coefficient threshold, i.e. let η be η0If ρ is greater than η0Then ρ is set as the threshold value for determining correlation coefficient threshold for authentication, i.e. η is made equal to ρ, where η is the threshold value for determining correlation coefficient threshold for data frame authentication, η0And (4) setting a correlation coefficient threshold value for the system initially.
In an embodiment of the present application, the upper layer authentication may be an authentication algorithm using a password, including but not limited to a symmetric cryptographic algorithm and an asymmetric cryptographic algorithm: RC4, AES, ECC, etc.; . The channel information extraction method includes, but is not limited to, a least square channel estimation algorithm, a minimum mean square error channel estimation algorithm, an algorithm for improving optimization thereof, and the like.
S2, calculating the channel correlation of the channel information: when the edge computing server receives a new continuous data frame, extracting the channel information of the current data frame and computing the channel correlation coefficient of the channel information corresponding to the previous frame data packet;
s3, judging the validity of the continuous data frames: the validity of successive data frames is checked by means of a binary hypothesis:
if the channel correlation of the current data frame is greater than the correlation coefficient threshold value, the current data frame is legal, the edge calculation server receives the data frame, replaces old reference channel information with the channel information of the current data frame, and returns to the step S2 to perform channel correlation calculation on the next frame data packet;
if the channel correlation of the current data frame is smaller than the correlation coefficient threshold value and the current data frame is illegal, the edge calculation server discards the data frame and returns to the step S1 to perform the initial authentication again.
For the 3 rd frame data, the steps S2 to S3 are performed as follows: when the edge computing server receives the data packet of the 3 rd frame, corresponding channel information is extracted
Figure GDA00023627612700000514
Then according to the channel information obtained in step S1
Figure GDA00023627612700000515
Calculating channel correlation coefficients
Figure GDA00023627612700000516
Wherein the content of the first and second substances,
Figure GDA00023627612700000517
for channel information
Figure GDA00023627612700000518
The covariance of (a) of (b),
Figure GDA00023627612700000519
is composed of
Figure GDA00023627612700000520
The variance of (a) is determined,
Figure GDA00023627612700000521
is composed of
Figure GDA00023627612700000522
The variance of (a) is determined,
Figure GDA00023627612700000523
is composed of
Figure GDA00023627612700000524
The correlation coefficient of (a), is a complex number,
Figure GDA0002362761270000061
presentation pair
Figure GDA0002362761270000062
Carrying out a mould taking operation; by binary assumptions
Figure GDA0002362761270000063
Verifying the validity of the continuous data frames, wherein η represents a threshold decision threshold of correlation coefficient for data frame authentication, and zero hypothesis
Figure GDA0002362761270000064
When rho2< η, indicating channel information
Figure GDA0002362761270000065
If the correlation is smaller than the threshold of the correlation coefficient threshold, the 3 rd frame data packet is illegal, the edge calculation server discards the data frame (sets the index of the next frame data packet to 1) and returns to step S1; alternative assumptions
Figure GDA0002362761270000066
When rho2When > η, the channel information is expressed
Figure GDA0002362761270000067
The correlation is greater than the threshold decision threshold of the correlation coefficient, i.e. the channel information
Figure GDA0002362761270000068
Figure GDA0002362761270000069
Highly correlated, frame 3 data is encapsulated, the edge calculation server receives the data frame and uses the new channel information
Figure GDA00023627612700000610
Replacing old reference channel information
Figure GDA00023627612700000611
Returning to step S2 to calculate the channel correlation coefficient of the next frame data packet;
similarly, for the k +1 th frame data, the steps S2 to S3 are performed as follows: when the edge calculation server receives the data of the (k + 1) th frame, k is an integer not less than 2, and corresponding channel information is extracted
Figure GDA00023627612700000612
Computing
Figure GDA00023627612700000613
Correlation of (2)
Figure GDA00023627612700000614
Wherein the content of the first and second substances,
Figure GDA00023627612700000615
for channel information
Figure GDA00023627612700000616
The covariance of (a) of (b),
Figure GDA00023627612700000617
is composed of
Figure GDA00023627612700000618
The variance of (a) is determined,
Figure GDA00023627612700000619
is composed of
Figure GDA00023627612700000620
The variance of (a) is determined,
Figure GDA00023627612700000621
is composed of
Figure GDA00023627612700000622
The correlation coefficient of (a), is a complex number,
Figure GDA00023627612700000623
presentation pair
Figure GDA00023627612700000624
Carrying out a mould taking operation;
by binary assumptions
Figure GDA00023627612700000625
Verifying the validity of the continuous data frames, wherein η represents a threshold decision threshold of correlation coefficient for data frame authentication, and zero hypothesis
Figure GDA00023627612700000626
When rhok< η, indicating channel information
Figure GDA00023627612700000627
If the correlation is smaller than the threshold value of the correlation coefficient threshold, the (k + 1) th frame data packet is illegal, the edge calculation server discards the data frame (sets the index of the next frame data packet to be 1), and performs the initial authentication and the reference channel information extraction again. In fact, when k is 2, it is the processing mode of the 3 rd frame data;
alternative assumptions
Figure GDA00023627612700000628
When rhokWhen > η, the channel information is expressed
Figure GDA00023627612700000629
The correlation is greater than the threshold decision threshold of the correlation coefficient, i.e. the channel information
Figure GDA00023627612700000630
Highly correlated, k +1 th frame data is legally wrapped, and the edge calculation server receives the data frame and then uses the new channel information
Figure GDA00023627612700000631
Replacing old reference channel information
Figure GDA00023627612700000632
The process returns to step S2 to calculate the channel correlation coefficient of the next frame data packet.
As shown in fig. 2, which is a schematic diagram of a success rate of data authentication based on channel correlation in the embodiment, it can be seen that, in different industrial scenarios, the data transmission security authentication method based on channel correlation of the present invention has a higher success rate of data authentication of physical layer channel. The terminal equipment has the characteristics of intermittence, continuity in short time and the like when sending data; in the coherent time, the channel information carried by the data frame is approximately the same; when the terminal equipment moves to the replacement position, the channel information also changes; the channel information is different even if different devices are in the same location. The validity of the data frame is verified based on the channel correlation of the channel information, the method has the advantages of low calculation complexity and high data authentication accuracy, is suitable for a real-time edge calculation application scene of massive data of a large-scale terminal, can quickly verify the validity of a data packet, and can improve the safety of system authentication data.
As shown in fig. 3, the data transmission authentication system based on edge calculation and channel correlation includes an edge calculation server and a terminal device connected to the edge calculation server through a network;
the terminal equipment is used for interacting with the edge computing server to realize data transmission to the edge computing server;
and the edge calculation server is used for interacting with the terminal equipment, finishing initial data packet authentication with the terminal equipment based on upper layer authentication, determining a correlation coefficient threshold value, and verifying the validity of continuous data packets by realizing physical layer channel authentication based on channel correlation.
Wherein the edge computing server comprises:
the initial authentication establishing and authenticating module is used for performing upper-layer authentication on an initial data packet when receiving data from the terminal equipment, extracting corresponding channel information as a reference of the data packet authentication, and determining a correlation coefficient threshold value;
the channel correlation calculation module is used for extracting the channel information of the current data frame and calculating the channel correlation of the channel information corresponding to the legal data packet of the previous frame when receiving the new continuous data frame;
the data frame validity judging module is used for checking the validity of the continuous data frames through a binary hypothesis: judging whether the channel correlation of the current data frame is greater than a correlation coefficient threshold judgment threshold value, judging that the current data frame is legal, receiving the data frame, replacing old reference channel information with the channel information of the current data frame, and continuing to authenticate the next frame data; and judging that the current data frame is illegal when the channel correlation of the current data frame is smaller than the correlation coefficient threshold judgment threshold, discarding the data frame, and performing initial authentication again.
In conclusion, the method is simple and flexible, does not depend on a third-party authentication mechanism, solves the problem of initially setting the judgment threshold value, and can resist common attacks such as replay, impersonation, eavesdropping, tampering and the like; the edge computing server extracts the channel information when receiving the signals, verifies the legality of the data frame based on the relevance of the channel information, solves the real-time application problem in the edge computing scene of massive data of a large-scale terminal, has the advantages of low computing complexity and high data authentication accuracy, and improves the security of system authentication data.
Finally, it is to be understood that the foregoing is illustrative of the preferred embodiments of the present invention and is not to be construed as limited to the forms disclosed herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein and other features and advantages disclosed herein as well as those skilled in the relevant art and equivalents thereof. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (6)

1. The data transmission authentication method based on edge calculation and channel correlation is characterized in that: the method comprises the following steps:
s1, initial authentication: when the terminal node and the edge calculation server carry out data transmission, the edge calculation server carries out upper layer authentication on an initial data packet, extracts corresponding channel information as reference channel information of the data packet authentication, and determines a correlation coefficient threshold value at the same time;
s2, calculating the channel correlation of the channel information: when the edge computing server receives a new continuous data frame, extracting the channel information of the current data frame and computing the channel correlation coefficient of the channel information corresponding to the previous frame data packet;
s3, judging the validity of the continuous data frames: the validity of successive data frames is checked by means of a binary hypothesis:
if the channel correlation of the current data frame is greater than the correlation coefficient threshold value, the current data frame is legal, the edge calculation server receives the data frame, replaces old reference channel information with the channel information of the current data frame, and returns to the step S2 to perform channel correlation calculation on the next frame data packet;
if the channel correlation of the current data frame is smaller than the correlation coefficient threshold value and the current data frame is illegal, the edge calculation server discards the data frame and returns to the step S1 to perform the initial authentication again.
2. The data transmission authentication method based on edge calculation and channel correlation according to claim 1, wherein: the step S1 includes the following sub-steps:
s101, when the terminal node transmits data with the edge computing server, the edge computing server performs upper layer authentication on the previous 2 frame data packets:
if the authentication fails, directly discarding the previous two frames of data packets, returning to the step S101, and taking the next frame of data packet as the 1 st frame of data packet to continue the upper layer authentication;
if the continuous 2 frame data packets are successfully authenticated, the edge server receives the 2 frame data packets, and extracts corresponding channel information according to the received signal waveform
Figure FDA0002362761260000011
And
Figure FDA0002362761260000012
wherein the content of the first and second substances,
Figure FDA0002362761260000013
representing channel information from the terminal node to the edge calculation server extracted from the signal waveform of the 1 st frame data packet;
Figure FDA0002362761260000014
indicating channel information of the terminal node to the edge calculation server extracted from the signal waveform of the 2 nd frame data packet,
Figure FDA0002362761260000015
and
Figure FDA0002362761260000016
a plurality of matrixes which are m rows and 1 column;
s102, calculating an initial channel correlation coefficient rho:
Figure FDA0002362761260000017
wherein the content of the first and second substances,
Figure FDA0002362761260000018
is composed of
Figure FDA0002362761260000019
And
Figure FDA00023627612600000110
the covariance of (a) of (b),
Figure FDA00023627612600000111
is composed of
Figure FDA00023627612600000112
The variance of (a) is determined,
Figure FDA00023627612600000113
is composed of
Figure FDA00023627612600000114
The variance of (a) is determined,
Figure FDA00023627612600000115
is composed of
Figure FDA00023627612600000116
And
Figure FDA00023627612600000117
the correlation coefficient of (a), is a complex number,
Figure FDA00023627612600000118
presentation pair
Figure FDA00023627612600000119
Carrying out a mould taking operation;
s103, determining a threshold value of a correlation coefficient threshold, namely combining the rho with η0Making a comparison if p is less than η0Then η will be0Set as the threshold value of the authenticated correlation coefficient threshold, i.e. let η be η0If ρ is greater than η0Set ρ to be the correlation of authenticationCoefficient threshold decision threshold, i.e. let η be ρ, where η is correlation coefficient threshold decision threshold for data frame authentication, η0And (4) setting a correlation coefficient threshold value for the system initially.
3. The data transmission authentication method based on edge calculation and channel correlation according to claim 1, wherein: the method adopted by the upper layer authentication includes but is not limited to a symmetric cryptographic algorithm and an asymmetric cryptographic algorithm, and the method adopted by the channel information extraction includes but is not limited to a least square channel estimation algorithm and a minimum mean square error channel estimation algorithm.
4. The data transmission authentication method based on edge calculation and channel correlation according to claim 1, wherein: the step S2 includes the following sub-steps:
s201, when the edge computing server receives the data of the (k + 1) th frame, k is an integer not less than 2, and corresponding channel information is extracted
Figure FDA0002362761260000021
S202, calculating
Figure FDA0002362761260000022
And
Figure FDA0002362761260000023
correlation of (2)
Figure FDA0002362761260000024
Wherein the content of the first and second substances,
Figure FDA0002362761260000025
for channel information
Figure FDA0002362761260000026
And
Figure FDA0002362761260000027
the covariance of (a) of (b),
Figure FDA0002362761260000028
is composed of
Figure FDA0002362761260000029
The variance of (a) is determined,
Figure FDA00023627612600000210
is composed of
Figure FDA00023627612600000211
The variance of (a) is determined,
Figure FDA00023627612600000212
is composed of
Figure FDA00023627612600000213
And
Figure FDA00023627612600000214
the correlation coefficient of (a), is a complex number,
Figure FDA00023627612600000215
presentation pair
Figure FDA00023627612600000216
And carrying out a modulus taking operation.
5. The data transmission authentication method based on edge calculation and channel correlation as claimed in claim 4, wherein: the step S3 includes the following sub-steps:
edge compute server passing binary assumptions
Figure FDA00023627612600000217
And checking the validity of the continuous data frames, wherein η represents a threshold decision threshold of a correlation coefficient of data frame authentication:
null hypothesis
Figure FDA00023627612600000218
When rhok< η, indicating channel information
Figure FDA00023627612600000219
And
Figure FDA00023627612600000220
if the correlation is smaller than the threshold value of the correlation coefficient threshold, the (k + 1) th frame data packet is illegal, the edge calculation server discards the data frame and returns to the step S1, and the next frame data packet is used as the 1 st frame data packet to perform the initial authentication and the reference channel information extraction again;
alternative assumptions
Figure FDA00023627612600000221
When rhokWhen > η, the channel information is expressed
Figure FDA00023627612600000222
And
Figure FDA00023627612600000223
the correlation is greater than the threshold decision threshold of the correlation coefficient, i.e. the channel information
Figure FDA00023627612600000224
And
Figure FDA00023627612600000225
highly correlated, k +1 th frame data is legally wrapped, and the edge calculation server receives the data frame and then uses the new channel information
Figure FDA00023627612600000226
Replacing old reference channel information
Figure FDA00023627612600000227
The process returns to step S2 to proceed to the next stepAnd calculating the channel correlation coefficient of the frame data packet.
6. Data transmission authentication system based on edge calculation and channel correlation, characterized by: the system comprises an edge computing server and terminal equipment connected with the edge computing server through a network;
the terminal equipment is used for interacting with the edge computing server to realize data transmission to the edge computing server;
the edge computing server is used for interacting with the terminal equipment, finishing initial data packet authentication with the terminal equipment based on upper layer authentication, determining a correlation coefficient threshold value, and realizing physical layer channel authentication based on channel correlation to verify the validity of continuous data packets;
the edge computing server includes:
the initial authentication establishing and authenticating module is used for performing upper-layer authentication on an initial data packet when receiving data from the terminal equipment, extracting corresponding channel information as a reference of the data packet authentication, and determining a correlation coefficient threshold value;
the channel correlation calculation module is used for extracting the channel information of the current data frame and calculating the channel correlation of the channel information corresponding to the legal data packet of the previous frame when receiving the new continuous data frame;
the data frame validity judging module is used for checking the validity of the continuous data frames through a binary hypothesis: judging whether the channel correlation of the current data frame is greater than a correlation coefficient threshold judgment threshold value, judging that the current data frame is legal, receiving the data frame, replacing old reference channel information with the channel information of the current data frame, and continuing to authenticate the next frame data; and judging that the current data frame is illegal when the channel correlation of the current data frame is smaller than the correlation coefficient threshold judgment threshold, discarding the data frame, and performing initial authentication again.
CN201910832490.4A 2019-09-04 2019-09-04 Data transmission authentication method and system based on edge calculation and channel correlation Active CN110519291B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910832490.4A CN110519291B (en) 2019-09-04 2019-09-04 Data transmission authentication method and system based on edge calculation and channel correlation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910832490.4A CN110519291B (en) 2019-09-04 2019-09-04 Data transmission authentication method and system based on edge calculation and channel correlation

Publications (2)

Publication Number Publication Date
CN110519291A CN110519291A (en) 2019-11-29
CN110519291B true CN110519291B (en) 2020-04-03

Family

ID=68630807

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910832490.4A Active CN110519291B (en) 2019-09-04 2019-09-04 Data transmission authentication method and system based on edge calculation and channel correlation

Country Status (1)

Country Link
CN (1) CN110519291B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116647843B (en) * 2023-06-16 2024-02-09 广东省通信产业服务有限公司 Method and system for zero-trust dynamic access authentication

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102439868A (en) * 2009-03-16 2012-05-02 华为技术有限公司 Method, communication system and related equipments for data transmission
CN103650563A (en) * 2013-06-27 2014-03-19 华为技术有限公司 Interference control method and network equipment thereof
CN106160822A (en) * 2015-04-01 2016-11-23 普天信息技术有限公司 A kind of cooperative beam shaping method and base station
CN107046468A (en) * 2017-06-14 2017-08-15 电子科技大学 A kind of physical layer certification thresholding determines method and system
CN108932535A (en) * 2018-07-13 2018-12-04 南方电网科学研究院有限责任公司 A kind of edge calculations clone's node recognition methods based on machine learning

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101938837B (en) * 2009-06-30 2013-03-20 华为技术有限公司 Inter-cell interference suppression method and device
CN107872823B (en) * 2016-09-28 2020-11-13 维布络有限公司 Method and system for identifying communication operation mode in mobile edge computing environment
CN108810026B (en) * 2018-07-20 2019-05-17 电子科技大学 A kind of terminal device access authentication method and system based on edge calculations
CN109819444B (en) * 2019-01-11 2021-07-30 杭州电子科技大学 Physical layer initial authentication method and system based on wireless channel characteristics

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102439868A (en) * 2009-03-16 2012-05-02 华为技术有限公司 Method, communication system and related equipments for data transmission
CN103650563A (en) * 2013-06-27 2014-03-19 华为技术有限公司 Interference control method and network equipment thereof
CN106160822A (en) * 2015-04-01 2016-11-23 普天信息技术有限公司 A kind of cooperative beam shaping method and base station
CN107046468A (en) * 2017-06-14 2017-08-15 电子科技大学 A kind of physical layer certification thresholding determines method and system
CN108932535A (en) * 2018-07-13 2018-12-04 南方电网科学研究院有限责任公司 A kind of edge calculations clone's node recognition methods based on machine learning

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Security Enhancement for Mobile Edge Computing Through Physical Layer Authentication;RUN-FA LIAO,et al;《Web of knowledge》;20190903;全文 *

Also Published As

Publication number Publication date
CN110519291A (en) 2019-11-29

Similar Documents

Publication Publication Date Title
CN109756893B (en) Chaos mapping-based crowd sensing Internet of things anonymous user authentication method
Yu et al. SLAP-IoD: Secure and lightweight authentication protocol using physical unclonable functions for internet of drones in smart city environments
US10251058B2 (en) Cross-layer authentication method based on radio frequency fingerprint
Sun et al. On the security and improvement of a two-factor user authentication scheme in wireless sensor networks
CN112134892B (en) Service migration method in mobile edge computing environment
MXPA03003710A (en) Methods for remotely changing a communications password.
CN108810026A (en) A kind of terminal device access authentication method and system based on edge calculations
CN113873508B (en) Edge calculation bidirectional authentication method and system based on double public and private keys of user
Taher et al. Low-overhead remote user authentication protocol for IoT based on a fuzzy extractor and feature extraction
Song et al. Enhancing packet-level Wi-Fi device authentication protocol leveraging channel state information
CN113395166B (en) Edge computing-based power terminal cloud edge terminal collaborative security access authentication method
CN114143343B (en) Remote access control system, control method, terminal and medium in fog computing environment
CN114422152A (en) Industrial environment authentication method based on PUF and block chain
CN113572765B (en) Lightweight identity authentication key negotiation method for resource-limited terminal
CN110519291B (en) Data transmission authentication method and system based on edge calculation and channel correlation
CN117097489B (en) Lightweight double-factor agriculture Internet of things equipment continuous authentication method and system
CN110493256B (en) Data transmission safety authentication method and system based on edge calculation and vector projection
Li et al. A physical layer authentication mechanism for IoT devices
CN110493255B (en) Data transmission safety authentication method and system based on edge calculation and scale factor
CN114362997B (en) Data transmission method and device for intelligent equipment of transformer substation, intelligent equipment and medium
Wu et al. Efficient authentication for Internet of Things devices in information management systems
Zhang et al. Fast cross layer authentication scheme for dynamic wireless network
CN112040481B (en) Secondary authentication method based on 5G communication gateway
CN115396149A (en) Efficient authentication key exchange method based on privacy protection
CN115801277A (en) Multi-mode fusion identity authentication method and system for handheld operation and maintenance terminal considering multiple factors

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant