CN116074091B - Mist-assisted intelligent home three-party authentication system, method, equipment and terminal - Google Patents
Mist-assisted intelligent home three-party authentication system, method, equipment and terminal Download PDFInfo
- Publication number
- CN116074091B CN116074091B CN202310099781.3A CN202310099781A CN116074091B CN 116074091 B CN116074091 B CN 116074091B CN 202310099781 A CN202310099781 A CN 202310099781A CN 116074091 B CN116074091 B CN 116074091B
- Authority
- CN
- China
- Prior art keywords
- user
- node
- fog
- authentication
- fog node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 239000003595 mist Substances 0.000 title claims description 11
- 230000008569 process Effects 0.000 claims abstract description 19
- 238000004364 calculation method Methods 0.000 claims description 24
- 238000004891 communication Methods 0.000 claims description 22
- 230000005540 biological transmission Effects 0.000 claims description 18
- 230000003993 interaction Effects 0.000 claims description 18
- 230000004044 response Effects 0.000 claims description 16
- 238000012545 processing Methods 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 3
- 230000000977 initiatory effect Effects 0.000 claims description 2
- 230000006870 function Effects 0.000 description 8
- 230000008901 benefit Effects 0.000 description 7
- 238000013461 design Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 6
- 230000000694 effects Effects 0.000 description 4
- 238000011161 development Methods 0.000 description 3
- 238000003491 array Methods 0.000 description 2
- 238000007405 data analysis Methods 0.000 description 2
- 238000005265 energy consumption Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012827 research and development Methods 0.000 description 2
- 230000033764 rhythmic process Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 230000035800 maturation Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008092 positive effect Effects 0.000 description 1
- 230000000630 rising effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention belongs to the technical field of intelligent home, and discloses a fog-assisted intelligent home three-party authentication system, method, equipment and terminal, wherein the fog-assisted intelligent home three-party authentication method comprises a registration stage and an authentication stage; the registration stage is to register for the intelligent home and the user by a registration authority; the authentication stage is mutual authentication among the intelligent home, the fog node and the user; in the authentication stage, the user and the fog node are mutually authenticated, and the remote user accesses the intelligent household equipment through the fog node; and establishing a mutual authentication process of connection between the fog node and the intelligent home equipment. The authentication among the intelligent home equipment, the fog node and the user is realized, and the participation of a trusted cloud or other entities is not needed; even if the fog node is destroyed or captured, secret information of a user and intelligent household equipment cannot be revealed; in the authentication process, the time stamp is used for verifying the synchronization of the messages, so that desynchronization attack can be effectively prevented, and no extra burden is needed.
Description
Technical Field
The invention belongs to the technical field of intelligent home, and particularly relates to a fog-assisted intelligent home three-party authentication system, method, equipment and terminal.
Background
At present, with the rise of the internet of things, smart home is another emerging concept and application of the internet of things. In recent years, smart home has been rapidly developed, which integrates various interconnected smart devices into a home, and the smart home includes an advanced automation system for monitoring and controlling the various smart devices. In a smart home, residents can control various intelligent sensing devices and provide high-level comfort at low operation cost, and comfortable, convenient, safe and energy-saving living environments are provided for the residents. With the huge amount of data that is increasingly generated in the home life, it is apparent that the smart devices with limited resources do not have the computing power required to perform this operation, and one method is to connect the smart home network to the internet and use it for storage and processing of the smart home devices. By virtue of the strong computing, storage and processing capabilities, the cloud can efficiently analyze the data sent by the intelligent household equipment according to the user-defined strategy, so that the intelligent household automation is realized. However, the physical distance from the smart home network to the cloud may cause data processing delay and network congestion. The fog calculation is positioned between the cloud calculation and the internet of things equipment, and a series of services such as transmission, calculation, temporary storage, real-time data analysis and the like are provided for the equipment at the network edge. The method has the characteristics of low time delay, low bandwidth, high speed and real-time interaction, and is more suitable for being applied to intelligent home systems.
However, when fog computing is combined with smart home, there are also some security threats faced: firstly, some fog nodes and intelligent home equipment are deployed in public places and are easy to damage or steal by attackers, are not considered to be completely trusted, and are easy to suffer from equipment loss/theft attack, counterfeit attack, message tampering attack and the like, and the threats can lead an adversary to control equipment in the intelligent home or modify messages to enable the intelligent home equipment to execute wrong commands, so that irrecoverable loss is caused; secondly, the smart home system should have good real-time interactivity, and the authentication process using the low-latency feature of fog calculation should not be participated by the cloud. In view of these, there is a need to design a secure and efficient fog-assisted smart home authentication system that is secure, especially when fog nodes are not fully trusted or smart home devices are captured, and is capable of withstanding a variety of known attacks. Second, the authentication scheme should be low latency. Finally, since many smart home devices have limited resources, the authentication scheme should also be lightweight.
At present, an authentication scheme is rarely designed for a fog-assisted intelligent home, and is mostly designed for a traditional intelligent home, so that the problems of a plurality of security threats, low response speed and the like exist, for example, the authentication scheme based on cloud and the authentication scheme based on a gateway, the delay of authentication is caused by cloud computing, the gateway is not considered to be completely trusted, and some secret information stored in the gateway is easy to suffer from various security attacks; secondly, some authentication mechanisms store the message that needs to be kept secret in the smart home devices, but in fact many smart home devices may also be captured, so the resource-constrained smart home devices are not suitable for participating in authentication; again, many of the cryptographic primitives used by authentication schemes designed for smart home systems include public key cryptography, symmetric cryptography and hash functions, and blockchain schemes. Authentication schemes based on public keys are safer, but their computational complexity is also higher. Authentication schemes based on symmetric passwords and hash functions are superior in efficiency, but tend to lead to many potential attacks due to improper design. The authentication scheme based on the blockchain has good safety, but a plurality of factors which are unfavorable for the fog-assisted intelligent home, such as delay, energy consumption, mobility support and the like of the blockchain, exist. Furthermore, for physical security of smart home devices, a more desirable approach is to use a physical unclonable function. However, existing PUF-based authentication schemes have many problems and are vulnerable to various attacks, because PUF-based authentication schemes are typically authenticators to store challenge response pairs for smart devices, and when a challenge response in an authenticator leaks, the authentication scheme will not be secure.
Through the above analysis, the problems and defects existing in the prior art are as follows:
(1) At present, an authentication scheme is rarely designed for the fog-assisted intelligent home, and most of the authentication schemes are designed for the traditional intelligent home, so that the problems of a plurality of security threats, low response speed and the like exist.
(2) Some authentication mechanisms currently store secret information in smart home devices, but in fact some smart home devices may be attacked.
(3) The existing authentication scheme based on public key encryption has higher computational complexity; authentication schemes based on symmetric passwords and hash functions tend to lead to many potential attacks due to improper design.
(4) The existing authentication scheme based on the blockchain has the problems of delay, energy consumption, mobility support and the like of the blockchain; while authentication schemes based on PUFs are not secure and are vulnerable to various attacks.
Disclosure of Invention
Aiming at the problems existing in the prior art, the invention provides a fog-assisted intelligent home three-party authentication system, a method, equipment and a terminal, and particularly relates to a fog-assisted intelligent home three-party authentication system, a method, equipment and a terminal based on a PUF.
The invention is realized in such a way that the fog-assisted intelligent home three-party authentication method comprises a registration stage and an authentication stage; the registration stage is to register for the intelligent home and the user by a registration authority; the authentication stage is mutual authentication among the intelligent home, the fog node and the user; in the authentication stage, the user and the fog node are mutually authenticated, and the remote user accesses the intelligent household equipment through the fog node; the fog node and the intelligent home equipment mutually authenticate and establish connection.
Further, the fog-assisted smart home three-party authentication method further comprises the following steps:
After the user successfully logs in, an authentication request is initiated to the fog node; the fog node checks the freshness of the message and authenticates the user; after authentication is successful, the fog node initiates an authentication request to a user; the user checks the freshness of the message and authenticates the fog node; after successful authentication, a session key is generated, and a user initiates a request for controlling intelligent household equipment; the fog node initiates an authentication request to the intelligent home equipment according to a request for controlling the intelligent home equipment sent by a user; the intelligent home equipment checks the freshness of the message and authenticates the fog node; after successful authentication, initiating an authentication request to the fog node; the fog node checks the freshness of the message and authenticates the intelligent household equipment; and after the authentication is successful, a secure communication key is generated between the fog node and the intelligent home equipment and is used for secure communication.
Further, the fog-assisted smart home three-party authentication method comprises the following steps:
the method comprises the steps of firstly, registering an intelligent household device and registering a user; when new intelligent household equipment is deployed, registering by a registration authority; the user registers through the mobile device;
step two, an authentication stage comprises mutual authentication between a user and the fog node, and accessing intelligent household equipment through the fog node; mutual authentication of the connection is established between the smart home device and the foggy node.
Further, the smart home device registration in the step one includes:
(1) The registration authority RA selects a unique identity ID s for the intelligent home device, generates a random challenge C s, and transmits { ID s,Ns } to the intelligent home device through a secure channel;
(2) After the smart home device receives the challenge C s, calculating a response R s=PUF(Cs) and sending the response R s=PUF(Cs) to the RA;
(3) After receiving R s, RA selects a temporary identity TID s for the intelligent home equipment and calculates a pseudo identity PID s=h(IDs I K; where K is the key of RA, calculate h (R s); RA transmits the parameter { TID s,PIDs,Cs,h(Rs) } of the intelligent household equipment to the corresponding fog node for storage through a secure channel, and transmits { TID s } to the intelligent household equipment through the secure channel;
(4) After receiving the information { TID s }, the intelligent home equipment updates the message And stored.
Further, the user registration in the step one includes:
(1) User U i selects identity ID i and sends a registration request { Req i } to a registration authority RA;
(2) RA receives the request Req i, generates a random challenge C i, and communicates C i to the user over the secure channel;
(3) After receiving { C i }, the user calculates R i=PUF(Ci by using the PUF embedded in the mobile device and transmits { R i } to RA through the secure channel;
(4) After RA receives the message { R i } transmitted by user, selecting temporary identity TID i for user, calculating h (R i); transmitting the message { TID i,Ci,h(Ri) } to the foggy node for storage, and transmitting { TID i } to the user through the secure channel;
(5) After receiving { TID i }, the mobile device of the user requests the user to set a password PW i and inputs a fingerprint F i; mobile device computing G i=PUF(Fi), generate a random number z i, and compute a pseudo-identity PID i=h(IDi||zi for the user); the mobile device calculates the HPW i=h(PWi||Gi||zi), Calculate authentication message a i=h(PIDi||HPWi||zi), send message/>Stored in a mobile device, wherein/>Representing the new and old temporary identity of the user.
Wherein updating the password and the fingerprint by the user comprises:
1) Password update 1: the mobile device informs the user to enter the old identity ID i and the old fingerprint PW i;
2) Password update 2: mobile device computing G i=PUF(Fi), HPWi=h(PWi||Gi||zi),/>And check/>Whether or not they are equal; if the two are equal to each other, then the next operation is continued; otherwise, immediately stopping the password updating request;
3) Password update 3: user input new password and fingerprint, mobile device calculation
Mobile device stores updated information/>
Further, in the second step, after the user logs in successfully, the user and the fog node mutually authenticate and generate a session key for keeping secret the subsequent communication between the user and the fog node, which specifically comprises:
(1) The user enters the identity ID i, the password PW i and the fingerprint F i on the mobile device, the mobile device calculates G i=PUF(Fi),HPWi=h(PWi||Gi||zi), Calculate authentication message a i *=h(PIDi||HPWi||zi) and compare with a i stored in the mobile device, if equal, the user login is successful; the mobile device generates a temporary interaction number n 1 and a current timestamp T 1, and a user selects intelligent home equipment to be accessed and transmits a message { TID i,PIDs,n1,T1 } to the fog node through an open channel;
(2) After the foggy node receives the message { TID i,PIDs,n1,T1 }, checking whether the condition |t 1 *-T1|≤ΔT1 is satisfied, wherein Δt 1 is the maximum transmission delay before the user and the foggy node, and T 1 * is the time when the foggy node receives the message; if the condition is satisfied, the fog node generates a temporary interaction number n 2, a timestamp T 2, and a new challenge value And new temporary identity/>Calculation of
Transmitting the message { Q 1,Q2,Q3,M1,Ci,T2, SK } to the intelligent household equipment through an open channel;
(3) After the user receives the message { Q 1,Q2,Q3,M1,Ci,T2, SK }, checking if the condition |t 2 *-T2|≤ΔT2 is true, where Δt 2 is the maximum transmission delay before the user and the foggy node; if the condition is met, the user calculates R i=PUF(Ci), Checking whether M 1 *=M1 is met, if so, indicating that the user authenticates the fog node; user computing session key/> Updating temporary identity/>Calculation/>Generating a temporary interaction number n 3 and a current timestamp T 3; calculation of And transmitting { Q 4,Q5,M2,T3 } to the foggy node;
(4) After the foggy node receives the message, checking whether |T 3 *-T3|≤ΔT3 is true, wherein DeltaT 3 is the maximum transmission delay before the user and the foggy node; if the condition is satisfied, foggy node computation And checking M 2 *=M2, if so, indicating that the fog node authenticates the user, synchronizing the authentication process, and updating the storage information corresponding to the user by the fog node.
In the second step, the smart home device and the fog node mutually authenticate and generate a shared session key, and the process is as follows:
(1) The fog node searches TID s and C s according to PID s sent by the user; fog node creates new random challenges New temporary identity/>A temporary interaction number n 2 and a current timestamp T 2;
Calculation of
Transmitting the message { Q 6,Q7,Q10,M3,Cs,T4 } to the intelligent household equipment through an open channel;
(2) After receiving the message { Q 6,Q7,Q8,M3,Cs,T4 }, the smart home device checks whether a condition |t 4 *-T4|≤ΔT4 is satisfied, where Δt 4 is the maximum transmission delay between the mist node and the smart home device, and T 4 * is the time when the message is received; if the condition is satisfied, calculating by the intelligent household equipment Calculation/> And compared to the received M 3; if M 3 *=M3 is detected, the intelligent home equipment successfully authenticates the fog node; intelligent household equipment according to/>Calculate new response/>Store new temporary identity/>And generates a temporary interaction number n 5 and a current timestamp T 5; calculation/> And transmitting the message { Q 9,Q10,M4,T5 } to the foggy node over the open channel;
(3) After the foggy node receives the message { Q 9,Q10,M4,T5 }, it checks if the condition |t 5 *-T5|≤ΔT5 is met, where Δt 5 is the maximum transmission delay, if the condition is met, the foggy node calculates Comparing M 4 * with the received M 4, if M 4 *=M4, successfully authenticating the intelligent home equipment by the fog node, and synchronizing; fog node computationAnd stores the messages TID s,PIDs,Cs,h(Rs and/>
Another object of the present invention is to provide a mist-assisted smart home three-party authentication system applying the mist-assisted smart home three-party authentication method, the mist-assisted smart home three-party authentication system including:
a registration authority, a trusted server, responsible for registering different entities in an offline and secure manner;
the user is used for registering by using the mobile equipment at the registration authority, and after logging in, the intelligent household equipment is controlled to be accessed by using the mobile equipment and the fog node for mutual authentication;
The cloud node is used for adding a fog layer between the cloud and the intelligent home equipment, providing network connection, and temporarily storing and calculating service;
The intelligent home equipment is used for registering, and mutually authenticating with the corresponding fog node after the intelligent home equipment is accessed to the system, so as to verify the legitimacy of the two parties.
Another object of the present invention is to provide a computer device, where the computer device includes a memory and a processor, and the memory stores a computer program, and when the computer program is executed by the processor, the processor executes the steps of the fog-assisted smart home three-party authentication method.
The invention further aims to provide an information data processing terminal which is used for realizing the fog-assisted intelligent home three-party authentication system.
In combination with the technical scheme and the technical problems to be solved, the technical scheme to be protected has the following advantages and positive effects:
First, aiming at the technical problems in the prior art and the difficulty of solving the problems, the technical problems solved by the technical proposal of the invention are analyzed in detail and deeply by tightly combining the technical proposal to be protected, the results and data in the research and development process, and the like, and some technical effects brought after the problems are solved have creative technical effects. The specific description is as follows:
The mist-assisted intelligent home three-party authentication method provided by the invention is mainly used for realizing the safety communication among the user, the mist node and the intelligent home equipment, wherein the first stage is a registration stage, and the intelligent home equipment accessed into the system and the user register with a registration authority; the second stage is that the user, the fog node and the intelligent home three-party mutually authenticate, and after authentication is successful, a session key is negotiated for safe communication between the user, the fog node and the intelligent home three-party mutually authenticate; after the user registers, the registration information is stored in the mobile equipment, and when the mobile equipment is used, the user inputs an account number, a corresponding password and a fingerprint by using the mobile equipment to log in, and after successful login, the user mutually verifies the authenticity of the other party with the fog node. After authentication is successful, a session key is generated to ensure the safe communication between the user and the fog node; the fog node performs mutual authentication with corresponding intelligent household equipment according to a request for controlling the intelligent household equipment sent by a user, stores information about the intelligent household equipment in the fog node, generates a session key to ensure safe communication between the fog node and the intelligent household equipment, and establishes connection so that the user can control the intelligent equipment through the fog node.
Secondly, the technical scheme is regarded as a whole or from the perspective of products, and the technical scheme to be protected has the following technical effects and advantages:
The invention provides a lightweight fog-assisted smart home authentication method based on a PUF, which realizes authentication among smart home equipment, fog nodes and users without participation of trusted clouds or other entities. The fog-assisted smart home authentication method designed by the invention can not reveal secret information of users and smart home equipment even if fog nodes are destroyed or captured. The method uses the time stamp to verify the synchronization of the messages in the authentication process, can effectively prevent desynchronization attack, and does not need any extra burden. The authentication method of the invention not only has robustness under various known attacks, but also has less calculation and communication cost.
Thirdly, as inventive supplementary evidence of the claims of the present invention, the following important aspects are also presented:
the expected benefits and commercial values after the technical scheme of the invention is converted are as follows:
In recent years, with the development of related technologies such as 5G Internet of things artificial intelligence and the like, the market growth of smart home is obviously accelerated, and smart home will enter a relatively rapid development stage. Due to the continuous maturation of the technology and the continuous rising of new technologies such as the Internet of things, the user experience of the intelligent home is continuously improved, and the intelligent home is favored by more and more consumers. At the same time, information security and privacy problems of users are also receiving more and more attention. Therefore, it is important to design a safe and effective authentication scheme for the smart home system.
The intelligent home system aims to provide personalized, comfortable and convenient living environment for residents. At present, most household equipment is also a handheld tool in daily household life of people, and obviously, the time and the labor are consumed, especially in modern life with high speed and fast rhythm, the common household equipment does not keep pace with the steps of the times, and the appearance of automatic mechanical household equipment products greatly reduces the trouble brought by the problems to people. The automatic control system is convenient, autonomous and efficient, can liberate both hands of people, can better utilize resources to finish work which is difficult to be finished manually by most users, and improves the working quality. The intelligent household system is influenced by the continuous acceleration of the life rhythm of people and the continuous increase of the working and life pressures of people, people hope to get the release from complicated daily sanitary matters of each family more, the intelligent household system can realize automation, manpower, financial resources and material resources can be better saved, a more comfortable family life environment is created for users, and the users can enjoy the high-quality life brought by the modern technology better. It is seen that the automation and mechanization of the household equipment are necessary paths in the present and future.
Along with the gradual emergence of the demand of home scene automation, the smart home equipment market will come to grow rapidly and promote the appearance of new product forms. Meanwhile, huge data volume is generated in daily life, and privacy leakage and other problems can be caused by public transmission or storage of a lot of sensitive information on an internet-accessible system. The invention designs a safe and reasonable lightweight authentication scheme, realizes the safe communication among three parties in the intelligent home system, provides anonymity and untraceability, can resist various attacks, and gives privacy protection to users. The invention also refers to fog computing, which concentrates data processing, application programs and the like on the network edge, and provides a series of services such as transmission, computing, temporary storage, real-time data analysis and the like for equipment on the network edge. The method has the characteristics of low time delay, low bandwidth, high speed and real-time interaction, gives consideration to authentication efficiency and system performance, and is more suitable for being applied to intelligent home systems. Therefore, the technical scheme of the invention can generate great expected benefits and commercial values after being converted by combining with the future market space and wide development prospect of the smart home.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the embodiments of the present invention will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of a fog-assisted smart home three-party authentication method provided by an embodiment of the invention;
Fig. 2 is a flowchart of authentication between a user, a fog node and a smart home device provided by an embodiment of the present invention;
Fig. 3 is a system configuration diagram of a fog-assisted smart home provided by an embodiment of the present invention;
In the figure: (1) After the user successfully logs in, an authentication request is initiated to the fog node; (2) The fog node checks the freshness of the message, authenticates the user, and initiates an authentication request to the user after successful authentication; (3) The user checks the freshness of the message, authenticates the fog node, generates a session key for subsequent secure communication after successful authentication, and initiates a request for controlling the intelligent household equipment; (4) The fog node initiates an authentication request to the intelligent home equipment according to a request for controlling the intelligent home equipment sent by a user; (5) The intelligent home equipment checks the freshness of the message, authenticates the fog node, and initiates an authentication request to the fog node after successful authentication; the fog node checks the freshness of the message and authenticates the intelligent household equipment; after authentication is successful, a secure communication key is generated between the fog node and the intelligent home equipment so as to carry out secure communication subsequently.
Detailed Description
The present invention will be described in further detail with reference to the following examples in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Aiming at the problems in the prior art, the invention provides a fog-assisted intelligent home three-party authentication system, a fog-assisted intelligent home three-party authentication method, fog-assisted intelligent home three-party authentication equipment and a fog-assisted intelligent home three-party authentication terminal, and the fog-assisted intelligent home three-party authentication system is described in detail below with reference to the accompanying drawings.
1. The embodiments are explained. In order to fully understand how the invention may be embodied by those skilled in the art, this section is an illustrative embodiment in which the claims are presented for purposes of illustration.
Term interpretation: PUF: a physical unclonable function (Physical Unclonable Functions), which is a non-replicable one-way function, can be viewed as a unique physical feature of the device. Its input-output correspondence is a challenge-response, the PUF being able to describe the unique characteristics of the physical microstructure.
As shown in fig. 1, the fog-assisted smart home three-party authentication method provided by the embodiment of the invention comprises the following steps:
s101, a registration stage comprises intelligent home equipment registration and user registration; when new intelligent household equipment is deployed, registering by a registration authority; the user registers through the mobile device;
S102, an authentication stage comprises mutual authentication between a user and a fog node, and accessing intelligent household equipment through the fog node; mutual authentication of connection is established between the intelligent home equipment and the fog node.
As a preferred embodiment, as shown in fig. 2, the fog-assisted smart home three-party authentication method provided by the embodiment of the invention specifically includes a registration stage and an authentication stage; the registration stage is to register for the intelligent home and the user by a registration authority; the authentication phase is mutual authentication among the smart home, the fog node and the user. The invention divides the authentication process into two parts: one part is mutual authentication between the user and the foggy node, so that the remote user can access the intelligent home equipment through the foggy node; the other part is a mutual authentication process for establishing connection between the fog node and the intelligent home equipment.
Registration:
Registering intelligent household equipment: whenever a new smart home device is deployed, registration by a registration authority is required, and the registration flow is as follows:
step 1, the registration authority RA selects a unique identity ID s for the smart home device, generates a random challenge C s, and transmits { ID s,Ns } to the smart home device through the secure channel.
And 2) after the smart home device receives the challenge C s, calculating a response R s=PUF(Cs) and sending the response R s=PUF(Cs) to the RA.
Step 3, after the RA receives R s, selecting a temporary identity TID s for the intelligent household equipment, and calculating a pseudo identity PID s=h(IDs I K;
Where K is the key of RA, h is calculated (R s). The RA transmits the parameters { TID s,PIDs,Cs,h(Rs) } of the intelligent household equipment to the corresponding fog nodes for storage through a secure channel, and transmits { TID s } to the intelligent household equipment through the secure channel.
Step 4, after the intelligent home equipment receives the information { TID s }, updating the informationAnd stores it, the purpose of storing the new and old temporary identities is to prevent desynchronization attacks.
User registration: the user registers through the own mobile equipment, and the registration process is as follows:
Step 1. User U i selects one identity ID i and sends a registration request { Req i } to the registration authority RA.
Step 2.Ra receives the request Req i, generates a random challenge C i, and communicates C i to the user over the secure channel.
Step 3. Once the user receives { C i }, it calculates R i=PUF(Ci using the mobile device embedded PUF) and passes { R i } to the RA over the secure channel.
Step 4. After the ra receives the message { R i } from the user, it selects a temporary identity TID i for the user and calculates h (R i). The message TID i,Ci,h(Ri is passed to the foggy node for storage and TID i is passed to the user over the secure channel.
Step 5. The user's mobile device receives { TID i }, then requests the user to set password PW i and input fingerprint F i, then the mobile device computes G i=PUF(Fi), generates a random number z i and computes a pseudo-identity PID i=h(IDi||zi for the user), the mobile device computes HPW i=h(PWi||Gi||zi), Calculate an authentication message a i=h(PIDi||HPWi||zi), and finally send the message/> Stored in the mobile device. Wherein/>Representing the new and old temporary identities of the user to prevent protocol dyssynchrony.
If the user needs to update the password and the fingerprint, the process is as follows:
Password update step 1. The mobile device informs the user to enter the old identity ID i and the old fingerprint PW i.
Password update step 2. Mobile device calculation G i=PUF(Fi), And check/>Whether equal. If the two are equal, the next operation is continued, otherwise, the password update request is immediately terminated.
Password updating step 3. User inputs a new password and fingerprint, mobile device calculates
Finally, the mobile device stores the updated information/>
Authentication:
Mutual authentication among the intelligent home, the fog node and the user is divided into two parts: one part is mutual authentication between the user and the foggy node, so that the remote user can access the intelligent home equipment through the foggy node; the other part is a mutual authentication process for establishing connection between the intelligent home equipment and the fog node;
(1) After the user logs in successfully, the user and the fog node mutually authenticate and then generate a session key for keeping secret the subsequent communication between the user and the fog node, and the process is as follows:
Step 1. The user inputs an identity ID i, a password PW i and a fingerprint F i on the mobile device, the mobile device calculates G i=PUF(Fi),HPWi=h(PWi||Gi||zi), Calculate authentication message a i *=h(PIDi||HPWi||zi) and compare with a i stored in the mobile device, if equal, the user logs in successfully. The mobile device then generates a temporary interaction number n 1 and a current timestamp T 1, and the user selects the smart home device to access and passes the message TID i,PIDs,n1,T1 to the foggy node over the open channel.
Step 2. Fog node receives message { TID i,PIDs,n1,T1 }, first check if condition |T 1 *-T1|≤ΔT1 is satisfied, wherein DeltaT 1 is the maximum transmission delay before user and fog node, T 1 * is the time when fog node receives message, if condition is satisfied, fog node generates a temporary interaction number n 2, timestamp T 2, new challenge valueAnd new temporary identity/>Calculation/>
And finally, transmitting the message { Q 1,Q2,Q3,M1,Ci,T2, SK } to the intelligent household equipment through an open channel.
Step 3. After the user receives the message { Q 1,Q2,Q3,M1,Ci,T2, SK }, it first checks if the condition |t 2 *-T2|≤ΔT2 is met, where Δt 2 is the maximum transmission delay before the user and the fog node, if the condition is met, the user calculates R i=PUF(Ci), Then check M 1 *=M1 if it is true, if so, indicate that the user authenticates the foggy node. User computing session key/> Updating temporary identity/>Calculation/>Generating a temporary interaction number n 3 and a current timestamp T 3, calculating The Q 4,Q5,M2,T3 is passed to the foggy node.
Step 4, after the fog node receives the message, checking whether the I T 3 *-T3|≤ΔT3 is satisfied, wherein the delta T 3 is the maximum transmission delay before the user and the fog node, and if the condition is satisfied, calculating the fog node And then checking M 2 *=M2, if yes, indicating that the fog node authenticates the user, and updating the stored information corresponding to the user by the fog node when the authentication process is synchronous.
(2) The intelligent home equipment and the fog node mutually authenticate and generate a shared session key, and the process is as follows:
Step 1, the fog node searches TID s and C s according to the PID s sent by the user. Fog node creates a new random challenge New temporary identity/>Temporary interaction number n 2 and current timestamp T 2.
Calculation of
The message { Q 6,Q7,Q10,M3,Cs,T4 } is then passed to the smart home device over the open channel.
Step 2, after receiving the message { Q 6,Q7,Q8,M3,Cs,T4 }, the smart home device first checks whether a condition |t 4 *-T4|≤ΔT4 is satisfied, wherein Δt 4 is the maximum transmission delay between the fog node and the smart home device, T 4 * is the time of receiving the message, and if the condition is satisfied, the smart home device calculates
Final calculation/>And compared to received M 3 if M 3 *=M3. This means that the smart home device successfully authenticates the foggy node. Intelligent household equipment according to/>Calculate new response/>Store new temporary identity/>And generates a temporary interaction number n 5 and a current timestamp T 5. Calculation/> The message Q 9,Q10,M4,T5 is then passed to the foggy node over the open channel.
Step 3, after the fog node receives the message { Q 9,Q10,M4,T5 }, firstly checking whether the condition |T 5 *-T5|≤ΔT5 is satisfied, wherein DeltaT 5 is the maximum transmission delay, if the condition is satisfied, calculating by the fog node Comparing M 4 * with the received M 4, if M 4 *=M4, this means that the foggy node successfully authenticates the smart home device and that they are synchronized. Then fog node computationAnd stores the message { TID s,PIDs,Cs,h(Rs) } sum
After the steps are executed, the user, the fog node and the intelligent household equipment can carry out safe communication.
As shown in fig. 3, the fog-assisted smart home three-party authentication system provided by the embodiment of the invention includes 4 entity modules:
Registration authority (Registration Authority, RA): for being responsible for registering the different entities in an offline and secure manner, which is a trusted server.
The user: the user uses the mobile equipment to register in the registration authority, and after logging in, the user uses the mobile equipment to mutually authenticate with the fog node, and the intelligent household equipment is controlled through the fog node.
Mist node: and adding a fog layer between the cloud and the intelligent household equipment to provide network connection, temporary storage and computing service.
Intelligent household equipment: the intelligent home equipment is firstly registered, and when the intelligent home equipment is accessed to the system, mutual authentication with corresponding fog nodes is needed, so that the legitimacy of the two parties is verified.
2. Application example. In order to prove the inventive and technical value of the technical solution of the present invention, this section is an application example on specific products or related technologies of the claim technical solution.
The technical scheme of the invention can be applied to the fog-assisted intelligent home system, a user sends an access control intelligent home equipment request on the mobile equipment terminal, corresponding operation is carried out on the intelligent home equipment through the fog node, and the user, the fog node and the intelligent home equipment can safely communicate with each other and have higher response speed. The fog-assisted intelligent home system creates a high-efficiency, convenient and comfortable living environment for users, so that the users enjoy high-quality life brought by modern technology. However, if communication security of the three parties cannot be ensured, user information will be revealed.
3. Evidence of the effect of the examples. The embodiment of the invention has a great advantage in the research and development or use process, and has the following description in combination with data, charts and the like of the test process.
The invention gives consideration to the safety and the authentication efficiency: in terms of security, the invention takes the characteristics of user anonymity, untraceability, key forward/backward confidentiality and the like, can resist various known attacks, and mainly comprises: the method can resist intelligent home equipment counterfeit attacks, foggy node counterfeit attacks, user counterfeit attacks, replay attacks, mobile equipment loss/theft attacks, intelligent home equipment captured attacks, foggy node destroyed attacks, privilege inner curtain attacks, desynchronization attacks, man-in-the-middle attacks and the like.
In terms of communication cost, the communication cost required by the invention is smaller. To facilitate comparison of the communication costs of the different systems, it is assumed that the hash value (assuming SHA-256 algorithm) is 256bits long, the challenge and response of the puf are both 128bits long, the temporary interaction number and the session key are 128bits long, the identity, the pseudo-identity and the temporary identity are 128bits long, the symmetric encryption/decryption is 128bits, and the timestamp is 32bits. The invention needs to transmit 5 messages and totally needs to transmit 4512bits. In other similar communication systems, the system of Jiang et al requires the cost of 4672bits.
The invention has great advantages in terms of calculation cost. To facilitate comparing the computational costs of different systems, the total operating time of all participants in the system to execute cryptographic primitives is used to evaluate the computational costs, let T h、Te、Tp、Tecc、Tmac、Thmac and T puf represent the operating time of the hash function, symmetric cipher encryption or decryption, symmetric polynomial, ECC point multiplication, MAC, hash MAC, and PUF, respectively. The existing experimental test data is used and T hmac≈Tmac≈Th, the individual cryptographic primitives approximate the operation time as shown in table 1.
TABLE 1 execution time of cryptographic primitives (Unit: ms)
In the invention, the execution time of the mobile equipment is 9T h+3Tpuf approximately 0.672ms, the execution time of the fog node is 12T h approximately 0.444ms, and the execution time of the intelligent home equipment is 5T h+1Tpuf approximately 7.123ms. The total computation cost required by the invention is 8.239ms. Table 2 shows the results of a comparison of the present invention with other prior art mainstream methods [1-6 ].
Table 2 calculates cost contrast (Unit: ms)
Note that: [1] the [2] [3] [4] [5] [6] is the method of Gupta et al, wazid et al, jiang et al, naoui et al, kim-Kim et al, santoso-Vun et al, respectively
It should be noted that the embodiments of the present invention can be realized in hardware, software, or a combination of software and hardware. The hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or special purpose design hardware. Those of ordinary skill in the art will appreciate that the apparatus and methods described above may be implemented using computer executable instructions and/or embodied in processor control code, such as provided on a carrier medium such as a magnetic disk, CD or DVD-ROM, a programmable memory such as read only memory (firmware), or a data carrier such as an optical or electronic signal carrier. The device of the present invention and its modules may be implemented by hardware circuitry, such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, etc., or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., as well as software executed by various types of processors, or by a combination of the above hardware circuitry and software, such as firmware.
The foregoing is merely illustrative of specific embodiments of the present invention, and the scope of the invention is not limited thereto, but any modifications, equivalents, improvements and alternatives falling within the spirit and principles of the present invention will be apparent to those skilled in the art within the scope of the present invention.
Claims (5)
1. The fog-assisted smart home three-party authentication method is characterized by comprising a registration stage and an authentication stage; the registration stage is to register for the intelligent home and the user by a registration authority; the authentication stage is mutual authentication among the intelligent home, the fog node and the user; in the authentication stage, the mutual identity between the user and the fog node is verified, and the remote user accesses the intelligent household equipment through the fog node; establishing a mutual authentication process of connection between the fog node and the intelligent home equipment;
The fog-assisted smart home three-party authentication method comprises the following steps:
the method comprises the steps of firstly, registering an intelligent household device and registering a user; when new intelligent household equipment is deployed, registering by a registration authority; the user registers through the mobile device;
Step two, an authentication stage comprises mutual authentication between a user and the fog node, and accessing intelligent household equipment through the fog node; establishing mutual authentication of connection between the intelligent home equipment and the fog node;
the smart home device registration in the first step includes:
(1) The registration authority RA selects a unique identity ID s for the intelligent home device, generates a random challenge C s, and transmits { ID s,Ns } to the intelligent home device through a secure channel;
(2) After the smart home device receives the challenge C s, calculating a response R s=PUF(Cs) and sending the response R s=PUF(Cs) to the RA;
(3) After receiving R s, RA selects a temporary identity TID s for the intelligent home equipment and calculates a pseudo identity PID s=h(IDs I K; where K is the key of RA, calculate h (R s); RA transmits the parameter { TID s,PIDs,Cs,h(Rs) } of the intelligent household equipment to the corresponding fog node for storage through a secure channel, and transmits { TID s } to the intelligent household equipment through the secure channel;
(4) After receiving the information { TID s }, the intelligent household equipment updates the information { TID s old=null,TIDs new=TIDs } and stores the information { TID s old=null,TIDs new=TIDs };
the user registration in step one includes:
(1) User U i selects identity ID i and sends a registration request { Req i } to a registration authority RA;
(2) RA receives the request Req i, generates a random challenge C i, and communicates C i to the user over the secure channel;
(3) After receiving { C i }, the user calculates R i=PUF(Ci by using the PUF embedded in the mobile device and transmits { R i } to RA through the secure channel;
(4) After RA receives the message { R i } transmitted by user, selecting temporary identity TID i for user, calculating h (R i); transmitting the message { TID i,Ci,h(Ri) } to the foggy node for storage, and transmitting { TID i } to the user through the secure channel;
(5) After receiving { TID i }, the mobile device of the user requests the user to set a password PW i and inputs a fingerprint F i; mobile device computing G i=PUF(Fi), generate a random number z i, and compute a pseudo-identity PID i=h(IDi||zi for the user); mobile device computing HPWi=h(PWi||Gi||zi),Yi=zi⊕h(IDi||PWi||Fi),PIDi *=PIDi⊕HPWi; computes authentication message a i=h(PIDi||HPWi||zi), and sends the message Stored in a mobile device, whereinRepresenting the new and old temporary identities of the user;
wherein updating the password and the fingerprint by the user comprises:
1) Password update 1: the mobile device informs the user to enter the old identity ID i and the old fingerprint PW i;
2) Password update 2: the mobile device calculates Gi=PUF(Fi),zi=Yi⊕h(IDi||PWi||Fi),HPWi=h(PWi||Gi||zi),PIDi=PIDi*⊕HPWi,Ai *=h(PIDi||HPWi||zi), and checks if a i *=Ai are equal; if the two are equal to each other, then the next operation is continued; otherwise, immediately stopping the password updating request;
3) Password update 3: user input new password and fingerprint, mobile device calculation Mobile device stores updated information/>
In the second step, after the user logs in successfully, the user and the fog node mutually authenticate and generate a session key for keeping secret the subsequent communication between the user and the fog node, which comprises the following steps:
(1) The user inputs an identity ID i, a password PW i and a fingerprint F i on the mobile device, the mobile device calculates Gi=PUF(Fi),HPWi=h(PWi||Gi||zi),zi=Yi⊕h(IDi||PWi||Fi),PIDi=PIDi *⊕HPWi; an authentication message A i *=h(PIDi||HPWi||zi and compares it with A i stored in the mobile device, if equal, the user login is successful; the mobile device generates a temporary interaction number n 1 and a current timestamp T 1, and a user selects intelligent home equipment to be accessed and transmits a message { TID i,PIDs,n1,T1 } to the fog node through an open channel;
(2) After the foggy node receives the message { TID i,PIDs,n1,T1 }, checking whether the condition |t 1 *-T1|≤ΔT1 is satisfied, wherein Δt 1 is the maximum transmission delay before the user and the foggy node, and T 1 * is the time when the foggy node receives the message; if the condition is satisfied, the fog node generates a temporary interaction number n 2, a timestamp T 2, and a new challenge value And new temporary identity/>Calculate Q 1=n2⊕h(TIDi||h(Ri)||n1||T1||T2)/> Transmitting the message { Q 1,Q2,Q3,M1,Ci,T2, SK } to the intelligent household equipment through an open channel;
(3) After the user receives the message { Q 1,Q2,Q3,M1,Ci,T2, SK }, checking if the condition |t 2 *-T2|≤ΔT2 is true, where Δt 2 is the maximum transmission delay before the user and the foggy node; if the condition is satisfied, the user calculates Ri=PUF(Ci),n2=Q1⊕h(TIDi||h(Ri)||n1||T1||T2), Checking whether M 1 *=M1 is met, if so, indicating that the user authenticates the fog node; user computing session key/> Updating temporary identity/>Calculation/>Generating a temporary interaction number n 3 and a current timestamp T 3; calculation of And transmitting { Q 4,Q5,M2,T3 } to the foggy node;
(4) After the foggy node receives the message, checking whether |T 3 *-T3|≤ΔT3 is true, wherein DeltaT 3 is the maximum transmission delay before the user and the foggy node; if the condition is satisfied, foggy node computation Checking M 2 *=M2, if so, indicating that the fog node authenticates the user, and synchronously updating the storage information corresponding to the user by the fog node;
In the second step, the intelligent home equipment and the fog node mutually authenticate and generate a shared session key, and the process is as follows:
(1) The fog node searches TID s and C s according to PID s sent by the user; fog node creates new random challenges New temporary identity/>A temporary interaction number n 2 and a current timestamp T 2; calculate Q 6=n4⊕h(TIDs||h(Rs)||n4||T4), Transmitting the message { Q 6,Q7,Q10,M3,Cs,T4 } to the intelligent household equipment through an open channel;
(2) After receiving the message { Q 6,Q7,Q8,M3,Cs,T4 }, the smart home device checks whether a condition |t 4 *-T4|≤ΔT4 is satisfied, where Δt 4 is the maximum transmission delay between the mist node and the smart home device, and T 4 * is the time when the message is received; if the condition is satisfied, the smart home device calculates n 4=Q6⊕h(TIDs||h(Rs)||n4||T4), Calculation/> And compared to the received M 3; if M 3 *=M3 is detected, the intelligent home equipment successfully authenticates the fog node; intelligent household equipment according to/>Calculate new response/>Store new temporary identity/>And generates a temporary interaction number n 5 and a current timestamp T 5; calculation/> And transmitting the message { Q 9,Q10,M4,T5 } to the foggy node over the open channel;
(3) After the foggy node receives the message { Q 9,Q10,M4,T5 }, it checks if the condition |t 5 *-T5|≤ΔT5 is met, where Δt 5 is the maximum transmission delay, if the condition is met, the foggy node calculates Comparing M 4 * with the received M 4, if M 4 *=M4, successfully authenticating the intelligent home equipment by the fog node, and synchronizing; fog node computation/> And stores the messages TID s,PIDs,Cs,h(Rs and/>
2. The fog-assisted smart home three-party authentication method of claim 1, further comprising:
After the user successfully logs in, an authentication request is initiated to the fog node; the fog node checks the freshness of the message and authenticates the user; after authentication is successful, the fog node initiates an authentication request to a user; the user checks the freshness of the message and authenticates the fog node; after successful authentication, a session key is generated, and a user initiates a request for controlling intelligent household equipment; the fog node initiates an authentication request to the intelligent home equipment according to the authentication request sent by the user for controlling the intelligent home equipment; the intelligent home equipment checks the freshness of the message and authenticates the fog node; after successful authentication, initiating an authentication request to the fog node; the fog node checks the freshness of the message and authenticates the intelligent household equipment; and after the authentication is successful, a secure communication key is generated between the fog node and the intelligent home equipment and is used for secure communication.
3. A fog-assisted smart home three-party authentication system applying the fog-assisted smart home three-party authentication method as claimed in any one of claims 1 to 2, characterized in that the fog-assisted smart home three-party authentication system comprises:
a registration authority, a trusted server, responsible for registering different entities in an offline and secure manner;
the user is used for registering by using the mobile equipment at the registration authority, and after logging in, the intelligent household equipment is controlled by using the mobile equipment and the fog node to authenticate each other;
The cloud node is used for adding a fog layer between the cloud and the intelligent home equipment, providing network connection, and temporarily storing and calculating service;
The intelligent home equipment is used for registering, and mutually authenticating with the corresponding fog node after the intelligent home equipment is accessed to the system, so as to verify the legitimacy of the two parties.
4. A computer device comprising a memory and a processor, the memory storing a computer program that, when executed by the processor, causes the processor to perform the steps of the mist-assisted smart home three-way authentication method of any one of claims 1 to 2.
5. An information data processing terminal, wherein the information data processing terminal is used for realizing the fog-assisted smart home three-party authentication system according to claim 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310099781.3A CN116074091B (en) | 2023-02-06 | 2023-02-06 | Mist-assisted intelligent home three-party authentication system, method, equipment and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310099781.3A CN116074091B (en) | 2023-02-06 | 2023-02-06 | Mist-assisted intelligent home three-party authentication system, method, equipment and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116074091A CN116074091A (en) | 2023-05-05 |
| CN116074091B true CN116074091B (en) | 2024-05-14 |
Family
ID=86174724
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310099781.3A Active CN116074091B (en) | 2023-02-06 | 2023-02-06 | Mist-assisted intelligent home three-party authentication system, method, equipment and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116074091B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113364584A (en) * | 2021-06-04 | 2021-09-07 | 华中师范大学 | Internet of things equipment and fog node authentication system and method |
| CN114143062A (en) * | 2021-11-25 | 2022-03-04 | 中南财经政法大学 | Block chain-based security authentication system, method, terminal and medium for fog computing environment |
| CN114143343A (en) * | 2021-11-25 | 2022-03-04 | 中南财经政法大学 | Remote access control system, control method, terminal and medium in fog computing environment |
| CN115021958A (en) * | 2022-04-21 | 2022-09-06 | 华中师范大学 | Intelligent home identity authentication method and system based on fog calculation and block chain fusion |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10104545B2 (en) * | 2016-11-02 | 2018-10-16 | National Chin-Yi University Of Technology | Computer-implemented anonymity authentication method for wireless sensor networks |
| US10790995B2 (en) * | 2018-06-28 | 2020-09-29 | Intel Corporation | Oracle authentication using multiple memory PUFs |
-
2023
- 2023-02-06 CN CN202310099781.3A patent/CN116074091B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113364584A (en) * | 2021-06-04 | 2021-09-07 | 华中师范大学 | Internet of things equipment and fog node authentication system and method |
| CN114143062A (en) * | 2021-11-25 | 2022-03-04 | 中南财经政法大学 | Block chain-based security authentication system, method, terminal and medium for fog computing environment |
| CN114143343A (en) * | 2021-11-25 | 2022-03-04 | 中南财经政法大学 | Remote access control system, control method, terminal and medium in fog computing environment |
| CN115021958A (en) * | 2022-04-21 | 2022-09-06 | 华中师范大学 | Intelligent home identity authentication method and system based on fog calculation and block chain fusion |
Non-Patent Citations (2)
| Title |
|---|
| 一种改进的智能卡远程用户匿名认证方案;刘润杰;刘恒超;申金媛;;计算机工程与科学;20160315(03);全文 * |
| 基于雾计算的物联网基础安全架构;李昕;杨波;;黄山学院学报;20171020(05);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116074091A (en) | 2023-05-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Wu et al. | An authenticated key exchange protocol for multi-server architecture in 5G networks | |
| Ying et al. | Anonymous and lightweight authentication for secure vehicular networks | |
| Yu et al. | IoV-SMAP: Secure and efficient message authentication protocol for IoV in smart city environment | |
| Yu et al. | SLAP-IoD: Secure and lightweight authentication protocol using physical unclonable functions for internet of drones in smart city environments | |
| Vaidya et al. | Robust one-time password authentication scheme using smart card for home network environment | |
| Yu et al. | Lightweight three-factor-based privacy-preserving authentication scheme for iot-enabled smart homes | |
| CN110234111B (en) | Two-factor authentication key agreement protocol suitable for multi-gateway wireless sensor network | |
| Hussain et al. | Designing secure and lightweight user access to drone for smart city surveillance | |
| CN113115307B (en) | Two-factor identity authentication method oriented to smart home scene | |
| Chattaraj et al. | A new two-server authentication and key agreement protocol for accessing secure cloud services | |
| Guo et al. | SecFHome: Secure remote authentication in fog-enabled smart home environment | |
| Wang et al. | A secure and efficient multiserver authentication and key agreement protocol for internet of vehicles | |
| CN113079132B (en) | Mass Internet of things equipment authentication method, storage medium and information data processing terminal | |
| CN114143343B (en) | Remote access control system, control method, terminal and medium in fog computing environment | |
| Fan et al. | Complete EAP method: User efficient and forward secure authentication protocol for IEEE 802.11 wireless LANs | |
| CN113572765B (en) | Lightweight identity authentication key negotiation method for resource-limited terminal | |
| Nyangaresi | Lightweight key agreement and authentication protocol for smart homes | |
| WO2023236551A1 (en) | Decentralized trusted access method for cellular base station | |
| CN107231353B (en) | Binary tree-based batch authentication method in smart power grid | |
| CN116074019A (en) | Identity authentication method, system and medium between mobile client and server | |
| CN116388995A (en) | Lightweight smart grid authentication method based on PUF | |
| CN111817850A (en) | Anonymous group authentication method based on industrial Internet of things | |
| Ayub et al. | Secure consumer-centric demand response management in resilient smart grid as industry 5.0 application with blockchain-based authentication | |
| Guo et al. | Bsra: Blockchain-based secure remote authentication scheme for the fog-enabled internet of things | |
| Karmakar et al. | A PUF and Fuzzy Extractor-Based UAV-Ground Station and UAV-UAV authentication mechanism with intelligent adaptation of secure sessions |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |