CN114500070B - Secret sharing algorithm-based MQTT protocol secure communication method - Google Patents

Secret sharing algorithm-based MQTT protocol secure communication method Download PDF

Info

Publication number
CN114500070B
CN114500070B CN202210123700.4A CN202210123700A CN114500070B CN 114500070 B CN114500070 B CN 114500070B CN 202210123700 A CN202210123700 A CN 202210123700A CN 114500070 B CN114500070 B CN 114500070B
Authority
CN
China
Prior art keywords
topic
cert
user
internet
proxy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210123700.4A
Other languages
Chinese (zh)
Other versions
CN114500070A (en
Inventor
李庆铁
熊迎军
李靖
任守纲
李延斌
顾兴健
邵天岳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Lanchang Automation Technology Co ltd
Original Assignee
Shanghai Lanchang Automation Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Lanchang Automation Technology Co ltd filed Critical Shanghai Lanchang Automation Technology Co ltd
Priority to CN202210123700.4A priority Critical patent/CN114500070B/en
Publication of CN114500070A publication Critical patent/CN114500070A/en
Application granted granted Critical
Publication of CN114500070B publication Critical patent/CN114500070B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses an MQTT protocol secure communication method based on a secret sharing algorithm, which is used for completing one-to-many group authentication by utilizing a threshold encryption algorithm based on secret sharing aiming at the scene that one user and a plurality of devices communicate through the same theme in the MQTT protocol, so that the devices are safely accessed, and finally, the sent information is encrypted to realize the secure communication between the user and the devices. Firstly, carrying out one-to-one authentication on a user and an agent, then completing group authentication on a plurality of devices and the agent by utilizing secret sharing, binding authenticated users, the plurality of devices and a common theme to establish a secure channel, and finally carrying out key negotiation among the users, the devices and the theme to complete encryption of transmitted information, thereby completing secure communication of an MQTT protocol. The method of the invention can be suitable for one-to-many safety communication scenes in the MQTT protocol.

Description

Secret sharing algorithm-based MQTT protocol secure communication method
Technical Field
The invention relates to the technical field of computer security, in particular to an MQTT protocol secure communication method based on a secret sharing algorithm.
Background
Among the many internet of things communication protocols, the MQTT (message queue telemetry transport) protocol is most popular. Its design goal is to provide a lightweight and easy-to-use communication protocol for the internet of things, so that only a few security mechanisms of the protocol itself are explicitly specified, which lacks basic security-related functions such as access control, mutual authentication, and control message security. To address these issues, current MQTT data transfer processes may use the encrypted TLS protocol to protect the communication channel between the client and the proxy, which presents several problems: (1) Access login control cannot be provided, such as security access control for the agent and the fine-grained subjects in the agent; (2) The computational load of TLS is high resulting in inefficiency and is not suitable for secure transmission of information in the presence of a large number of devices such as in a one-to-many scenario.
Aiming at the defects of the existing security protection, the fine-granularity security authentication of related subjects can increase the security of the MQTT protocol, and meanwhile, the group authentication based on the secret sharing algorithm is applied to the scene of the next one-to-many MQTT protocol, so that the security authentication efficiency can be improved.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a group authentication strategy which can improve the security authentication efficiency of the MQTT protocol in one-to-many scenes to a certain extent. And after the security authentication, carrying out key negotiation to encrypt the sent message, and completing the MQTT protocol secure communication method based on the secret sharing algorithm for one-to-many information secure transmission from the user to the multi-device.
The aim of the invention is achieved by the following technical scheme.
An MQTT protocol secure communication method based on a secret sharing algorithm comprises the following steps:
step 1: issuing certificates for users, devices, agents and topics and completing registration;
step 2: the method comprises the steps of completing safe access of a user by using a lightweight certificate-based authentication algorithm;
step 3: the method comprises the steps that a threshold encryption algorithm based on secret sharing is used for completing safety access authentication of a plurality of pieces of Internet of things equipment, and a safety communication channel is established for authenticated users and a plurality of pieces of equipment;
step 4: secure encryption of messages sent between a user and a plurality of devices is accomplished using a certificate-based key agreement algorithm.
Further, the step 1 specifically includes:
step 1-1: an initialization phase, wherein a third party authentication authority (CA) generates certificates for users, devices, agents and topics;
step 1-2: the third party authentication authorizes calculation of the public key, and is distributed to users, devices, agents and topics along with certificates;
step 1-3: a user, a plurality of devices, and an agent.
Further, the step 1-1 specifically comprises the following steps: inputting ID serial numbers X of users, devices and agents to generate R X =r X G, where r X ∈R[1,n-1]G is a generator; third party authentication authorization selection r CA ∈R[1,n-1]Generating R CA =r CA G, final calculated output Cert X =R X +R CA The method comprises the steps of carrying out a first treatment on the surface of the ID number Topic of input Topic t Third party authentication and authorization computing Cert t (l) =r t (1) ·G+r CA (1) ·G=R t (l) +R CA (1) Wherein Cert t (l) Certificate for the first topic, r t (1) ∈R[1,n-1],r CA (1) ∈R[1,n-1]The method comprises the steps of carrying out a first treatment on the surface of the Then, the third party authentication authorizes calculation of the private key d of the first theme t (l) =w t (l) +r t (l) ·H(Cert t (l) ||Topic t ) Wherein w is t (l) =d CA +r t (l) ·H(Cert t (l) ||Topic t ) The method comprises the steps of carrying out a first treatment on the surface of the The result of the calculation in this step is (d t (l) ,Cert t (l) )。
Further, the step 1-2 specifically comprises: third party authentication authorization calculation D X =D CA +Cert X ·H(Cert X ||x), wherein D CA Public key authorized for third party authentication, D X Public keys for users, devices and agents, then third party authentication authorization calculation d X =w X +r X ·H(Cert X ||x), wherein d X Private key for user, device and proxy, w X =d CA +r CA ·H(Cert X I X), and finally, third party authentication authorization to send [ d ] X ,Cert X ,D CA ]To users, devices and agents.
Further, the steps ofThe steps 1-3 specifically comprise: the theme certificate is combined with Info B =(B、IP B 、Port B 、Cert B ) Secure delivery to x= (P) i /S j ) Wherein IP is B And Port B Respectively representing the IP address and port number of the proxy, and adding ACL= { ACL t |Topic t E T to proxy, where ACL t ={Topic t ,P(Topic t ),S(Topic t ) For each Topic } t E T, send [ Topic ] t ,Cert t (l) ,Info B ]Give the user X epsilon P (Topic) t ) Send [ Topic ] t ,d t (l) ,Info B ]Give the device S e S (Topic) t )。
Further, step 2 specifically includes:
step 2-1: derivation of session keys:
generating a session key SK X To at user P i Creating an external secure channel between the proxy and the user { [ d ] provided by the user and the proxy, respectively X ,Cert X ,D CA ],[Topic t ,Cert t (l) ,Info B ]Sum } [ d ] B ,Cert B ,D CA ]ACL, calculate SK X =kdf(d X ·D B ||TS X )=kdf(d B ·D X ||TS X );
Step 2-2: one-to-one identity authentication is carried out between the user and the agent:
the user will (X, cert) X ,TS X ,...,MIC(SK X ) To the proxy, where ".." represents the original message field of the standard connection control message, MIC (SK X ) Representation of use of SK X Message integrity code, TS, calculated for all preceding fields in a message X A timestamp of X; the agent also obtains the session key SK when it receives it X And verify TS X Whether or not it is a fresh value and MIC (SK X ) Whether or not it is valid; if the authentication is successful, the session state of X will be created at the proxy, and the proxy will use MIC (SK X ) Responding to the protected connect control message; finally, X successfully verifies the MIC (SK X ) Both sides complete one-to-one identity authentication.
Further, the step 3 specifically includes:
step 3-1: a Token generation stage:
assume a total of n devices, i.e., group members U n ={U i I=1, 2,., n }, the proxy generates for each device a secret share in a (t, n) threshold secret share as its Token, first, the proxy randomly chooses two large primes p, q, satisfying p>q+nq 2 Proxy at F p Randomly selecting t-1 values a i ,i=1,2,3,...,t-1,a t-1 Not equal to 0, and at F p Upper selection of a 0 As secret s, a t-1 degree random polynomial f (x) =a is generated 0 +a 1 x+a 2 x 2 +...+a t-1 x t-1 (modp) wherein the group secret s=a 0 =f (0), then, the proxy uses device member U i (i=1, 2,., n) public identity information x i Calculating f (x) i ) And the calculation result f (x i ) Secret transmission to U i As its Token T i =f(x i ) Finally, the agent calculates a one-way Hash value Hash(s) of the secret s and broadcasts the Hash value Hash to all devices;
step 3-2: random component construction phase:
assuming that m group members participate in the verification, U im ={U ij 1. Ltoreq.j. Ltoreq.m } due to authentication requirements in this scenario, where m=n, i.e. it is necessary to verify whether m devices belong to the same group as each other, any of the participants U ij (public identity is x ij The method comprises the steps of carrying out a first treatment on the surface of the ) By at F q On generation of random number r i And calculateTo construct a random number;
step 3-3: verification:
each participant exchanges random components with other participants through the private channel, when the random components of all the participants are received, i.e. C ij ={C ij I j=1, 2, after m }, U ij Calculation ofIf Hash (s')=hash(s), it indicates that all participants belong to the same group; otherwise, it can be concluded that at least one illegal participant exists among the participants. Thus, group authentication of a plurality of devices is completed.
Further, the step 4 specifically includes:
step 4-1: derivation of the topic key:
for a user P i ∈P(Topic t ) And a set of devices S.epsilon.S (Topic) t ) The end-to-end security between them defines a topic key, user P i Hold { [ d ] i ,Cert i ,D CA ],[Topic t ,Cert t (l) ]A plurality of devices S hold { [ d ] i ,Cert i ,D CA ],[Topic t ,d t (l) ]Computing the TOtic according to elliptic curve diffie-hellman key Exchange (ECDH) key agreement t Is a subject key of (1): k (K) it (l) =kdf(di·D t (l) )=kdf(d t (l) ·D i ) Wherein D is t (l) =D CA +Cert t ·H(Cert t ||Totic t ),D i =D CA +Cert i ·H(Cert i ||P i );
Step 4-2: key negotiation phase:
the user sends control messages (tics) t Secure messages, … …, MIC (SK i ) Wherein the secure message contains [ P ] i ,Cert i ,TS i (message) K it (l) ,MIC(K it (l) )]When receiving the control message, the proxy is first based on the ACL t =(Topic t ,P(Topic t ),S(Topic t ) And verifies MIC (SK) i ) If both items verify successfully, the proxy will store the secure message until S (Topic t ) The device in (a) requests a secure message, and then the agent sends a control message to S j ∈S(Topic t ) After checking MIC (SK j ) After that, the processing unit is configured to,S(Topic t ) D is used by each device t (l) And D i Obtaining the topic key K it (l) Based on which the MIC (K) it (l) ) And obtain the validity of user P therein i The content of the message sent.
Compared with the prior art, the invention has the advantages that: 1. the invention uses the threshold encryption algorithm based on secret sharing, can finish the security access proxy authentication of a plurality of internet of things devices at one time, improves the authentication efficiency, and lays a foundation for realizing one-to-many security communication.
2. The invention provides finer-granularity encryption protection for information transmitted by the MQTT protocol by using a lightweight key negotiation algorithm based on a certificate aiming at a theme in the proxy, reduces the complexity and load of operation in the encryption process, and improves the communication efficiency.
Drawings
FIG. 1 is a flow chart of an MQTT protocol one-to-many information secure transmission method based on a secret sharing algorithm of the present invention;
fig. 2 is a one-to-many secure communication scenario of the MQTT protocol applied by the present invention.
Detailed Description
The invention will now be described in detail with reference to the drawings and the accompanying specific examples.
An MQTT protocol one-to-many secure communication method based on a secret sharing algorithm comprises the following steps:
step 1: third party authentication authorizations (CAs) generate certificates for users, devices, agents and topics.
Step 1-1: inputting ID serial numbers X of users, devices and agents to generate R X =r X G, where r X ∈R[1,n-1]G is a generator. CA selects r CA ∈R[1,n-1]Generating R CA =r CA G, final calculated output Cert X =R X +R CA
Inputting Topic ID sequence number Topic t CA calculates Cert t (l) =r t (1) ·G+r CA (1) ·G=R t (l) +R CA (1) Wherein Cert t (l) Certificate for the first topic, r t (1) ∈R[1,n-1],r CA (1) ∈R[1,n-1]. Then, CA calculates the private key d of the first topic t (l) =w t (l) +r t (l) ·H(Cert t (l) ||Topic t ) Wherein w is t (l) =d CA +r t (l) ·H(Cert t (l) ||Topic t ). The result of the calculation in this step is (d t (l) ,Cert t (l) )。
Step 1-2: CA computation D X =D CA +Cert X ·H(Cert X ||x), wherein D CA Is the public key of CA, D X Public keys for users, devices, and agents. Then, CA calculates d X =w X +r X ·H(Cert X ||x), wherein d X Private key for user, device and proxy, w X =d CA +r CA ·H(Cert X ||x). Finally, CA sends [ d ] X ,Cert X ,D CA ]To users, devices and agents.
Step 1-3: the theme certificate is combined with Info B =(B、IP B 、Port B 、Cert B ) Secure delivery to x= (P) i /S j ) Wherein IP is B And Port B Respectively representing the IP address and port number of the agent. Acl= { ACL t |Topic t E T to proxy, where ACL t ={Topic t ,P(Topic t ),S(Topic t ) }. For each Topic t E T, send [ Topic ] t ,Cert t (l) ,Info B ]Give the user X epsilon P (Topic) t ) Send [ Topic ] t ,d t (l) ,Info B ]Give the device S e S (Topic) t )。
The step 2 specifically comprises the following steps:
step 2-1: in the key derivation phase, a session key SK is generated X To at user P i And creating an external secure channel between the agents, respectively byUser and proxy provisioning { [ d ] X ,Cert X ,D CA ],[Topic t ,Cert t (l) ,Info B ]Sum } [ d ] B ,Cert B ,D CA ]ACL, calculate SK X =kdf(d X ·D B ||TS X )=kdf(d B ·D X ||TS X )。
Step 2-2: during the authentication phase, the user will (X, cert) X ,TS X ,...,MIC(SK X ) To the proxy, where ".." represents the original message field of the standard connection control message, MIC (SK X ) Representation of use of SK X Message integrity code, TS, calculated for all preceding fields in a message X Is the timestamp of X. The agent also obtains the session key SK when it receives it X And verify TS X Whether or not it is a fresh value and MIC (SK X ) Whether or not to be effective. If the authentication is successful, the session state of X will be created at the proxy, and the proxy will use MIC (SK X ) The protected connect control message responds. Finally, X successfully verifies the MIC (SK X ) Both sides complete one-to-one identity authentication.
The step 3 specifically comprises the following steps:
step 3-1: in Token generation phase, it is assumed that there are n devices, i.e., group members U n ={U i I=1, 2,..n }, the proxy generates one (t, n) the secret share in the threshold secret share as its Token. Firstly, the agent randomly selects two large prime numbers p and q to meet p>q+nq 2 . Proxy at F p Randomly selecting t-1 values a i ,i=1,2,3,...,t-1,a t-1 Not equal to 0, and at F p Upper selection of a 0 As secret s, a t-1 degree random polynomial f (x) =a is generated 0 +a 1 x+a 2 x 2 +...+a t-1 x t-1 (modp) wherein the group secret s=a 0 =f (0). Next, the agent uses device member U i (i=1, 2,., n) public identity information x i Calculating f (x) i ) And the calculation result f (x i ) Secret transmission to U i As its Token T i =f(x i ). Finally, the proxy computes a one-way Hash value Hash(s) of secret s and publishes it to each participating device for awareness.
Step 3-2: in the random component construction phase, it is assumed that m group members participate in verification, U im ={U ij 1 j.ltoreq.m } because of authentication requirements in this scenario, let m=n here. I.e. if it is necessary to verify whether m devices belong to the same group as each other, any of them is a participant U ij (public identity is x ij The method comprises the steps of carrying out a first treatment on the surface of the ) By at F q On generation of random number r i And calculateTo construct a random number.
Step 3-3: during the authentication phase, each participant exchanges a random component with the other participants over the private channel. When receiving the random component of all participants, i.e. C ij ={C ij I j=1, 2, after m }, U ij Calculation ofIf Hash (s')=hash(s), it indicates that all participants belong to the same group; otherwise, it can be concluded that at least one illegal participant exists among the participants. Thus, group authentication of a plurality of devices is completed.
The step 4 specifically comprises the following steps:
step 4-1: for a user P i ∈P(Topic t ) And a set of devices S.epsilon.S (Topic) t ) The end-to-end security between them defines a topic key. User P i Hold { [ d ] i ,Cert i ,D CA ],[Topic t ,Cert t (l) ]A plurality of devices S hold { [ d ] i ,Cert i ,D CA ],[Topic t ,d t (l) ]Computing the TOtic according to elliptic curve diffie-hellman key Exchange (ECDH) key agreement t Is a subject key of (1): k (K) it (l) =kdf(di·D t (l) )=kdf(d t (l) ·D i ) Wherein D is t (l) =D CA +Cert t ·H(Cert t ||Totic t ),D i =D CA +Cert i ·H(Cert i ||P i )。
Step 4-2: the user sends control messages (tics) t Secure messages, … …, MIC (SK i ) Wherein the secure message contains [ P ] i ,Cert i ,TS i (message) K it (l) ,MIC(K it (l) )]. Upon receipt of the control message, the proxy is first based on the ACL t =(Topic t ,P(Topic t ),S(Topic t ) And verifies MIC (SK) i ) Whether or not it is valid. If both items are verified successfully, the proxy will store the secure message until S (Topic t ) Requesting secure messages from the device. Next, the agent sends a control message to S j ∈S(Topic t ). In checking MIC (SK) j ) After that, S (Topic) t ) D is used by each device t (l) And D i Obtaining the topic key K it (l) Based on which the MIC (K) it (l) ) And obtain the validity of user P therein i The content of the message sent.

Claims (1)

1. The MQTT protocol secure communication method based on the secret sharing algorithm is characterized by comprising the following steps of:
step 1: issuing certificates for users, a plurality of internet of things devices, agents and topics and finishing registration;
step 2: the method comprises the steps of completing safe access of a user by using a lightweight certificate-based authentication algorithm;
step 3: the method comprises the steps that a threshold encryption algorithm based on secret sharing is used for completing safety access authentication of a plurality of pieces of Internet of things equipment, and a safety communication channel is established for authenticated users and the plurality of pieces of Internet of things equipment;
step 4: using a key negotiation algorithm based on a certificate to complete the safe encryption of messages sent between a user and a plurality of internet of things devices; the step 1 specifically comprises the following steps:
step 1-1: in the initialization stage, a third party authentication authority (CA) generates certificates for a user, a plurality of internet of things devices, agents and topics;
step 1-2: the third party authentication authorizes calculation of the public key, and distributes the public key to the user, a plurality of internet of things devices, agents and topics along with the certificate;
step 1-3: registering a user, a plurality of internet of things devices and an agent;
the step 1-1 specifically comprises the following steps: inputting ID serial numbers X of a user, a plurality of internet of things devices and agents to generate R X =r X G, where r X ∈R[1,n-1]G is a generator; third party authentication authorization selection r CA ∈R[1,n-1]Generating R CA =r CA G, final calculated output Cert X =R X +R CA The method comprises the steps of carrying out a first treatment on the surface of the Inputting Topic ID sequence number Topic t Third party authentication and authorization computing Cert t (l) =r t (1) ·G+r CA (1) ·G=R t (l) +R CA (1) Wherein Cert t (l) Certificate for the first topic, r t (1) ∈R[1,n-1],r CA (1) ∈R[1,n-1]The method comprises the steps of carrying out a first treatment on the surface of the Then, the third party authentication authorizes calculation of the private key d of the first theme t (l) =w t (l) +r t (l) ·H(Cert t (l) ||Topic t ) Wherein w is t (l) =d CA +r t (l) ·H(Cert t (l) ||Topic t ) The method comprises the steps of carrying out a first treatment on the surface of the The result of the calculation in this step is (d t (l) ,Cert t (l) );
The step 1-2 specifically comprises the following steps: third party authentication authorization calculation D X =D CA +Cert X ·H(Cert X ||x), wherein D CA Public key authorized for third party authentication, D X Public keys for a user, a plurality of internet of things devices and agents, and then, third party authentication authorization calculation d X =w X +r X ·H(Cert X ||x), wherein d X Private key for user, multiple internet of things devices and agent, w X =d CA +r CA ·H(Cert X I X), and finally, third party authentication authorization to send [ d ] X ,Cert X ,D CA ]Giving the user, a plurality of internet of things devices and agents;
the steps 1-3 are specifically as follows: the theme certificate is combined with Info B =(B、IP B 、Port B 、Cert B ) Secure delivery to x= (P) i /S j ) Wherein IP is B And Port B Respectively representing the IP address and port number of the proxy, and adding ACL= { ACL t |Topic t E T to proxy, where ACL t ={Topic t ,P(Topic t ),S(Topic t ) For each Topic } t E T, send [ Topic ] t ,Cert t (l) ,Info B ]Give the user X epsilon P (Topic) t ) Send [ Topic ] t ,d t (l) ,Info B ]S epsilon S (Topic) for multiple Internet of things devices t );
The step 2 specifically comprises the following steps:
step 2-1: derivation of session keys:
generating a session key SK X To create an external secure channel between the user and the proxy, provided by the user and the proxy respectively { [ d ] X ,Cert X ,D CA ],[Topic t ,Cert t (l) ,Info B ]Sum } [ d ] B ,Cert B ,D CA ]ACL, calculate SK X =kdf(d X ·D B ||TS X )=kdf(d B ·D X ||TS X );
Step 2-2: one-to-one identity authentication is carried out between the user and the agent:
the user will (X, cert) X ,TS X ,...,MIC(SK X ) To the proxy, where ".." represents the original message field of the standard connection control message, MIC (SK X ) Representation of use of SK X Message integrity code, TS, calculated for all preceding fields in a message X A timestamp of X; the agent also obtains the session key SK when it receives it X And verify TS X Whether or not it is a fresh value and MIC (SK X ) Whether or not it is valid; if the authentication is successful, the session state of X will be created at the proxy, and the proxy will use MIC (SK X ) Protected connect control cancellationResponding to the message; finally, X successfully verifies the MIC (SK X ) Two parties finish one-to-one identity authentication;
the step 3 is specifically as follows:
step 3-1: a Token generation stage:
assume that there are n Internet of things devices, i.e., group members U n ={U i I=1, 2,., n }, the proxy generates a secret share in a (t, n) threshold secret share for each internet of things device as its Token, first, the proxy randomly chooses two large primes p, q, satisfying p>q+nq 2 Proxy at F p Randomly selecting t-1 values a i ,i=1,2,3,...,t-1,a t-1 Not equal to 0, and at F p Upper selection of a 0 As secret s, a t-1 degree random polynomial f (x) =a is generated 0 +a 1 x+a 2 x 2 +...+a t-1 x t-1 (modp) wherein the group secret s=a 0 =f (0), next, the proxy uses multiple internet of things device members U i (i=1, 2,., n) public identity information x i Calculating f (x) i ) And the calculation result f (x i ) Secret transmission to U i As its Token T i =f(x i ) Finally, the agent calculates a one-way Hash value Hash(s) of the secret s and broadcasts the Hash value Hash(s) to each of the devices participating in the Internet of things;
step 3-2: random component construction phase:
assuming that m group members participate in the verification, U im ={U ij 1 j is less than or equal to m because of authentication requirement in the scene, wherein m=n, that is, whether m internet of things devices belong to the same group with each other needs to be verified, any participant U in the authentication requirement ij Public identity x ij The method comprises the steps of carrying out a first treatment on the surface of the By at F q On generation of random number r i And calculateTo construct a random number;
step 3-3: verification:
each participant exchanges a random component with the other participants through the private channel when the random of all the participants is receivedComponent, i.e. C ij ={C ij I j=1, 2, after m }, U ij Calculation ofIf Hash (s')=hash(s), it indicates that all participants belong to the same group; otherwise, judging that at least one illegal participant exists in the participants, and completing group authentication of a plurality of pieces of Internet of things equipment;
the step 4 is specifically as follows:
step 4-1: derivation of the topic key:
for a user P i ∈P(Topic t ) And a group of Internet of things devices S epsilon S (Topic) t ) The end-to-end security between them defines a topic key, user P i Hold { [ d ] i ,Cert i ,D CA ],[Topic t ,Cert t (l) ]A plurality of internet of things devices S hold { [ d ] i ,Cert i ,D CA ],[Topic t ,d t (l) ]Computing the TOtic according to elliptic curve diffie-hellman key Exchange (ECDH) key agreement t Is a subject key of (1): k (K) it (l) =kdf(di·D t (l) )=kdf(d t (l) ·D i ) Wherein D is t (l) =D CA +Cert t ·H(Cert t ||Totic t ),D i =D CA +Cert i ·H(Cert i ||P i );
Step 4-2: key negotiation phase:
the user sends control messages (tics) t Secure messages, … …, MIC (SK i ) Wherein the secure message contains [ P ] i ,Cert i ,TS i (message) K it (l) ,MIC(K it (l) )]When receiving the control message, the proxy is first based on the ACL t =(Topic t ,P(Topic t ),S(Topic t ) And verifies MIC (SK) i ) If both items verify successfully, the proxy will store the secure message until S (Topic t ) Internet of things device request security in (a)Then, the agent sends the control message to S j ∈S(Topic t ) After checking MIC (SK j ) After that, S (Topic) t ) D is used by each Internet of things device t (l) And D i Obtaining the topic key K it (l) Based on which the MIC (K) it (l) ) And obtain the validity of user P therein i The content of the message sent.
CN202210123700.4A 2022-02-10 2022-02-10 Secret sharing algorithm-based MQTT protocol secure communication method Active CN114500070B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210123700.4A CN114500070B (en) 2022-02-10 2022-02-10 Secret sharing algorithm-based MQTT protocol secure communication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210123700.4A CN114500070B (en) 2022-02-10 2022-02-10 Secret sharing algorithm-based MQTT protocol secure communication method

Publications (2)

Publication Number Publication Date
CN114500070A CN114500070A (en) 2022-05-13
CN114500070B true CN114500070B (en) 2023-07-18

Family

ID=81479128

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210123700.4A Active CN114500070B (en) 2022-02-10 2022-02-10 Secret sharing algorithm-based MQTT protocol secure communication method

Country Status (1)

Country Link
CN (1) CN114500070B (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106411528B (en) * 2016-10-17 2019-06-14 重庆邮电大学 Lightweight authentication key negotiation method based on implicit certificate
CN107708112A (en) * 2017-11-02 2018-02-16 重庆邮电大学 A kind of encryption method suitable for MQTT SN agreements
KR102266654B1 (en) * 2019-11-20 2021-06-18 단국대학교 산학협력단 Method and system for mqtt-sn security management for security of mqtt-sn protocol
CN111741129A (en) * 2020-07-31 2020-10-02 南京天创电子技术有限公司 MQTT protocol communication method and system for realizing multiplexing

Also Published As

Publication number Publication date
CN114500070A (en) 2022-05-13

Similar Documents

Publication Publication Date Title
CN107947913B (en) Anonymous authentication method and system based on identity
CN106657124B (en) Anonymous authentication and key agreement optimization authentication method and optimization authentication analysis method based on pseudonym for Internet of things
CN108599925B (en) Improved AKA identity authentication system and method based on quantum communication network
CN107659395B (en) Identity-based distributed authentication method and system in multi-server environment
US8447036B2 (en) Multi-party key agreement method using bilinear map and system therefor
CN111682938A (en) Three-party authenticatable key agreement method facing centralized mobile positioning system
CN110020524B (en) Bidirectional authentication method based on smart card
WO2014166546A1 (en) Method and system for accessing device by a user
CN111049647B (en) Asymmetric group key negotiation method based on attribute threshold
CN114467280A (en) Generating digital signatures using cold purses
CN110166258A (en) The group key agreement method authenticated based on secret protection and attribute
CN110971401A (en) Authentication key negotiation method based on cross-interlocking mechanism and implementation device thereof
Chen et al. Cross-domain password-based authenticated key exchange revisited
CN111277412A (en) Data security sharing system and method based on block chain key distribution
CN114362932A (en) Chebyshev polynomial multiple registration center anonymous authentication key agreement protocol
Schliep et al. End-to-end secure mobile group messaging with conversation integrity and deniability
CN110784305B (en) Single sign-on authentication method based on careless pseudorandom function and signcryption
CN106487502B (en) Lightweight key negotiation method based on password
Jarecki et al. Authentication for paranoids: Multi-party secret handshakes
CN114500070B (en) Secret sharing algorithm-based MQTT protocol secure communication method
CN113596004B (en) Identity authentication method and device in multiparty security calculation
Yi et al. ID-Based group password-authenticated key exchange
CN113472731B (en) Two-factor authentication method for database user identity verification
KR20040102968A (en) Apparatus and method having a function of client-to-clinet authenticattion
CN113014376B (en) Method for safety authentication between user and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant