Remote secure communication method, system, equipment and terminal of touch Internet of things
Technical Field
The invention belongs to the technical field of touch internet, and particularly relates to a remote secure communication method, system, equipment and terminal of a touch internet of things.
Background
Currently, the haptic internet refers to a network, or network of networks, for remotely accessing, perceiving, manipulating or controlling real and virtual objects or processes perceived in real time. Remote haptic control can be implemented when the network round trip delay is less than 1 millisecond. The touch internet is a creative leap on the basis of the internet, and in the touch internet environment, an information physical system can exchange text, audio and video data and can exchange touch control information in real time, so that remote real-time control and physical touch experience can be realized. In the environment, a user can implement remote real-time control through hearing, vision and touch, and the dimension of man-machine interaction is expanded. Such as tele-surgery, the surgeon may perform the procedure remotely for the patient. In this procedure, a surgeon performs a surgical procedure by tactile sense using a robot or a robot arm. The robot performs the procedure according to instructions provided by the remote surgeon, who may also view the procedure on a screen. The touch internet also plays a great role in the fields of industry, agriculture, safe automobile driving, robots, medical care, education, entertainment and the like. In haptic internet applications, implementation of haptic communication must guarantee ultra-low latency, ultra-high reliability, and high security of the communication system. The ultra-low delay and ultra-high reliability are two basic conditions for transmitting the touch sense at a long distance, and the two basic conditions cannot be violated when the safety of the touch sense communication is ensured. Since the haptic internet is mainly related to 5G and higher (B5G, 6G) communication, it is also an open network like the internet and is vulnerable to various attacks, such as impersonation, man-in-the-middle, denial of service, replay, desynchronization, etc. If unprotected, a remote malicious user can perform any unauthorized tasks, such as malicious cutting and surgery. In this case, the life of the patient will be at risk. Different from the safety communication in the internet, the safety communication of the touch internet also needs to meet two conditions of ultra-low delay and ultra-high reliability on the premise of ensuring safety. Therefore, in order to guarantee secure communication in the haptic internet, it is necessary to design a lightweight authentication and key agreement method capable of resisting various known attacks to prevent attacks on haptic internet applications.
At present, a safe communication method is rarely designed for the touch internet, and only two related researches on the world, namely the use of elliptic curve cryptography, are carried out. The authentication scheme of the second design, although lightweight, is not secure under impersonation, privileged introspection, desynchronization, etc. attacks. And the secure communication method in other environments (such as the internet of things and a wireless sensor network) is not suitable for being applied to the tactile internet environment because the authentication cost is high or the secure communication method cannot resist various known attacks.
Through the above analysis, the problems and defects of the prior art are as follows:
(1) the existing safe communication method for designing the touch internet does not have lightness, is easy to suffer desynchronization and masquerading attacks, and is unsafe under the attacks of masquerading, privilege introspection, desynchronization and the like.
(2) The existing secure communication method in other environments is not suitable for being applied to the touch Internet environment because the authentication cost is high, or the existing secure communication method in other environments cannot resist various known attacks.
(3) The secure communication method designed for other network environments is difficult to satisfy the two basic conditions of ultra-low delay and ultra-high reliability of the tactile internet, so that the secure communication method cannot be transplanted to the tactile internet.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a remote secure communication method, system, equipment and terminal of a touch Internet of things.
The invention is realized in such a way that a remote secure communication method of the touch thing internet comprises the following steps:
in the registration stage, the robot and the tactile user accessed into the system register with a registration authority; the two parties of the tactile communication mutually authenticate, and after the authentication is successful, the two parties negotiate a session key for safe communication; after the tactile user registers, storing the registration information in the smart card; when the touch card is used, a touch user inserts the smart card and uses a password or a fingerprint to log in through a human-computer system interface; after successful login, sending a touch control request with the remote robot, and mutually verifying the authenticity of the two parties; after the two parties successfully verify, the safe haptic communication between the haptic user and the remote robot is ensured by generating a session key.
Further, the remote secure communication method of the haptic Internet of things comprises the following steps:
step one, a registration stage: registering by a registration authority for the robot and the haptic user;
step two, an authentication stage: and authenticating the identity of the tactile user, and realizing the tactile safety communication between the tactile user and the robot.
Further, the registration phase in the first step includes:
(1) and (3) mist node registration: the register authority RA selects an identity ID for each fog node u Calculating its pseudo-identity PID u =h(ID u K) and certificate TC u =h(ID u ||RT u I K), where K is the RA key, RT u The registration time of the fog node; RA stores { PID in fog node u ,TC u }。
(2) Robot registration: registering authoritative RA's to select an identity ID for each robot s Calculating its pseudo-identity PID s =h(ID s K) and certificate TC s =h(ID s ||RT s I K), where K is the RA key, RT s Is the registration time of the robot; RA in fog nodes and robots { PID s ,TC s }。
(3) Haptic user registration: the tactile user registers through the man-machine system.
Further, the haptic user registration in the step (3) includes:
1) user U i Selecting an identity ID i And password PW i And input fingerprint BIO on human-computer system interface i (ii) a The man-machine system generates a random number r i Calculated by a fingerprint fuzzy extractor (sigma) i ,τ i )=Gen(BIO i ) Where σ is i And τ i Secret parameters and public parameters, respectively; human-machine system computing HPW i =h(PW i ||σ i ),N i =HPW i ⊕r i Over a secure channel will { ID i ,N i Is passed to RA.
2) RA generates a random number R
i And calculates a pseudo-identity PID for the haptic user
i =h(ID
i K) and certificate TC
i =h(PID
i ||RT
i I K), where RT
i Is the haptic user's registration time, K is the RA key; RA generates a temporary identity TID for a user
i And storing the user registration information in the fog node
RA calculation of A
i =TC
i ⊕N
i ,B
i =R
i ⊕TC
i ,C
i =h(PID
u ||TC
u ||PID
i )⊕N
i (ii) a RA issues a smart card SC for haptic users
i And stores the information { A }
i ,B
i ,C
i ,PID
i ,TID
i H (+) } is sent to the haptic user over a secure channel.
3) After the touch user receives the smart card, calculating TC i =A i ⊕N i ,R i =B i ⊕TC i ,Auth i =h(TC i ⊕R i ⊕HPW i ),h(PID u ||TC u ||PID i )=C i ⊕N i ,B i * =B i ⊕HPW i ,PID i * =PID i ⊕HPW i ,TC i * =TC i ⊕HPW i ,D i =h(PID u ||TC u ||PID i )⊕HPW i (ii) a PID in smart card i ,TC i And B i By PID i * ,TC i * And B i * Replace and store { D in the smart card i ,τ i Gen (), Rep (); smart card SC i Containing information { PID i * ,TC i * ,B i * ,TID i ,Auth i ,D i ,τ i Gen (-), Rep (-), h (+) }, where Gen (-) and Rep (-), are the generation and rendering programs of the fuzzy extractor.
Further, in the second step, the touch user firstly logs in by using the smart card, and after the login is successful, the touch user and the remote robot controlled by the touch sense carry out mutual authentication.
(1) Logging in: haptic user insertion of smart card and entry of identity ID i Password PW i And fingerprint BIO i * (ii) a Smart card calculating sigma i * =Rep(BIO i * ,τ i ),HPW i * =h(PW i ||σ i * ),TC i =TC i * ⊕HPW i * ,B i =B i * ⊕HPW i * ,R i =B i ⊕TC i ,Auth i * =h(TC i ⊕R i ⊕HPW i * ) And examine Auth i * =Auth i Whether they are equal; if equal, the haptic user may successfully log into the haptic control system.
(2) Mutual authentication: and after the touch user successfully logs in, the touch user and the remote robot execute mutual authentication.
Further, the authentication step in the step (2) is as follows:
1) smart card SC i Calculate h (PID) u ||TC u ||PID i )=D i ⊕HPW i Selecting a robot PID to be tactilely controlled s And generates a random number n 1 And a current time stamp T 1 Calculating M 1 =n 1 ⊕h(PID u ||TC u ||PID i ),M 2 =PID s ⊕h(h(PID u ||TC u ||PID i )||TID i ||n 1 ||T 1 ),M 3 =h(TC i ||TID i ||h(PID u ||TC u ||PID i )||n 1 ||T 1 ) (ii) a Mixing Msg 1 ={M 1 ,M 2 ,M 3 ,TID i ,T 1 By openingPut the signal channel and pass to fog node F u 。
2) Fog node F
u Test | T
1 * -T
1 |≦ΔT
1 Is established, wherein Δ T
1 Is U
i And F
u Maximum transmission delay therebetween; if the condition is true, F
u By TID
i Finding PID
i And TC
i And calculate n
1 =M
1 ⊕h(PID
u ||TC
u ||PID
i ),PID
s =M
2 ⊕h(h(PID
u ||TC
u ||PID
i )||TID
i ||n
1 ||T
1 ),M
3 * =h(TC
i ||TID
i ||h(PID
u ||TC
u ||PID
i )||n
1 ||T
1 ) And examining M
3 * =M
3 Whether the result is true; if true, fog node F
u Generating a random number n
2 And a current time stamp T
2 Generating a new temporary identity for the user
Selecting a random number SK as a session key of a user; fog node F
u Calculating M
4 =TID
i new ⊕h(TID
i ||TC
i ||PID
i ||n
1 ||T
1 ),M
5 =n
2 ⊕h(PID
s ||TC
s ||T
2 ),M
6 =h(TID
i new ||TC
i ||PID
i )⊕h(PID
s ||TC
s ),SK
* =SK⊕h(h(TID
i new ||TC
i ||PID
i )||PID
s ||TC
s ||n
2 ||T
2 ),M
7 =h(SK||h(TID
i new ||TC
i ||PID
i )||TC
s ||n
2 ||T
2 ) (ii) a Fog node F
u The message Msg
2 ={M
4 ,M
5 ,M
6 ,M
7 ,SK
* ,T
2 Is transmitted to the robot D through an open channel
s 。
3) Robot inspection Condition | T 2 * -T 2 |≦ΔT 2 Is established, wherein Δ T 2 Is F u And D s Maximum transmission delay therebetween; if the condition is satisfied, D s Calculating n 2 =M 5 ⊕h(PID s ||TC s ||T 2 ),h(TID i new ||TC i ||PID i )=M 6 ⊕h(PID s ||TC s ),SK=SK * ⊕h(h(TID i new ||TC i ||PID i )||PID s ||TC s ||n 2 ||T 2 ),M 7 * =h(SK||h(TID i new ||TC i ||PID i )||TC s ||n 2 ||T 2 ) And checking the condition M 7 * =M 7 Whether or not it is satisfied; if the condition is true, the robot D s Generating a random number n 3 And a current time stamp T 3 And calculate M 8 =n 3 ⊕h(TID i new ||TC i ||PID i ),SK ** =SK⊕h(h(TID i new ||TC i ||PID i )||h(PID s ||TC s )||n 3 ||T 3 ),M 9 =h(SK||h(TID i new ||TC i ||PID i )||h(PID s ||TC s )||M 4 ||M 6 ||n 3 ||T 3 );D s Transmission of a message Msg over an open channel 3 ={M 4 ,M 6 ,M 8 ,M 9 ,SK ** ,T 3 Give tactile user U i 。
4) Haptic user U i Examination of Condition | T 3 * -T 3 |≦ΔT 3 Whether or not, wherein Δ T 3 Is D s And U i Maximum transmission delay therebetween; if the condition is true, U i Calculating TID i new =M 4 ⊕h(TID i ||TC i ||PID i ||n 1 ||T 1 ),h(PID s ||TC s )=h(TID i new ||TC i ||PID i )⊕M 6 ,n 3 =M 8 ⊕h(TID i new ||TC i ||PID i ),SK=SK ** ⊕h(h(TID i new ||TC i ||PID i )||h(PID s ||TC s )||n 3 ||T 3 ),M 9 * =h(SK||h(TID i new ||TC i ||PID i )||h(PID s ||TC s )||M 4 ||M 6 ||n 3 ||T 3 ) And examining M 9 * =M 9 Whether the result is true or not; if the condition is satisfied, the haptic user and the robot perform mutual authentication, and both sides perform secure communication using the session key SK.
Another object of the present invention is to provide a haptic internet-of-things remote secure communication system applying the haptic internet-of-things remote secure communication method, the haptic internet-of-things remote secure communication system including:
the registration authority is a credible server and is used for registering the touch user, the remote robot and the fog node;
a home domain comprising a haptic user and a human-machine system interface, the haptic user haptically controlling the remote robot using the human-machine system interface;
the network domain consists of a core network/Internet and fog nodes, wherein the fog nodes are respectively deployed at the edges of a master domain and a slave domain and are used for providing network connection and computing service;
a slave domain comprising an object remotely haptically manipulated by a haptic user, the object comprising a robot.
It is a further object of the invention to provide a computer device comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to perform the steps of:
in the registration stage, the robot and the tactile user accessed into the system register with a registration authority; the two parties of the tactile communication mutually authenticate, and after the authentication is successful, the two parties negotiate a session key for safe communication; after the tactile user registers, the registration information is stored in the smart card; when the touch card is used, a touch user inserts the smart card and uses a password or a fingerprint to log in through a human-computer system interface; after successful login, sending a touch control request with the remote robot, and mutually verifying the authenticity of the two parties; after the two parties successfully verify, the safe haptic communication between the haptic user and the remote robot is ensured by generating a session key.
It is another object of the present invention to provide a computer-readable storage medium storing a computer program which, when executed by a processor, causes the processor to perform the steps of:
in the registration stage, the robot and the tactile user accessed into the system register with a registration authority; the two parties of the tactile communication mutually authenticate, and after the authentication is successful, the two parties negotiate a session key for safe communication; after the tactile user registers, the registration information is stored in the smart card; when the touch card is used, a touch user inserts the smart card and uses a password or a fingerprint to log in through a human-computer system interface; after successful login, sending a touch control request with the remote robot, and mutually verifying the authenticity of the two parties; after the two parties successfully verify, the safe haptic communication between the haptic user and the remote robot is ensured by generating a session key.
Another object of the present invention is to provide an information data processing terminal for implementing the remote secure communication system of the haptic internet of things.
In combination with the technical solutions and the technical problems to be solved, please analyze the advantages and positive effects of the technical solutions to be protected in the present invention from the following aspects:
first, aiming at the technical problems existing in the prior art and the difficulty in solving the problems, the technical problems to be solved by the technical scheme of the present invention are closely combined with results, data and the like in the research and development process, and some creative technical effects are brought after the problems are solved. The specific description is as follows:
the invention provides a remote safe communication method of a touch thing network, which mainly realizes the safe communication between a touch user and a remote robot, and the working principle is as follows: the first phase is a registration phase, where robots and haptic users that are attached to the system register with a registration authority. The second phase is that two parties of the tactile communication need to mutually authenticate, and after the authentication is successful, the two parties negotiate a session key for the secure communication between the two parties. After the touch user registers, the registration information is stored in the smart card of the touch user, when the touch control system is used, the touch user inserts the smart card, logs in through a man-machine system interface by using a password or a fingerprint, sends out a touch control request with the remote robot after the login is successful, and then the two parties mutually verify the authenticity of the other party. After the two parties successfully verify, a session key is generated to ensure the safe touch communication between the touch user and the remote robot.
Secondly, considering the technical scheme as a whole or from the perspective of products, the technical effect and advantages of the technical scheme to be protected by the invention are specifically described as follows:
the remote safe communication method of the touch Internet of things solves the problems which cannot be solved at present: the ultra-low delay and the ultra-high reliability of the touch internet are not violated when a secure communication key is negotiated, a remote trusted party (such as cloud) is not involved in the authentication and key negotiation process, a fog node is used at the edge of the network, the reliability of the network is improved, and the low delay of the network is ensured; the communication scheme is lightweight while being able to resist various known attacks; the anonymity and untraceability of the communication protocol are guaranteed under strict ultra-low delay constraints.
Third, as the inventive supplementary proof of the claims of the present invention, the expected profit and commercial value after the technical solution of the present invention is transformed are: haptic internet aims at haptic communication through networks, shifting from content-oriented communication to guidance/control-based communication by enabling real-time transmission of haptic information (i.e. touch, drive, motion, vibration, surface texture) in addition to traditional audiovisual and data transmission. The haptic internet is therefore considered to be the next stage of development of the internet of things, which will drastically change the range of applications and services provided by the internet to date, and bring the next generation systems to an unprecedented level of human-like communication. It is expected that a great deal of opportunities will be created for the technological market in various application fields, from teleoperation systems and augmented/virtual reality to automotive safety and electronic medicine, to solve the complex problems of the human society. The invention mainly aims to protect the safe communication in the touch Internet, and is one of three conditions for the successful implementation of the touch Internet, so that the technical scheme of the invention can generate great expected benefit and commercial value after being converted.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments of the present invention will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a remote secure communication method of a haptic internet of things according to an embodiment of the present invention;
FIG. 2 is a flowchart of authentication between a haptic user and a robot provided by an embodiment of the present invention;
fig. 3 is a structural diagram of a remote secure communication system of a haptic internet of things according to an embodiment of the present invention;
in the figure: firstly, a touch user logs in by using an intelligent card and initiates an authentication request to a fog node; secondly, the fog node checks the message freshness, authenticates the touch user, and initiates an authentication request to the robot after the authentication is successful; and thirdly, the robot checks the message freshness, authenticates the fog nodes, and initiates an authentication request to the touch user after the authentication is successful.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and do not limit the invention.
Aiming at the problems in the prior art, the invention provides a remote secure communication method, a system, equipment and a terminal of a touch thing network, and the invention is described in detail with reference to the attached drawings.
First, an embodiment is explained. This section is an explanatory embodiment expanding on the claims so as to fully understand how the present invention is embodied by those skilled in the art.
Interpretation of terms: haptic internet-a network, or network of networks, for remotely accessing, perceiving, manipulating or controlling real and virtual objects or processes perceived in real time.
The embodiment of the invention provides a remote safe communication method of a touch thing network, which mainly realizes the safe communication between a touch user and a remote robot, and the working principle is as follows: the first phase is a registration phase, where robots and haptic users that are attached to the system register with a registration authority. The second phase is that two parties of the tactile communication need to mutually authenticate, and after the authentication is successful, the two parties negotiate a session key for the secure communication between the two parties. After the touch user registers, the registration information is stored in the smart card of the touch user, when the touch control system is used, the touch user inserts the smart card, logs in through a man-machine system interface by using a password or a fingerprint, sends out a touch control request with the remote robot after the login is successful, and then the two parties mutually verify the authenticity of the other party. After the two parties successfully verify, a session key is generated to ensure the safe touch communication between the touch user and the remote robot.
As shown in fig. 1, the remote secure communication method of the haptic internet of things provided by the embodiment of the present invention includes the following steps:
s101, a touch user logs in by using an intelligent card and initiates an authentication request to a fog node;
s102, the fog node checks message freshness and authenticates a touch user; after the authentication is successful, an authentication request is sent to the remote robot;
s103, the remote robot checks message freshness and authenticates the fog nodes; after the authentication is successful, an authentication request is sent to the touch user;
s104, the touch user checks message freshness and authenticates the remote robot; after the authentication is successful, a secure communication key is generated between the haptic user and the remote robot for secure communication.
As shown in fig. 2, as a preferred embodiment, the remote secure communication method of the haptic internet of things provided by the embodiment of the present invention includes: firstly, a tactile user logs in by using an intelligent card and initiates an authentication request to a fog node; secondly, the fog node checks the message freshness, authenticates the touch user, and initiates an authentication request to the robot after the authentication is successful; the robot checks the message freshness, authenticates the fog nodes, and initiates an authentication request to the touch user after the authentication is successful; the touch user checks the message freshness, authenticates the robot, and after the authentication is successful, a safe communication key is generated between the touch user and the robot.
The method specifically comprises the following steps:
firstly, a registration stage:
and (3) mist node registration: the register authority RA selects an identity ID for each fog node u Calculating its pseudo-identity PID u =h(ID u K) and certificate TC u =h(ID u ||RT u I K), where K is the RA key, RT u And the registration time of the fog node. Thereafter, RA stores { PID in fog node u ,TC u }。
Robot registration: registering authoritative RA's to select an identity ID for each robot s Calculating its pseudo-identity PID s =h(ID s K) and certificate TC s =h(ID s ||RT s I K), where K is the RA key, RT s Is the registration time of the robot. Thereafter, RA is in the fog node and robot { PID s ,TC s }。
Haptic user registration: the tactile user registers through a man-machine system, and the registration process is as follows:
step 1. user U i Selecting an identity ID i And password PW i And input fingerprint BIO on human-computer system interface i . The man-machine system generates a random number r i Calculated by a fingerprint fuzzy extractor (sigma) i ,τ i )=Gen(BIO i ) Where σ is i And τ i Secret parameters and public parameters, respectively. The human-machine system then calculates the HPW i =h(PW i ||σ i ),N i =HPW i ⊕r i Over a secure channel will { ID i ,N i Is passed to RA.
Step 2.RA generates a random number R
i And calculates a pseudo-identity PID for the haptic user
i =h(ID
i K) and certificate TC
i =h(PID
i ||RT
i I K), where RT
i Is the haptic user's registration time, and K is the RA key. The RA then generates a temporary identity TID for the user
i And storing the user registration information in the fog node
RA calculation of A
i =TC
i ⊕N
i ,B
i =R
i ⊕TC
i ,C
i =h(PID
u ||TC
u ||PID
i )⊕N
i . The RA then issues a smart card SC for the haptic user
i And stores the information { A }
i ,B
i ,C
i ,PID
i ,TID
i H (+) } is sent to the haptic user over a secure channel.
Step 3, after the touch user receives the smart card, calculating TC i =A i ⊕N i ,R i =B i ⊕TC i ,Auth i =h(TC i ⊕R i ⊕HPW i ),h(PID u ||TC u ||PID i )=C i ⊕N i ,B i * =B i ⊕HPW i ,PID i * =PID i ⊕HPW i ,TC i * =TC i ⊕HPW i ,D i =h(PID u ||TC u ||PID i )⊕HPW i And the PID in the smart card i ,TC i And B i By PID i * ,TC i * And B i * To replace and store { D in a smart card i ,τ i Gen (-), Rep (-). Finally, the process is carried out in a batch,smart card SC i Containing information { PID i * ,TC i * ,B i * ,TID i ,Auth i ,D i ,τ i Gen (-), Rep (-), h (+) }, where Gen (-) and Rep (-), are the generation and rendering programs of the fuzzy extractor.
II, authentication phase:
the touch user firstly uses the smart card to log in, and after the login is successful, the touch user and the remote robot controlled by the touch sense carry out mutual authentication.
(1) Logging in: haptic user insertion of smart card and entry of identity ID i Password PW i And fingerprint BIO i * . Smart card calculating sigma i * =Rep(BIO i * ,τ i ),HPW i * =h(PW i ||σ i * ),TC i =TC i * ⊕HPW i * ,B i =B i * ⊕HPW i * ,R i =B i ⊕TC i ,Auth i * =h(TC i ⊕R i ⊕HPW i * ) And examine Auth i * =Auth i Whether or not equal. If equal, the haptic user may successfully log into the haptic control system.
(2) Mutual authentication: after the touch user successfully logs in, the touch user and the remote robot execute mutual authentication, and the authentication steps are as follows:
step 1. Smart card SC i Calculate h (PID) u ||TC u ||PID i )=D i ⊕HPW i Selecting a robot PID to be tactilely controlled s And generates a random number n 1 And a current time stamp T 1 Calculating M 1 =n 1 ⊕h(PID u ||TC u ||PID i ),M 2 =PID s ⊕h(h(PID u ||TC u ||PID i )||TID i ||n 1 ||T 1 ),M 3 =h(TC i ||TID i ||h(PID u ||TC u ||PID i )||n 1 ||T 1 ). Then Msg 1 ={M 1 ,M 2 ,M 3 ,TID i ,T 1 Is transmitted to a fog node F through an open channel u 。
Step 2, fog node F
u Test | T
1 * -T
1 |≦ΔT
1 Is established, wherein Δ T
1 Is U
i And F
u The maximum transmission delay therebetween. If the condition is true, F
u By TID
i Finding PID
i And TC
i And calculate n
1 =M
1 ⊕h(PID
u ||TC
u ||PID
i ),PID
s =M
2 ⊕h(h(PID
u ||TC
u ||PID
i )||TID
i ||n
1 ||T
1 ),M
3 * =h(TC
i ||TID
i ||h(PID
u ||TC
u ||PID
i )||n
1 ||T
1 ). Then checking M
3 * =M
3 Whether or not this is true. If true, fog node F
u Generating a random number n
2 And a current time stamp T
2 Generating a new temporary identity for the user
A random number SK is selected as the session key for the user. Fog node F
u Calculating M
4 =TID
i new ⊕h(TID
i ||TC
i ||PID
i ||n
1 ||T
1 ),M
5 =n
2 ⊕h(PID
s ||TC
s ||T
2 ),M
6 =h(TID
i new ||TC
i ||PID
i )⊕h(PID
s ||TC
s ),SK
* =SK⊕h(h(TID
i new ||TC
i ||PID
i )||PID
s ||TC
s ||n
2 ||T
2 ),M
7 =h(SK||h(TID
i new ||TC
i ||PID
i )||TC
s ||n
2 ||T
2 ). Later fog node F
u The message Msg
2 ={M
4 ,M
5 ,M
6 ,M
7 ,SK
* ,T
2 Is transmitted to the robot D through an open channel
s 。
Step 3, robot checking condition | T 2 * -T 2 |≦ΔT 2 Whether or not Δ T is established 2 Is F u And D s The maximum transmission delay therebetween. If the condition is satisfied, D s Calculating n 2 =M 5 ⊕h(PID s ||TC s ||T 2 ),h(TID i new ||TC i ||PID i )=M 6 ⊕h(PID s ||TC s ),SK=SK * ⊕h(h(TID i new ||TC i ||PID i )||PID s ||TC s ||n 2 ||T 2 ),M 7 * =h(SK||h(TID i new ||TC i ||PID i )||TC s ||n 2 ||T 2 ) Then checking the condition M 7 * =M 7 Whether or not it is satisfied. If the condition is true, the robot D s Generating a random number n 3 And a current time stamp T 3 And calculate M 8 =n 3 ⊕h(TID i new ||TC i ||PID i ),SK ** =SK⊕h(h(TID i new ||TC i ||PID i )||h(PID s ||TC s )||n 3 ||T 3 ),M 9 =h(SK||h(TID i new ||TC i ||PID i )||h(PID s ||TC s )||M 4 ||M 6 ||n 3 ||T 3 )。D s Transmission of a message Msg over an open channel 3 ={M 4 ,M 6 ,M 8 ,M 9 ,SK ** ,T 3 Give tactile user U i 。
Step 4. tactile user U i Examination of Condition | T 3 * -T 3 |≦ΔT 3 Whether or not, wherein Δ T 3 Is D s And U i The maximum transmission delay therebetween. If the condition is true, U i Calculating TID i new =M 4 ⊕h(TID i ||TC i ||PID i ||n 1 ||T 1 ),h(PID s ||TC s )=h(TID i new ||TC i ||PID i )⊕M 6 ,n 3 =M 8 ⊕h(TID i new ||TC i ||PID i ),SK=SK ** ⊕h(h(TID i new ||TC i ||PID i )||h(PID s ||TC s )||n 3 ||T 3 ),M 9 * =h(SK||h(TID i new ||TC i ||PID i )||h(PID s ||TC s )||M 4 ||M 6 ||n 3 ||T 3 ) Then checking M 9 * =M 9 Whether or not this is true. If the condition is satisfied, the haptic user and the robot perform mutual authentication, and both sides perform secure communication using the session key SK.
After the above steps are performed, the haptic user can communicate securely with the telepresence robot.
As shown in fig. 3, the haptic secure communication system of the internet of things according to the embodiment of the present invention includes 4 entity modules:
registration Authority (RA): responsible for registering the haptic user, the telepresence robot and the fog node, it is a trusted server.
A main domain: the home domain includes a haptic user and a human-machine system interface, with which the haptic user can tactilely control the remote robot.
A network domain: the network domain consists of a core network/internet and a fog node, which deploys the edges of the master domain and the slave domain, respectively, providing network connectivity and computing services.
From the domain: the slave domain includes an object (e.g., a robot) that is remotely tactilely manipulated by a haptic user.
And II, application embodiment. In order to prove the creativity and the technical value of the technical scheme of the invention, the part is the application example of the technical scheme of the claims on specific products or related technologies.
The technical scheme of the invention can be applied to a remote touch implementation control system to ensure communication safety, and the most typical application example is remote surgery. The surgeon performs some operation by tactilely controlling the telerobotic system and receiving tactile feedback to perform the operation on the patient. Telesurgery can provide great convenience to a patient who resides in a foreign location, but can be life threatening if the haptic communication cannot be secured.
And thirdly, evidence of relevant effects of the embodiment. The embodiment of the invention achieves some positive effects in the process of research and development or use, and has great advantages compared with the prior art, and the following contents are described by combining data, diagrams and the like in the test process.
In terms of security, the present invention can resist various known attacks, mainly including:
the method can resist the attack of the smart card stolen, the attack of the privilege inside screen, the desynchronizing attack, the attack of impersonation, the attack of the robot captured, the attack of the man-in-the-middle, etc. And the characteristics of touch user anonymity and untraceability are obtained.
The communication cost required by the invention is lower in communication cost. In order to compare the communication costs of different systems, the length of the hash value (the SHA-1 algorithm is assumed) is 160bits, the length of the temporary interaction number and the identity information is 128bits, the symmetric encryption/decryption is 128bits, and the timestamp is 32 bits. The invention needs to transmit 3 messages and needs to transmit 3296 bits. In other, nearby communication systems, the cost required by the system of Wazid et al is 3840bits, and the cost required by the system of Ali et al is 4128 bits.
The invention has great advantages in terms of calculation cost. To facilitate comparison of the computation costs of different systems, let T h And T e Respectively, representing the computation time required for the hash operation and the symmetric encryption/decryption operation. The experimental measurements used were: t is h ≈0.00032s,T e And the time is approximately equal to 0.0056 s. The calculation cost required by the invention is 22T h And approximately equals 0.00704 s. While the lightweight system of Wazid et al requires a computational cost of 0.02848s, Ali et alThe cost of the lightweight system of (2) is 0.04416 ms.
It should be noted that the embodiments of the present invention can be realized by hardware, software, or a combination of software and hardware. The hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or specially designed hardware. Those skilled in the art will appreciate that the apparatus and methods described above may be implemented using computer executable instructions and/or embodied in processor control code, such code being provided on a carrier medium such as a disk, CD-or DVD-ROM, programmable memory such as read only memory (firmware), or a data carrier such as an optical or electronic signal carrier, for example. The apparatus and its modules of the present invention may be implemented by hardware circuits such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., or by software executed by various types of processors, or by a combination of hardware circuits and software, e.g., firmware.
The above description is only for the purpose of illustrating the embodiments of the present invention, and the scope of the present invention should not be limited thereto, and any modifications, equivalents and improvements made by those skilled in the art within the technical scope of the present invention as disclosed in the present invention should be covered by the scope of the present invention.