CN111654481A

CN111654481A - Identity authentication method, identity authentication device and storage medium

Info

Publication number: CN111654481A
Application number: CN202010447265.1A
Authority: CN
Inventors: 冯玉翔
Original assignee: South China University of Technology SCUT
Current assignee: South China University of Technology SCUT
Priority date: 2020-05-25
Filing date: 2020-05-25
Publication date: 2020-09-11
Anticipated expiration: 2040-05-25
Also published as: CN111654481B

Abstract

The invention discloses an identity authentication method, an identity authentication device and a storage medium, wherein the method comprises the following steps: sending an access request to a gateway so that the gateway can acquire and feed back a first public key of a sensor node; after receiving the first public key, acquiring a first random number, encrypting the first random number according to the first public key and transmitting the first random number to the sensor node; receiving encryption information and a second random number sent by the sensor node, acquiring a third random number and a session key according to the encryption information, determining that the first random number is equal to the third random number, judging that identity authentication is successful, and storing the session key; and encrypting the second random number according to the session key and transmitting the encrypted second random number to the sensor node. The invention improves the communication safety by establishing the bidirectional authentication; in addition, the requirements on the sensor nodes and the hardware cost are reduced, and the method can be widely applied to the technical field of the Internet of things.

Description

Identity authentication method, identity authentication device and storage medium

Technical Field

The invention relates to the technical field of Internet of things, in particular to an identity authentication method, an identity authentication device and a storage medium.

Background

For network applications of the internet of things, which involve massive equipment and data, how to ensure safe and reliable information exchange and communication, that is, how to perform identity authentication on a communication subject of the internet of things and how to perform confidential and safe transmission on data, is a current core technical problem.

Existing security protocol designs for the internet of things often revolve around the goal of guaranteeing lightweight communications and computing overhead. In some protocols, an ECC algorithm is used, which can reduce the operation overhead compared with the conventional RSA algorithm system. And a time synchronization mechanism is not needed to be used to avoid attack behaviors such as replay attack and the like a partial protocol, so that the calculation and communication expenses caused by time synchronization are avoided. Therefore, the key negotiation and establishment with low consumption and high safety are realized on the device with limited computing power and storage resources, such as an embedded device.

The existing authentication protocol is applied to the environment of the Internet of things and mainly has the following problems: 1. a time synchronization mechanism is used in the protocol design to resist replay attack and the like, namely, the time synchronization is used for judging the aging of each step of the protocol. Maintaining time synchronization between devices that are generally weak in the context of the internet of things is difficult to achieve and consumes a large amount of resources. 2. The internet of things equipment is directly used for authentication, all user information which can possibly access the internet of things equipment is required to be stored in the internet of things equipment, and the method is suitable for the condition that the number of users in small-scale internet of things application is small. However, for a general large-scale application of the internet of things, in which a large number of dynamic users are involved, it is difficult for the solution to maintain and update user information on a large number of internet of things devices deployed at different locations, and a large amount of stored user information consumes storage resources of the devices.

Disclosure of Invention

In order to solve one of the above technical problems, an object of the present invention is to provide an identity authentication method, an identity authentication device and a storage medium based on an identity authentication protocol of a trusted third party.

The technical scheme adopted by the invention is as follows:

an identity authentication method comprising the steps of:

the user terminal transmits the access request to the gateway;

the gateway acquires a first public key of a sensor node which needs to be accessed by the user terminal according to an access request, and transmits the first public key to the user terminal;

the user terminal acquires a first random number, encrypts the first random number according to the first public key and transmits the encrypted first random number to the sensor node;

the sensor node decrypts the received information to obtain the first random number, encrypts the first random number and transmits the encrypted first random number to the gateway;

the gateway decrypts the received information to obtain the first random number and a session key, and generates and transmits encrypted information to the sensor node according to the first random number and the session key;

after receiving the encrypted information, the sensor node acquires a session key according to the encrypted information, acquires a second random number, and transmits the encrypted information and the second random number to the user terminal;

the user terminal acquires a third random number and the session key according to the encryption information, determines that the first random number is equal to the third random number, judges that identity authentication is successful, stores the session key, encrypts the second random number according to the session key and transmits the second random number to the sensor node;

and the sensor node decrypts the received information to obtain a fourth random number, determines that the second random number is equal to the fourth random number, judges that the identity authentication is successful and stores the session key.

Further, the accessing request includes an identifier of the user terminal and an identifier of the sensor node, the gateway obtains a first public key of the sensor node that the user terminal needs to access according to the accessing request, and transmits the first public key to the user terminal, including:

the gateway confirms whether the user terminal has the authority of accessing the sensor node or not according to the identifier of the user terminal, and if so, the first public key is obtained according to the identifier of the sensor node;

based on a pre-stored gateway private key, a first public key is signed by adopting an elliptic curve cipher signature system, and the signed first public key is transmitted to the user terminal.

Further, the elliptic curve cryptographic signature system specifically includes:

randomly acquiring an integer k within a preset numerical range;

calculating a coordinate point V according to the integer k, and converting the X-axis coordinate of the coordinate point V into an integer;

calculating a first parameter r according to the coordinate point V after the X-axis coordinate conversion, wherein the first parameter r is not zero;

acquiring a second parameter s according to the identifier of the sensor node and the first public key, wherein the second parameter s is not zero;

splicing the first parameter r and the second parameter s to obtain a signature result;

the coordinate point V represents a point on an elliptic curve, determined by the user terminal by using the integer k, known only by the user terminal, the first parameter r represents an integer determined by using an x-axis coordinate of the coordinate point V, known only by the user terminal, and the second parameter s represents an operation result of a hash value of the content to be transmitted, namely a signature of the content to be transmitted, by using the first parameter r and a private key of the user terminal.

Further, the step of acquiring, by the user terminal, a first random number, encrypting the first random number according to the first public key, and transmitting the encrypted first random number to the sensor node includes:

the user terminal verifies the signature by using a pre-stored gateway public key, and acquires a first random number after the signature is verified correctly;

and based on the first public key, the first random number is encrypted by adopting an elliptic curve algorithm and then transmitted to the sensor node.

Further, after the first random number is encrypted by an elliptic curve algorithm, the first random number is transmitted to the sensor node, and the method comprises the following steps:

randomly acquiring an integer k within a preset numerical range;

calculating a third parameter R from the integer k₁And a fourth parameter Z, said fourth parameter Z being non-zero;

according to the third parameter R₁Acquiring a symmetric encryption key according to the fourth parameter Z, encrypting a first random number according to the symmetric encryption key, and transmitting the encrypted first random number to the sensor node;

the third parameter R _1 represents a result of hiding the integer k selected by the user terminal by elliptic curve multiplication, and the fourth parameter Z represents a secret result obtained by using the first public key and the integer k, and the secret result can be recovered by a message receiver by using a private key corresponding to the first public key.

Further, the identity authentication method further comprises a setting step, specifically:

setting elliptic curve parameters, wherein the elliptic curve parameters comprise a finite field, an elliptic curve on the finite field and a base point on the elliptic curve;

determining a key pair of the user terminal, a key pair of the gateway and a key pair of the sensor node according to the elliptic curve parameters, wherein the key pairs comprise a public key and a private key;

the user terminal stores a key pair of the user terminal, the gateway stores a key pair of the user terminal and public keys of all the sensor nodes, and the sensor nodes store a key pair of the user terminal and a gateway public key.

The other technical scheme adopted by the invention is as follows:

an identity authentication method comprising the steps of:

sending an access request to a gateway so that the gateway can acquire and feed back a first public key of a sensor node;

after receiving the first public key, acquiring a first random number, encrypting the first random number according to the first public key and transmitting the first random number to the sensor node;

receiving encryption information and a second random number sent by the sensor node, acquiring a third random number and a session key according to the encryption information, determining that the first random number is equal to the third random number, judging that identity authentication is successful, and storing the session key;

and encrypting the second random number according to the session key and transmitting the encrypted second random number to the sensor node.

The other technical scheme adopted by the invention is as follows:

an identity authentication method comprising the steps of:

receiving access information sent by a user terminal, acquiring a first random number according to the access information, encrypting the first random number and transmitting the encrypted first random number to a gateway;

receiving encrypted information sent by the gateway, acquiring a session key according to the encrypted information, acquiring a second random number, and transmitting the encrypted information and the second random number to the user terminal;

receiving authentication information sent by the user terminal, acquiring a fourth random number according to the authentication information, determining that the second random number is equal to the fourth random number, judging that identity authentication is successful, and storing the session key.

The other technical scheme adopted by the invention is as follows:

an identity authentication apparatus comprising:

at least one processor;

at least one memory for storing at least one program;

when executed by the at least one processor, cause the at least one processor to implement the method described above.

The other technical scheme adopted by the invention is as follows:

a storage medium having stored therein processor-executable instructions for performing the method as described above when executed by a processor.

The invention has the beneficial effects that: the invention improves the communication safety by establishing the bidirectional authentication; in addition, time synchronization does not need to be maintained between sensor nodes with severely limited resources, and information of the user terminal does not need to be stored on the sensor nodes, so that the requirements on the sensor nodes and the hardware cost are reduced.

Drawings

Fig. 1 is a flowchart illustrating steps of an identity authentication method according to an embodiment.

Detailed Description

Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.

In the description of the present invention, it should be understood that the orientation or positional relationship referred to in the description of the orientation, such as the upper, lower, front, rear, left, right, etc., is based on the orientation or positional relationship shown in the drawings, and is only for convenience of description and simplification of description, and does not indicate or imply that the device or element referred to must have a specific orientation, be constructed and operated in a specific orientation, and thus, should not be construed as limiting the present invention.

In the description of the present invention, the meaning of a plurality of means is one or more, the meaning of a plurality of means is two or more, and larger, smaller, larger, etc. are understood as excluding the number, and larger, smaller, inner, etc. are understood as including the number. If the first and second are described for the purpose of distinguishing technical features, they are not to be understood as indicating or implying relative importance or implicitly indicating the number of technical features indicated or implicitly indicating the precedence of the technical features indicated.

In the description of the present invention, unless otherwise explicitly limited, terms such as arrangement, installation, connection and the like should be understood in a broad sense, and those skilled in the art can reasonably determine the specific meanings of the above terms in the present invention in combination with the specific contents of the technical solutions.

The authentication protocol provided by this embodiment introduces a network model including three roles of a user (i.e., a user terminal, which logs in and accesses a sensor node through an intelligent terminal), a sensor and other internet of things devices (i.e., a sensor node), and an internet of things gateway. Wherein the user is an entity (including but not limited to a mobile phone, a computer, a tablet, etc.) accessing data in the application of the internet of things; the devices such as the sensors are common internet of things devices (such as intelligent water meters, intelligent electric meters and the like, temperature sensors and the like) with limited resources, and the internet of things gateway is responsible for managing all the internet of things devices in one domain, generally, the devices have strong performance and electric power. In practical application, in consideration of the transmission capability of the internet of things device, such gateway devices are commonly used in system networking.

The authentication protocol is in two stages, and the setting stage of the protocol can be entered in the deployment stage of the application of the Internet of things. After deployment is completed, in specific use, if a user needs to access data in the internet of things equipment, an authentication phase is started. The specific schemes of the two stages are described below.

First, set up stage

In the setup phase, operators are required to set up reasonable elliptic curve parameters and distribute them to sensors, gateways and users. The parameters comprise a finite field, an elliptic curve on the finite field, a base point on the elliptic curve and the like.

Thereafter, each user, as well as the gateway and the device, determines its own key pair. Namely, the parameters of the elliptic curve are utilized to generate respective public key and private key; that is, a secret key d ∈ R [1, n-1] is randomly selected, and a secret key pair { Q, d } is generated by calculating a public key Q ═ d × P from the secret key. Wherein, P is the base point, and n is the order of the elliptic curve of P.

After the key pair is generated, each sensor node needs to store its own key pair and the public key of the gateway. The gateway needs to store its own key pair and the public keys of all sensor nodes. The user needs to register with the gateway through the security means of the entity after generating its own key pair. After registration, the gateway owns the public key of the user, and the user owns the public key of the gateway.

Second, authentication phase

After the user connects to the sensor to be accessed, the protocol of the authentication phase is initiated. In this phase, the gateway acts as a trusted third party participating in the mutual authentication and key agreement process between the user and the sensor. After the successful completion of the stage, the user and the sensor can respectively authenticate the identity of the other party with the help of the gateway and carry out later secret communication by utilizing the session key generated in the protocol.

The detailed protocol flow is shown in fig. 1:

step 1: the first step of the protocol is for the user to send to the gateway: an identifier of itself and an identifier of the device to be accessed, i.e. a request for a device access to the gateway.

User → gateway: ID_i||SID_j

Step 2: after the gateway searches the access right control of the gateway, the gateway confirms that the user corresponding to the user identifier really has the right to access the equipment. The gateway sends the equipment SID_jCorresponding public key Q_jAnd sending the public key to the user, and ensuring the validity of the public key by signing the public key of the device by using the private key of the gateway. The signature process can adopt an elliptic curve cryptographic signature system:

the gateway randomly selects an integer k such that: k belongs to R1, n-1, n is the order of initial parameter P of the elliptic curve.

After calculating V ═ kP, the X-axis coordinate of the V point is converted to an integer:

where V is a point on the user-only known elliptic curve uniquely determined by the user using his randomly selected integer k, and P is the base point.

Computing

If the calculation result r is 0, the original operation must be returned, and the operation must be repeated after another k is selected until r is not 0. Wherein r is the result of the modulo of the x-axis coordinate of the V point to n.

For SID_j||Q_jHash processing is carried out to obtain e ═ H (SID)_j||Q_j)。

Calculating s ═ e + r × d_GWN)×k^-1mod n. And ensures that S is not equal to 0, otherwise returns to the original operation to reselect k.

And splicing the calculation results r and s to obtain a signature result of the gateway, and sending the signature result to the user.

Gateway → user: ID_j||Q_j||signature_GWN(SID_j||Q_j)

And step 3: after receiving the information, the user firstly verifies the validity of the signature by using the public key of the gateway. The verification process is the reverse operation of step 2. If the signature is verified to be correct, the user encrypts N with the obtained device public key in an elliptic curve algorithm_i||ID_iWherein N is_iIs a first random number, ID_iThe specific encryption steps for the user identifier are as follows:

the user randomly selects a k such that: k is an element of R1, n-1.

Calculation of R₁K × P and Z h × k × Q_jAnd ensures that the result Z is not equal to ∞, otherwise k is reselected. Wherein R is₁Represents the result of hiding the user-selected random number k using elliptic curve multiplication and Z represents a secret result using the first public key and the user-selected random number k. The result can be recovered by the message receiver by using the private key corresponding to the first public key. h represents an initial integer, Q, shared by all participants preset in the setup phase_jIs the device public key (i.e., the first public key).

By using (x)_Z,R₁) Generating a symmetric encrypted key symkey, x_ZIs the X-axis coordinate of the above operation result Z. N may then be encrypted using a symmetric encryption algorithm, such as AES or the like_i||ID_i. I.e. C₁＝ENC_symkey(N_i||ID_i)。

Will { R₁||C₁And combining the information into encrypted information and sending the encrypted information to the sensor.

User → sensor

And 4, step 4: after receiving the information, the device decrypts by using the private key of the device and the inverse operation of the step 3. Decrypt to produce N_iThereafter, N is encrypted using the encryption process of step 3 and the public key of the gateway_iAnd sent to the gateway.

Sensor → gateway

And 5: the gateway decrypts the received data, and performs the following operations after decryption without errors:

finding out public key Q corresponding to user_iGenerating signature by using the signature mode of the step 2_GWN(ID_i||Q_i) Randomly selecting an integer K_sAs the next session key between the user and the device.

Generating a signature_GWN(ID_i||SID_j||N_i||K_s)；

Generating encrypted information using a public key of a sensor

The results are sent to the sensor.

Gateway → sensor: ID_i||Q_i||signature_GWN(ID_i||Q_i)

Step 6: after receiving the information of step 5, the device first verifies whether the content is valid. If it is valid, a random number N is selected_jAnd the last part of the information is compared with N_jAnd the encrypted public key of the user is used together for encryption and then is sent to the user.

Device → user

And 7: the user receives the message and decrypts to obtain N'_iAnd verifying whether N is selected from N itself before_iAre equal. If equal, K in the message is acknowledged_sIs a session key and uses its symmetric encryption N_jAnd then sent to the device.

User → device

Judging N 'after user receives'_jWhether or not to react with N_jAre equal. If equal, K in the message is acknowledged_sIs a session key.

After the protocol is finished, the mutual authentication between the user and the equipment is realized, and the session key K in the subsequent communication is obtained_s。

By the identity authentication method, bidirectional authentication and safe communication can be established for the equipment access process in the Internet of things with high safety. Meanwhile, the embodiment does not need to maintain time synchronization among devices with severely limited resources, and does not need to store user information on the devices, thereby avoiding the overhead of the devices, and also not needing to frequently configure and modify the devices after system deployment.

The embodiment also provides an identity authentication method, which comprises the following steps:

sending an access request to the gateway so that the gateway can acquire and feed back the first public key of the sensor node;

receiving encrypted information and a second random number sent by a sensor node, acquiring a third random number and a session key according to the encrypted information, determining that the first random number is equal to the third random number, judging that identity authentication is successful, and storing the session key;

and encrypting the second random number according to the session key and transmitting the second random number to the sensor node.

The method of the embodiment is mainly executed by a user terminal, the user terminal firstly sends an access request to a gateway when needing to access the sensor node, and the gateway stores public keys of all the accessed sensor nodes, and sends the public keys (namely, the first public key) of the corresponding sensor nodes to the user terminal after searching and obtaining the public keys. And after the user terminal receives the first public key, sending information to the corresponding sensor node according to the first public key so that the sensor node sends the session key to the user terminal. And when the user terminal receives the information sent by the sensor node and verifies that the first random number is equal to the third random number, the user terminal passes the identity authentication, stores the session key and uses the session key in subsequent communication with the sensor node. The encrypted information includes a public key of the user terminal.

receiving access information sent by a user terminal, acquiring a first random number according to the access information, and performing processing on the first random number

Transmitting the encrypted data to a gateway;

receiving the encrypted information sent by the gateway, acquiring a session key according to the encrypted information, acquiring a second random number, and encrypting

Transmitting the information and the second random number to the user terminal;

and receiving authentication information sent by the user terminal, acquiring a fourth random number according to the authentication information, determining that the second random number is equal to the fourth random number, judging that the identity authentication is successful, and storing the session key.

The method of the embodiment is mainly executed by a sensor node, wherein after receiving access information sent by a user terminal, the sensor node decrypts the access information to obtain a first random number, sends the first random number to a gateway to obtain a session key from the gateway, and sends the session key and a second random number generated by the sensor node to the user terminal. And when the user terminal sends back authentication information, checking whether the second random number is equal to the fourth random number, if so, indicating that the identity authentication is passed, storing the session key by the sensor node, and using the session key in subsequent communication with the user terminal. The encrypted information includes a public key of the user terminal. In this embodiment, the sensor node does not need to record the relevant information of the user terminal, so that the requirement of the sensor node is reduced, and when the sensor node needs to be laid out in a large number, the cost of the sensor node is greatly reduced.

This embodiment also provides an identity authentication device, includes:

at least one processor;

at least one memory for storing at least one program;

when the at least one program is executed by the at least one processor, the at least one processor is caused to perform the above-described method.

The identity authentication device of the embodiment can execute the identity authentication method provided by the embodiment of the method of the invention, can execute any combination of the implementation steps of the embodiment of the method, and has corresponding functions and beneficial effects of the method.

The present embodiments also provide a storage medium having stored therein processor-executable instructions for performing the method as described above when executed by a processor.

The storage medium of this embodiment may execute the identity authentication method provided in the method embodiment of the present invention, may execute any combination of the implementation steps of the method embodiment, and has corresponding functions and beneficial effects of the method.

It will be understood that all or some of the steps, systems of methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as is well known to those of ordinary skill in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can accessed by a computer. In addition, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media as known to those skilled in the art.

The embodiments of the present invention have been described in detail with reference to the accompanying drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.

Claims

1. An identity authentication method, comprising the steps of:

the user terminal transmits the access request to the gateway;

2. The identity authentication method according to claim 1, wherein the access request includes an identifier of the user terminal and an identifier of the sensor node, the gateway obtains a first public key of the sensor node that the user terminal needs to access according to the access request, and transmits the first public key to the user terminal, including:

3. The identity authentication method according to claim 2, wherein the elliptic curve cryptographic signature system specifically comprises:

randomly acquiring an integer k within a preset numerical range;

4. An identity authentication method according to claim 2, wherein the user terminal obtains the first random number,

encrypting the first random number according to the first public key and transmitting the encrypted first random number to the sensor node, wherein the encrypting comprises the following steps:

5. The identity authentication method of claim 4, wherein the encrypting the first random number by an elliptic curve algorithm based on the first public key and then transmitting the encrypted first random number to the sensor node comprises:

randomly acquiring an integer k within a preset numerical range;

wherein the third parameter R₁The result representing that the integer k selected by the user terminal is hidden by elliptic curve multiplication, and the fourth parameter Z representing a secret result obtained by using the first public key and the integer k, which can be recovered by the message receiver by using the private key corresponding to the first public key.

6. The identity authentication method according to claim 1, further comprising a setting step, specifically:

7. An identity authentication method, comprising the steps of:

8. An identity authentication method, comprising the steps of:

9. An identity authentication apparatus, comprising:

at least one processor;

at least one memory for storing at least one program;

when executed by the at least one processor, cause the at least one processor to implement an identity authentication method as claimed in any one of claims 1 to 8.

10. A storage medium having stored therein processor-executable instructions, which when executed by a processor, are configured to perform the method of any one of claims 1-8.