CN114500070A - MQTT protocol secure communication method based on secret sharing algorithm - Google Patents

MQTT protocol secure communication method based on secret sharing algorithm Download PDF

Info

Publication number
CN114500070A
CN114500070A CN202210123700.4A CN202210123700A CN114500070A CN 114500070 A CN114500070 A CN 114500070A CN 202210123700 A CN202210123700 A CN 202210123700A CN 114500070 A CN114500070 A CN 114500070A
Authority
CN
China
Prior art keywords
cert
topic
user
agent
devices
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210123700.4A
Other languages
Chinese (zh)
Other versions
CN114500070B (en
Inventor
李庆铁
熊迎军
李靖
任守纲
李延斌
顾兴健
邵天岳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Lanchang Automation Technology Co ltd
Original Assignee
Shanghai Lanchang Automation Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Lanchang Automation Technology Co ltd filed Critical Shanghai Lanchang Automation Technology Co ltd
Priority to CN202210123700.4A priority Critical patent/CN114500070B/en
Publication of CN114500070A publication Critical patent/CN114500070A/en
Application granted granted Critical
Publication of CN114500070B publication Critical patent/CN114500070B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a secret sharing algorithm-based MQTT protocol secure communication method, which is used for completing one-to-many group authentication by utilizing a secret sharing-based threshold encryption algorithm aiming at a scene that one user and a plurality of devices of the MQTT protocol communicate through the same subject in the MQTT, so that the devices are safely accessed, and finally, sent messages are encrypted to realize the secure communication between the user and the devices. The method comprises the steps of firstly carrying out one-to-one authentication on a user and an agent, then completing group authentication of a plurality of devices and the agent by utilizing secret sharing, binding the authenticated user, the plurality of devices and a common theme to establish a secure channel, and finally carrying out key agreement among the user, the devices and the theme to complete encryption of transmitted information so as to complete secure communication of an MQTT protocol. The method can be suitable for one-to-many secure communication scenes in the MQTT protocol.

Description

MQTT protocol secure communication method based on secret sharing algorithm
Technical Field
The invention relates to the technical field of computer security, in particular to a secure communication method of an MQTT protocol based on a secret sharing algorithm.
Background
Among the communication protocols of the internet of things, MQTT (message queue telemetry transport) protocol is the most popular. Its design goal is to provide a lightweight and easy-to-use communication protocol for the internet of things, so that only a few security mechanisms per se are explicitly specified, and it lacks basic security-related functions such as access control, mutual authentication, and control message security. To solve these problems, the current MQTT data transmission process can use encrypted TLS protocol to protect the communication channel between the client and the proxy, which has several problems: (1) access login control cannot be provided, such as security access control for agents and fine-grained themes in agents; (2) the TLS has a large calculation load, which results in low efficiency and is not suitable for information security transmission in a large number of devices, such as a one-to-many scenario.
Aiming at the defects of the existing security protection, the security of the MQTT protocol can be improved by the fine-grained security authentication of related subjects, and meanwhile, the group authentication based on the secret sharing algorithm is applied to the one-to-many scene under the MQTT protocol, so that the efficiency of the security authentication can be improved.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a group authentication strategy, which can improve the safety authentication efficiency under one-to-many scenes of the MQTT protocol to a certain extent. And after the security authentication, carrying out key agreement to encrypt the sent message, and completing the one-to-many information security transmission from the user to the multi-device.
The purpose of the invention is realized by the following technical scheme.
A secret sharing algorithm-based MQTT protocol secure communication method comprises the following steps:
step 1: issuing certificates for users, equipment, agents and subjects and completing registration;
step 2: using a lightweight certificate-based authentication algorithm to complete the secure access of a user;
and step 3: the method comprises the steps that a threshold encryption algorithm based on secret sharing is used for completing the safe access authentication of a plurality of Internet of things devices, and a safe communication channel is established for a user and a plurality of devices which are authenticated to be legal;
and 4, step 4: secure encryption of messages sent between a user and a plurality of devices is accomplished using a certificate-based key agreement algorithm.
Further, step 1 specifically includes:
step 1-1: in the initialization stage, a third party Certification Authority (CA) generates certificates for users, equipment, agents and subjects;
step 1-2: the third party certifies and authorizes the calculation public key, and distributes the public key to the user, the equipment, the agent and the subject together with the certificate;
step 1-3: a user, a plurality of devices, and an agent register.
Further, the step 1-1 specifically comprises: inputting ID serial number X of user, equipment and agent to generate RX=rXG, wherein rX∈R[1,n-1]G is a generator; third party authentication authorization selection rCA∈R[1,n-1]Generating RCA=rCAG, final calculation output CertX=RX+RCA(ii) a Inputting ID number of subjecttThird party certificate authority calculation Certt (l)=rt (1)·G+rCA (1)·G=Rt (l)+RCA (1)Wherein Certt (l)As a certificate of the ith topic, rt (1)∈R[1,n-1],rCA (1)∈R[1,n-1](ii) a Then, the third party certifies and authorizes the computation of the private key d of the ith subjectt (l)=wt (l)+rt (l)·H(Certt (l)||Topict) Wherein w ist (l)=dCA+rt (l)·H(Certt (l)||Topict) (ii) a The calculation output result of this step is (d)t (l),Certt (l))。
Further, the step 1-2 is specifically: third party authentication authorization calculation DX=DCA+CertX·H(CertX| X), wherein DCAPublic keys for authentication and authorization of third parties, DXComputing d for the public key of the user, device and agent, followed by a third party certificate authorityX=wX+rX·H(CertX| X), wherein dXIs a private key of the user, device and agent, wX=dCA+rCA·H(CertX| X), and finally, the third party certifies the authorization to send [ d |)X,CertX,DCA]To users, devices and agents.
Further, the steps 1 to 3 are specifically as follows: subject certificate along with InfoB=(B、IPB、PortB、CertB) Safely deliver to X ═ Pi/Sj) Wherein IPBAnd PortBRespectively representing the IP address and port number of the proxy, and changing ACL to { ACLt|TopictE.g. T } to the agent, wherein ACLt={Topict,P(Topict),S(Topict) For each Topic }tE.g. T, send [ Topict,Certt (l),InfoB]Giving user X ∈ P (Topic)t) Sending [ Topic ]t,dt (l),InfoB]Giving the device S ∈ S (Topic)t)。
Further, step 2 specifically includes:
step 2-1: derivation of session key:
generation of session key SKXTo be at user PiAnd the agent, and the user and the agent respectively provide { [ d { [X,CertX,DCA],[Topict,Certt (l),InfoB]And { [ d ]B,CertB,DCA]ACL }, SK is calculatedX=kdf(dX·DB||TSX)=kdf(dB·DX||TSX);
Step 2-2: one-to-one identity authentication is performed between a user and an agent:
the user will be (X, Cert)X,TSX,...,MIC(SKX) "represents the original message field of a standard connection control message, MIC (SK)X) Indicating the use of SKXMessage integrity codes, TS, calculated for all preceding fields in a messageXA timestamp of X; when the proxy receives it, it also obtains the session key SKXAnd verifies TSXWhether fresh value and MIC (SK)X) Whether it is valid; if the verification is successful, the session state of X will be created at the proxy and the proxy will use MIC (SK)X) Responding to the protected connect control message; finally, X successfully verifies the MIC (SK) of the returned responseX) And the two parties finish one-to-one identity authentication.
Further, step 3 specifically comprises:
step 3-1: the generation phase of Token:
assume a total of n devices, i.e., group members Un={Ui1, 2.. n.the agent generates a secret share in (t, n) threshold secret sharing for each device as its Token, and first, the agent randomly selects two large prime numbers p and q to satisfy p>q+nq2Agent at FpRandomly selecting t-1 value ai,i=1,2,3,...,t-1,at-1Not equal to 0 and in FpUpper selection a0As a secret s, a random polynomial f (x) of degree t-1 is generated0+a1x+a2x2+...+at-1xt-1(modp) where group secret s ═ a0F (0), then the proxy uses device member UiPublic identity information x of (1, 2.. multidot.n)iCalculating f (x)i) And calculating the result f (x) through a secure channeli) Secret is sent to UiAs its Token Ti=f(xi) Finally, the agent calculates the one-way hash value Hash(s) of the secret s and broadcasts the one-way hash value Hash(s) to all the devices;
step 3-2: a random component construction stage:
suppose that m group members participate in the verification, Uim={UijI 1 ≦ j ≦ m } due to the need for authentication in this scenario, let m ≦ n, i.e., it is necessary to verify whether m devices belong to the same group as each other, and any participant U thereinij(public identity is x)ij(ii) a ) By passing through at FqUp generating a random number riAnd calculate
Figure BDA0003499428310000031
To construct a random number;
step 3-3: a verification stage:
each participant exchanges the random component with other participants through the private channel, when receiving the random components of all participants, namely Cij={CijAfter 1,2, ·, m |, U ═ j ═ U ·ijComputing
Figure BDA0003499428310000032
If Hash (s') ═ Hash(s), it indicates that all participants belong to the same group; otherwise, it can be concluded that at least one illegal participant exists among the participants. At this point, group authentication of a plurality of devices is completed.
Further, step 4 specifically includes:
step 4-1: derivation of subject key:
for one user Pi∈P(Topict) And a set of devices S ∈ S (Topic)t) Between defines a subject key, user P, for end-to-end securityiHold { [ d ]i,Certi,DCA],[Topict,Certt (l)]A plurality of devices S hold { [ d ]i,Certi,DCA],[Topict,dt (l)]}, according to elliptic curve Diffie-Hellman key Exchange (ECDH) key protocol, calculating TotictSubject key of (2): kit (l)=kdf(di·Dt (l))=kdf(dt (l)·Di) Wherein D ist (l)=DCA+Certt·H(Certt||Totict),Di=DCA+Certi·H(Certi||Pi);
Step 4-2: and a key negotiation stage:
user sending control message (tic)tSecure message, … …, MIC (SK)i) Wherein the secure message contains [ P ]i,Certi,TSi(message) Kit (l),MIC(Kit (l))]Upon receipt of a control message, the proxy first bases on ACLt=(Topict,P(Topict),S(Topict) And validate MIC (SK)i) If both items are verified successfully, the agent will store the safe message until S (Topic)t) The device in (1) requests a secure message, and the agent then sends a control message to (S)j∈S(Topict) Checking MIC (SK)j) Then, S (Topic)t) In each device using dt (l)And DiObtaining a subject key Kit (l)Based on which MIC (K) can be verifiedit (l)) And obtains the validity of user P thereiniThe content of the message sent.
Compared with the prior art, the invention has the advantages that: 1. the invention uses the threshold encryption algorithm based on secret sharing, can complete the security access proxy authentication of a plurality of Internet of things devices at one time, improves the authentication efficiency and lays a foundation for realizing one-to-many security communication.
2. The invention uses the lightweight key negotiation algorithm based on the certificate aiming at the theme in the agent, provides finer-grained encryption protection for the information transmitted by the MQTT protocol, reduces the complexity and the load of operation in the encryption process and improves the communication efficiency.
Drawings
FIG. 1 is a flow chart of a one-to-many information secure transmission method of an MQTT protocol based on a secret sharing algorithm, which is disclosed by the invention;
fig. 2 is a one-to-many secure communication scenario of the MQTT protocol applied by the present invention.
Detailed Description
The invention is described in detail below with reference to the drawings and specific examples.
A secret sharing algorithm-based MQTT protocol one-to-many secure communication method comprises the following steps:
step 1: third party Certification Authorities (CAs) generate certificates for users, devices, agents, and subjects.
Step 1-1: inputting ID serial numbers X of users, devices and agents to generate RX=rXG, wherein rX∈R[1,n-1]And G is a generator. CA selection of rCA∈R[1,n-1]Generating RCA=rCAG, final calculation output CertX=RX+RCA
Entering Topic ID Serial number TopictCA calculation of Certt (l)=rt (1)·G+rCA (1)·G=Rt (l)+RCA (1)Wherein Certt (l)As a certificate of the ith topic, rt (1)∈R[1,n-1],rCA (1)∈R[1,n-1]. Next, the CA calculates the private key d of the ith topict (l)=wt (l)+rt (l)·H(Certt (l)||Topict) Wherein w ist (l)=dCA+rt (l)·H(Certt (l)||Topict). The calculation output result of this step is (d)t (l),Certt (l))。
Step 1-2: CA calculation DX=DCA+CertX·H(CertX| X), wherein DCAIs the public key of CA, DXPublic keys for users, devices and agents. Then, CA calculates dX=wX+rX·H(CertX| X), wherein dXIs a private key of the user, device and agent, wX=dCA+rCA·H(CertX| X). Finally, the CA sends [ d ]X,CertX,DCA]To users, devices and agents.
Step 1-3: subject matter certificate is connected withInfoB=(B、IPB、PortB、CertB) Safely deliver to X ═ Pi/Sj) Wherein IPBAnd PortBRespectively representing the IP address and port number of the agent. Converting ACL to { ACLt|TopictE.g. T } to the agent, wherein ACLt={Topict,P(Topict),S(Topict)}. For each TopictE.g. T, send [ Topict,Certt (l),InfoB]Giving X ∈ P (Topic) to usert) Sending [ Topic ]t,dt (l),InfoB]Giving the device S ∈ S (Topic)t)。
The step 2 specifically comprises the following steps:
step 2-1: in the key derivation phase, a session key SK is generatedXTo be at user PiAnd the agent, and the user and the agent respectively provide { [ d { [X,CertX,DCA],[Topict,Certt (l),InfoB]And { [ d ]B,CertB,DCA]ACL }, SK is calculatedX=kdf(dX·DB||TSX)=kdf(dB·DX||TSX)。
Step 2-2: in the authentication phase, the user will be (X, Cert)X,TSX,...,MIC(SKX) "represents the original message field of a standard connection control message, MIC (SK)X) Indicating the use of SKXMessage integrity codes, TS, calculated for all preceding fields in a messageXTime stamp of X. When the proxy receives it, it also obtains the session key SKXAnd verifies TSXWhether fresh value and MIC (SK)X) Whether it is valid. If the verification is successful, the session state of X will be created at the proxy and the proxy will use MIC (SK)X) The protected connect control message responds. Finally, X successfully verifies the MIC (SK) of the returned responseX) And the two parties finish one-to-one identity authentication.
The step 3 specifically comprises the following steps:
step 3-1:in the Token generation phase, a total of n devices, i.e., group members U, are assumedn={Ui1, 2.. times.n.the agent generates a secret share in a (t, n) threshold secret share for each device as its Token. Firstly, the agent randomly selects two large prime numbers p and q to satisfy p>q+nq2. Agent at FpRandomly selecting t-1 value ai,i=1,2,3,...,t-1,at-1Not equal to 0 and in FpUpper selection a0As a secret s, a random polynomial f (x) of degree t-1 is generated0+a1x+a2x2+...+at-1xt-1(modp) where group secret s ═ a0F (0). Next, the proxy uses the device member UiPublic identity information x of (1, 2.. multidot.n)iCalculating f (x)i) And calculating the result f (x) through a secure channeli) Secret is sent to UiAs its Token Ti=f(xi). Finally, the proxy computes a one-way hash value hash(s) of the secret s and publishes it to each participating device.
Step 3-2: in the random component construction phase, assuming that m group members participate in the verification, Uim={UijI 1 ≦ j ≦ m } because of the need for authentication in this scenario, let m equal to n. I.e. it needs to verify whether m devices belong to the same group, any participant U thereinij(public identity is x)ij(ii) a ) By passing through at FqUp generating a random number riAnd calculate
Figure BDA0003499428310000051
To construct a random number.
Step 3-3: in the authentication phase, each participant exchanges a random component with other participants over a private channel. When random components of all participants are received, i.e. Cij={CijAfter 1,2, ·, m |, U ═ j ═ U ·ijComputing
Figure BDA0003499428310000052
If Hash (s') ═ Hash(s), it indicates that all participants belong to the same group; otherwise, it can be concluded that at least one illegal participant exists among the participants. To this endGroup authentication of a plurality of devices is completed.
The step 4 specifically comprises the following steps:
step 4-1: for one user Pi∈P(Topict) And a set of devices S ∈ S (Topic)t) The end-to-end security between them defines a subject key. User PiHold { [ d ]i,Certi,DCA],[Topict,Certt (l)]A plurality of devices S hold { [ d ]i,Certi,DCA],[Topict,dt (l)]}, according to elliptic curve Diffie-Hellman key Exchange (ECDH) key protocol, calculating TotictSubject key of (1): kit (l)=kdf(di·Dt (l))=kdf(dt (l)·Di) Wherein D ist (l)=DCA+Certt·H(Certt||Totict),Di=DCA+Certi·H(Certi||Pi)。
Step 4-2: user sending control message (tic)tSecure message, … …, MIC (SK)i) Wherein the secure message contains [ P ]i,Certi,TSi(message) Kit (l),MIC(Kit (l))]. Upon receipt of a control message, the proxy first bases on the ACLt=(Topict,P(Topict),S(Topict) And validate MIC (SK)i) Whether it is valid or not. If both items are successfully verified, the agent will store the secure message until S (Topic)t) The device in (1) requests a secure message. Next, the agent sends a control message to Sj∈S(Topict). Check MIC (SK)j) Then, S (Topic)t) In each device using dt (l)And DiObtaining a subject key Kit (l)Based on which MIC (K) can be verifiedit (l)) And obtains the validity of user P thereiniThe content of the message sent.

Claims (8)

1. An MQTT protocol secure communication method based on secret sharing algorithm is characterized by comprising the following steps:
step 1: issuing certificates for users, equipment, agents and subjects and completing registration;
step 2: using a lightweight certificate-based authentication algorithm to complete the secure access of the user;
and step 3: the method comprises the steps that a threshold encryption algorithm based on secret sharing is used for completing the safe access authentication of a plurality of Internet of things devices, and a safe communication channel is established for a user and a plurality of devices which are authenticated to be legal;
and 4, step 4: secure encryption of messages sent between a user and a plurality of devices is accomplished using a certificate-based key agreement algorithm.
2. The MQTT protocol secure communication method based on secret sharing algorithm according to claim 1, wherein step 1 specifically includes:
step 1-1: in the initialization stage, a third party Certification Authority (CA) generates certificates for users, equipment, agents and subjects;
step 1-2: the third party certifies and authorizes the calculation public key, and distributes the public key to the user, the equipment, the agent and the subject together with the certificate;
step 1-3: a user, a plurality of devices, and an agent register.
3. The MQTT protocol secure communication method based on the secret sharing algorithm according to claim 2, wherein the step 1-1 specifically comprises the following steps: inputting ID serial number X of user, equipment and agent to generate RX=rXG, wherein rX∈R[1,n-1]G is a generator; third party authentication authorization selection rCA∈R[1,n-1]Generating RCA=rCAG, final calculation output CertX=RX+RCA(ii) a Entering Topic ID Serial number TopictThird party certificate authority calculation Certt (l)=rt (1)·G+rCA (1)·G=Rt (l)+RCA (1)Wherein Certt (l)As the first themeCertificate of rt (1)∈R[1,n-1],rCA (1)∈R[1,n-1](ii) a Then, the third party certifies and authorizes the computation of the private key d of the ith subjectt (l)=wt (l)+rt (l)·H(Certt (l)||Topict) Wherein w ist (l)=dCA+rt (l)·H(Certt (l)||Topict) (ii) a The calculation output result of this step is (d)t (l),Certt (l))。
4. The MQTT protocol secure communication method based on the secret sharing algorithm according to claim 3, wherein the steps 1-2 are specifically as follows: third party authentication authorization calculation DX=DCA+CertX·H(CertX| X), wherein DCAPublic keys for authentication and authorization of third parties, DXComputing d for public key of user, equipment and agent, and third party authentication authorizationX=wX+rX·H(CertX| X), wherein dXIs a private key of the user, device and agent, wX=dCA+rCA·H(CertX| X). Finally, the third party authenticates the authorization to send [ d ]X,CertX,DCA]To users, devices and agents.
5. The MQTT protocol secure communication method based on the secret sharing algorithm according to claim 4, wherein the steps 1-3 are specifically as follows: subject certificate along with InfoB=(B、IPB、PortB、CertB) Safely deliver to X ═ Pi/Sj) Wherein IPBAnd PortBRespectively representing the IP address and port number of the proxy, and changing ACL to { ACLt|TopictE.g. T } to the agent, wherein ACLt={Topict,P(Topict),S(Topict) For each Topic }tE.g. T, send [ Topict,Certt (l),InfoB]Giving user X ∈ P (Topic)t) Sending [ Topic ]t,dt (l),InfoB]Giving the device S ∈ S (Topic)t)。
6. The MQTT protocol secure communication method based on the secret sharing algorithm according to the claim 1 or 5, wherein the step 2 specifically comprises the following steps:
step 2-1: derivation of session key:
generation of session key SKXTo create an external secure channel between the user and the agent, provided by the user and agent, respectively { [ d { [X,CertX,DCA],[Topict,Certt (l),InfoB]And { [ d ]B,CertB,DCA]ACL }, SK is calculatedX=kdf(dX·DB||TSX)=kdf(dB·DX||TSX);
Step 2-2: one-to-one identity authentication is performed between a user and an agent:
the user will be (X, Cert)X,TSX,...,MIC(SKX) "represents the original message field of a standard connection control message, MIC (SK)X) Indicating the use of SKXMessage integrity codes, TS, calculated for all preceding fields in a messageXA timestamp of X; when the proxy receives it, it also obtains the session key SKXAnd verifies TSXWhether fresh value and MIC (SK)X) Whether it is valid; if the verification is successful, the session state of X will be created at the proxy and the proxy will use MIC (SK)X) Responding to the protected connect control message; finally, X successfully verifies the MIC (SK) of the returned responseX) And the two parties finish one-to-one identity authentication.
7. The MQTT protocol secure communication method based on secret sharing algorithm according to claim 1, wherein step 3 specifically comprises:
step 3-1: the generation phase of Token:
assume a total of n devices, i.e., group members Un={Ui1, 2.. n.the agent generates a secret share in (t, n) threshold secret sharing for each device as its Token, and first, the agent randomly selects two large prime numbers p and q to satisfy p>q+nq2Agent at FpRandomly selecting t-1 value ai,i=1,2,3,...,t-1,at-1Not equal to 0 and is at FpUpper selection a0As a secret s, a random polynomial f (x) of degree t-1 is generated0+a1x+a2x2+...+at-1xt-1(modp) where group secret s ═ a0F (0), then the proxy uses device member UiPublic identity information x of (1, 2.. multidot.n)iCalculating f (x)i) And calculating the result f (x) through a secure channeli) Secret is sent to UiAs its Token Ti=f(xi) Finally, the agent calculates a one-way hash value Hash(s) of the secret s and broadcasts the one-way hash value Hash(s) to each participating device;
step 3-2: a random component construction stage:
suppose that m group members participate in the verification, Uim={UijI 1 ≦ j ≦ m } due to the need for authentication in this scenario, let m ≦ n, i.e., it is necessary to verify whether m devices belong to the same group as each other, any of the participants U in itijPublic identity xij(ii) a By passing through at FqUp generating a random number riAnd calculate
Figure FDA0003499428300000021
To construct a random number;
step 3-3: a verification stage:
each participant exchanges the random component with other participants through the private channel, when receiving the random components of all participants, namely Cij={CijAfter 1,2, ·, m |, U ═ j ═ U ·ijComputing
Figure FDA0003499428300000022
If Hash (s') ═ Hash(s), it indicates that all participants belong to the same group; otherwise, it can be concluded that at least one illegal participant exists among the participants.At this point, group authentication of a plurality of devices is completed.
8. The MQTT protocol secure communication method based on secret sharing algorithm according to claim 1, wherein step 4 specifically comprises:
step 4-1: derivation of subject key:
for one user Pi∈P(Topict) And a set of devices S ∈ S (Topic)t) Between defines a subject key, user P, for end-to-end securityiHold { [ d ]i,Certi,DCA],[Topict,Certt (l)]A plurality of devices S hold { [ d ]i,Certi,DCA],[Topict,dt (l)]}, according to elliptic curve Diffie-Hellman key Exchange (ECDH) key protocol, calculating TotictSubject key of (1): kit (l)=kdf(di·Dt (l))=kdf(dt (l)·Di) Wherein D ist (l)=DCA+Certt·H(Certt||Totict),Di=DCA+Certi·H(Certi||Pi);
Step 4-2: and a key negotiation stage:
user sending control message (tic)tSecure message, … …, MIC (SK)i) Wherein the secure message contains [ P ]i,Certi,TSi(message) Kit (l),MIC(Kit (l))]When receiving a control message, the proxy first bases on the ACLt=(Topict,P(Topict),S(Topict) And validate MIC (SK)i) If both items are verified successfully, the agent will store the safe message until S (Topic)t) The device in (1) requests a secure message, and then the agent sends a control message to (S)j∈S(Topict) Checking MIC (SK)j) Then, S (Topic)t) In each device using dt (l)And DiObtaining a subject key Kit (l)Based on which MIC (K) can be verifiedit (l)) And obtains the validity of user P thereiniThe content of the message sent.
CN202210123700.4A 2022-02-10 2022-02-10 Secret sharing algorithm-based MQTT protocol secure communication method Active CN114500070B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210123700.4A CN114500070B (en) 2022-02-10 2022-02-10 Secret sharing algorithm-based MQTT protocol secure communication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210123700.4A CN114500070B (en) 2022-02-10 2022-02-10 Secret sharing algorithm-based MQTT protocol secure communication method

Publications (2)

Publication Number Publication Date
CN114500070A true CN114500070A (en) 2022-05-13
CN114500070B CN114500070B (en) 2023-07-18

Family

ID=81479128

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210123700.4A Active CN114500070B (en) 2022-02-10 2022-02-10 Secret sharing algorithm-based MQTT protocol secure communication method

Country Status (1)

Country Link
CN (1) CN114500070B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106411528A (en) * 2016-10-17 2017-02-15 重庆邮电大学 Lightweight authentication key negotiation method based on implicit certificate
CN107708112A (en) * 2017-11-02 2018-02-16 重庆邮电大学 A kind of encryption method suitable for MQTT SN agreements
CN111741129A (en) * 2020-07-31 2020-10-02 南京天创电子技术有限公司 MQTT protocol communication method and system for realizing multiplexing
KR20210061801A (en) * 2019-11-20 2021-05-28 단국대학교 산학협력단 Method and system for mqtt-sn security management for security of mqtt-sn protocol

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106411528A (en) * 2016-10-17 2017-02-15 重庆邮电大学 Lightweight authentication key negotiation method based on implicit certificate
CN107708112A (en) * 2017-11-02 2018-02-16 重庆邮电大学 A kind of encryption method suitable for MQTT SN agreements
KR20210061801A (en) * 2019-11-20 2021-05-28 단국대학교 산학협력단 Method and system for mqtt-sn security management for security of mqtt-sn protocol
CN111741129A (en) * 2020-07-31 2020-10-02 南京天创电子技术有限公司 MQTT protocol communication method and system for realizing multiplexing

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
赵敏等: "基于自签名隐式证书的认证密钥协商协议研究", 《计算机技术与发展》 *

Also Published As

Publication number Publication date
CN114500070B (en) 2023-07-18

Similar Documents

Publication Publication Date Title
CN107947913B (en) Anonymous authentication method and system based on identity
CN106657124B (en) Anonymous authentication and key agreement optimization authentication method and optimization authentication analysis method based on pseudonym for Internet of things
CN108599925B (en) Improved AKA identity authentication system and method based on quantum communication network
CN107659395B (en) Identity-based distributed authentication method and system in multi-server environment
US7607012B2 (en) Method for securing a communication
CN101902476B (en) Method for authenticating identity of mobile peer-to-peer user
CN102315937B (en) System and method for secure transaction of data between wireless communication device and server
US20020025046A1 (en) Controlled proxy secure end to end communication
CN113079016A (en) Identity-based authentication method facing space-based network
CN110011795A (en) Symmetric group cryptographic key negotiation method based on block chain
CN114710275B (en) Cross-domain authentication and key negotiation method based on blockchain in Internet of things environment
CN111049647B (en) Asymmetric group key negotiation method based on attribute threshold
Chen et al. Cross-domain password-based authenticated key exchange revisited
Madhusudhan A secure and lightweight authentication scheme for roaming service in global mobile networks
CN114362932A (en) Chebyshev polynomial multiple registration center anonymous authentication key agreement protocol
Schliep et al. End-to-end secure mobile group messaging with conversation integrity and deniability
Hwang et al. Confidential deniable authentication using promised signcryption
Bicakci et al. Server assisted signatures revisited
CN113014376B (en) Method for safety authentication between user and server
CN106487502B (en) Lightweight key negotiation method based on password
Pal et al. Diffie-Hellman key exchange protocol with entities authentication
CN115955320A (en) Video conference identity authentication method
Hsu et al. Password authenticated key exchange protocol for multi-server mobile networks based on Chebyshev chaotic map
Yi et al. ID-Based group password-authenticated key exchange
CN114500070B (en) Secret sharing algorithm-based MQTT protocol secure communication method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant