CN117155710A - Industrial Internet of things certificateless grid authentication key negotiation method and system - Google Patents

Industrial Internet of things certificateless grid authentication key negotiation method and system Download PDF

Info

Publication number
CN117155710A
CN117155710A CN202311417274.6A CN202311417274A CN117155710A CN 117155710 A CN117155710 A CN 117155710A CN 202311417274 A CN202311417274 A CN 202311417274A CN 117155710 A CN117155710 A CN 117155710A
Authority
CN
China
Prior art keywords
key
equipment
column vector
public
negotiation information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202311417274.6A
Other languages
Chinese (zh)
Other versions
CN117155710B (en
Inventor
谭作文
焦金涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangxi University of Finance and Economics
Original Assignee
Jiangxi University of Finance and Economics
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangxi University of Finance and Economics filed Critical Jiangxi University of Finance and Economics
Priority to CN202311417274.6A priority Critical patent/CN117155710B/en
Publication of CN117155710A publication Critical patent/CN117155710A/en
Application granted granted Critical
Publication of CN117155710B publication Critical patent/CN117155710B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/50Safety; Security of things, users, data or systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a method and a system for negotiating a certification-free grid authentication key of an industrial Internet of things, wherein the method comprises the following steps: in the setting stage, the key generation center generates public parameters by using given security parameters according to the requirement of solving the problem of non-homogeneous small integer on the grid, and generates a main public-private key pair; in the key generation stage, the equipment selects a secret value, then a key generation center extracts part of private keys for the equipment, and finally a public-private key pair of the equipment is formed; in the key negotiation stage, two devices complete authentication through two rounds of interaction and negotiate to generate a session key. The invention solves the security problems of certificate management and key escrow based on a certificateless password, and simultaneously the invention is a certification key negotiation scheme of a base Yu Ge password, and the problem of solving difficulty of non-homogeneous small integers on the lattice ensures the security of the scheme, so that the scheme can effectively resist quantum attack, is convenient for establishing a secure and secret channel between industrial Internet of things equipment, and prevents information from being leaked in the transmission process.

Description

Industrial Internet of things certificateless grid authentication key negotiation method and system
Technical Field
The invention relates to the technical field of industrial Internet of things authentication key negotiation, in particular to a method and a system for industrial Internet of things non-certificate grid authentication key negotiation.
Background
Devices on the network typically transmit data over a common channel, and these data are easily intercepted or tampered with, resulting in information leakage. Therefore, when transmitting data on a common channel, a secure channel must be established between the two parties. The authentication key negotiation mechanism based on the asymmetric cipher can generate a session key, and the generated session key can be used for establishing a secure secret channel, so that the security of data transmission of both communication parties is effectively protected.
In 1976 Diffie and Hellman originally proposed a key agreement protocol. However, their designed protocols cannot verify the legitimacy of the identity of the two parties of the key agreement. Many scholars have thereafter proposed improved authentication key agreement protocols. In recent years, mahboost et al designed a certificate-based authentication key agreement for smart grid devices, kumar et al designed an identity-based authentication key agreement for smart wearable devices in a wireless environment, nyangaresi et al designed a three-factor authentication key agreement. However, the certificate-based authentication key agreement protocol involves certificate management, which causes large computing, transmission and storage overhead, and is not suitable for resource-constrained devices in the industrial internet of things environment; the key generation center is required to generate a private key for the device, which brings about security problems such as key escrow. For this reason, many scholars such as Goya and Bala have designed a certification-free password to solve the problems of certificate management and key escrow.
In order to address the security threat posed by quantum computers, people have introduced lattice passwords in authentication key agreement mechanisms. The lattice cipher is one kind of public key cipher system resisting quantum computing attack and has higher safety than cipher based on number theory. Gupta et al designed an authentication key agreement protocol based on identity and lattice difficult problems for devices in the Internet of vehicles, islam et al designed an authentication multi-key agreement protocol based on lattice difficult problems.
The certificate-free authentication key negotiation mechanisms are all based on number theory passwords, so that threat brought by a quantum computer cannot be effectively resisted; the authentication key negotiation protocols based on the difficult problem are all based on certificates or identity passwords, and have the problems of certificate management, key escrow and the like.
Disclosure of Invention
In view of the above situation, the main purpose of the present invention is to provide a method and a system for negotiating a certification-free grid-based authentication key of an industrial internet of things, which ensure the security of a scheme by means of a non-homogeneous small integer solution problem on the grid so as to solve the above technical problems.
The invention provides a method for negotiating a certification-free grid authentication key of an industrial Internet of things, which comprises the following steps:
step 1: given a security parameter, a key generation center generates a public parameter by using the security parameter according to the requirement of solving the problem of non-homogeneous small integers on the grid, and calculates a main public-private key pair by using the public parameter;
step 2: the first equipment and the second equipment respectively select secret values for the first equipment and the second equipment, calculate the secret values, and send the calculation results of the identity information and the secret values to the key generation center;
step 3: the key generation center selects partial private keys for the first equipment and the second equipment respectively, and sends the partial private keys back to the first equipment and the second equipment respectively;
step 4: the first equipment and the second equipment verify the correctness of part of private keys sent back by the key generation center and combine the correctness with the secret value and the calculation result of the secret value to respectively generate public and private key pairs of the first equipment and the second equipment;
step 5: the first equipment randomly selects a column vector, calculates first key negotiation information according to the public parameters, and sends the first key negotiation information to the second equipment;
step 6: the second equipment checks the correctness of the received first key negotiation information, randomly selects a column vector, calculates second key negotiation information according to the public parameters and sends the second key negotiation information to the first equipment, and calculates a session key according to the first key negotiation information and the second key negotiation information;
step 7: the first device checks the correctness of the received second key negotiation information, and calculates a session key according to the first key negotiation information and the second key negotiation information.
An industrial internet of things certificateless grid authentication key agreement system, the system applying the above method, the system comprising:
the parameter setting module is used for:
given security parameters, a key generation center generates public parameters according to the requirement of solving the problem of non-homogeneous small integer on a grid, and calculates a main public-private key pair by using the public parameters;
a key generation module for:
the first equipment and the second equipment respectively select secret values for the first equipment and the second equipment, calculate the secret values, and send the calculation results of the identity information and the secret values to the key generation center;
the key generation center selects partial private keys for the first equipment and the second equipment respectively, and sends the partial private keys back to the first equipment and the second equipment respectively;
the first equipment and the second equipment verify the correctness of part of private keys sent back by the key generation center and combine the correctness with the secret value and the calculation result of the secret value to respectively generate public and private key pairs of the first equipment and the second equipment;
a key negotiation module, configured to:
the first equipment randomly selects a column vector, calculates first key negotiation information according to the public parameters, and sends the first key negotiation information to the second equipment;
the second equipment checks the correctness of the received first key negotiation information, randomly selects a column vector, calculates second key negotiation information according to the public parameters and sends the second key negotiation information to the first equipment, and calculates a session key according to the first key negotiation information and the second key negotiation information;
the first device checks the correctness of the received second key negotiation information, and calculates a session key according to the first key negotiation information and the second key negotiation information.
The invention solves the security problems of certificate management and key escrow based on the non-uniform small integer solution problem on the basis of the non-certificate password, and simultaneously, the invention is a certificate key negotiation scheme based on the non-uniform small integer solution problem on the grid, can effectively resist quantum attack, is convenient for establishing a security channel between industrial Internet of things equipment, and prevents information from being revealed in the transmission process.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
FIG. 1 is a flow chart of a method for negotiating a certification-free grid authentication key of an industrial Internet of things;
fig. 2 is a schematic structural diagram of an industrial internet of things certificateless lattice-based authentication key agreement system according to the present invention;
FIG. 3 is a graph showing statistics of the execution efficiency of the present invention.
Detailed Description
Embodiments of the present invention are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative only and are not to be construed as limiting the invention.
These and other aspects of embodiments of the invention will be apparent from and elucidated with reference to the description and drawings described hereinafter. In the description and drawings, particular implementations of embodiments of the invention are disclosed in detail as being indicative of some of the ways in which the principles of embodiments of the invention may be employed, but it is understood that the scope of the embodiments of the invention is not limited correspondingly.
Referring to fig. 1, an embodiment of the present invention provides a method for negotiating a certification-free lattice authentication key of an industrial internet of things, which includes the following steps:
step 1: given a safety parameter, a key generation center solves the difficult requirement according to the non-homogeneous small integer solution problem on the grid, generates a public parameter by using the safety parameter, and calculates a main public-private key pair by using the public parameter;
the specific steps of the scheme are as follows:
according to given security parametersAn approximation is calculated and the result is obtained,the approximation calculation process has the following relation:
wherein,representing an approximation, ++>Representing a polynomial function;
selecting a prime number according to the calculated approximate value, wherein the prime number selection process has the following relation:
wherein,representing prime numbers, & lt & gt>Representing a non-progressive tense lower bound, +.>Represent logarithms;
an integer is selected according to prime numbers, and the integer selection process has the following relation:
wherein,represents an integer;
selecting one according to prime numbers and integersSize +.>Order matrix->And column vector->So that->Wherein->Order matrix->Column vector->
According toOrder matrix->Column vector->And prime number->The main public key is calculated, and the main public key calculation process has the following relation:
wherein,representing the master public key->Representing a transpose operation->Representing modular operation;
three different hash functions are selected, and the three hash function selection processes have the following relational expression:
wherein,、/>and->Respectively three different hash functions, < ->Acceptable inputs are a bit string consisting of 0, 1 of arbitrary length and 3 +.>Element composition of->Acceptable inputs consist of 2 segments of bit strings of arbitrary length 0, 1 and 5 +.>Element composition of->Acceptable inputs are made of 10 +.>Elements of (3->Element composition of->、/>And->All map inputs to +.>In (I)>Representation->N-dimensional column vector on->An integer multiplication loop group representing the q-1 order;
will beAs master private key, will +.>As a public parameter.
Step 2: the first equipment and the second equipment respectively select secret values for the first equipment and the second equipment, calculate the secret values, and send the calculation results of the identity information and the secret values to the key generation center;
the specific steps of the scheme are as follows:
the first device randomly selects a column vectorColumn vector->
According to the selected column vector、/>Order matrix->And prime number->Calculating a second partial public key of the first device, wherein the second partial public key calculation process of the first device has the following relation:
wherein,a second partial public key representing the first device;
public key the second part of the first deviceAnd identity information of the first device itself +.>Sending the information to a key generation center;
the second device randomly selects a column vectorColumn vector->
According to the selected column vector、/>Order matrix->And prime number->Calculating a second partial public key of the second device, wherein the second partial public key calculation process of the second device has the following relation:
wherein,representing a second partial public key of the second device;
public key of the second part of the second deviceAnd identity information of the second device itself +.>And sending the result to a key generation center.
Step 3: the key generation center selects partial private keys for the first equipment and the second equipment respectively, and sends the partial private keys back to the first equipment and the second equipment respectively;
the specific steps of the scheme are as follows:
the key generation center selects random column vectorsColumn vector->
According to the selected column vectorThe first part public key of the first device is calculated, and the first part public key calculation process of the first device has the following relation:
wherein,a first portion public key representing a first device;
according to the selected column vectorThe first partial private key of the first device is calculated, and the first partial private key calculation process of the first device has the following relation:
wherein,a first partial private key representing a first device,/->Representing a hash function +.>Identity information about the first device itself +.>First partial public key of first device +.>Second partial public key of the first device +.>And main public key->Is used for the function value of (2),the relation is as follows:
combining the first partial private key of the first device and the first partial public key of the first device as the partial private keySend back to the first device;
the key generation center selects random column vectorsColumn vector->
According to the selected column vectorCalculating a first part of public key of the second device, wherein the first part of public key calculation process of the second device has the following relation:
wherein,representing a first partial public key of a second device;
according to the selected column vectorCalculating a first partial private key of the second device, wherein the first partial private key calculation process of the second device has the following relation:
wherein,a first partial private key representing a second device,/->Representing a hash function +.>Identity information about the second device itself +.>First partial public key of second device +.>Second partial public key of second device +.>And main public key->Function value of->The relation is as follows:
combining the first partial private key of the second device and the first partial public key of the second device as a partial private keyAnd back to the second device.
Step 4: the first equipment and the second equipment verify the correctness of part of private keys sent back by the key generation center and combine the correctness with the secret value and the calculation result of the secret value to respectively generate public and private key pairs of the first equipment and the second equipment;
the specific steps of the scheme are as follows:
the first device verifies the correctness of the partial private key sent back by the key generation center, and the verification process has the following relation:
after the verification is passed, the methodPrivate key as first device +.>Will->Public key as first device +.>
The second device verifies the correctness of the partial private key sent back by the key generation center, and the verification process has the following relation:
will bePrivate key as second device +.>Will->Public key as second device +.>
Step 5: the first equipment randomly selects a column vector, calculates first key negotiation information according to the public parameters, and sends the first key negotiation information to the second equipment;
the specific steps of the scheme are as follows:
randomly selecting column vectorsColumn vector->And column vector->,/>So that->
Respectively to column vectorsColumn vector->And column vector->Performing operation, column vector->The following relation exists in the operation process of (a):
wherein,representation->And->Pair->Calculating a modular operation result;
column vectorThe following relation exists in the operation process of (a):
wherein,representation->And->Pair->Calculating a modular operation result;
column vectorThe following relation exists in the operation process of (a):
wherein,representation->And->Pair->Calculating a modular operation result;
according to column vectorsColumn vector->And column vector->The operation result of the first device calculates the signature information of the first device, and the calculation process of the signature information of the first device has the following relation:
wherein,a timestamp representing the first device;
will beAs first key negotiation information, and second key negotiation information and a time stamp +.>To the second device.
Step 6: the second equipment checks the correctness of the received first key negotiation information, randomly selects a column vector, calculates second key negotiation information according to the public parameters and sends the second key negotiation information to the first equipment, and calculates a session key according to the first key negotiation information and the second key negotiation information;
the specific steps of the scheme are as follows:
the second device checks the received first key agreement information and the time stampIf the verification is passed, continuing the next step, otherwise ending the key negotiation process, the second device verifying the received first key negotiation information and the time stamp +.>The correctness procedure of (2) has the following relation:
wherein,representing a hash function +.>About->、/>、/>、/>、/>、/>And->Function value of->The calculation process has the following relation:
randomly selecting column vectorsColumn vector->And column vector->,/>So that->
Respectively to column vectorsColumn vector->And column vector->Performing operation, column vector->The following relation exists in the operation process of (a):
wherein,representation->And->Pair->Calculating a modular operation result;
column vectorThe following relation exists in the operation process of (a):
wherein,representation->And->After multiplication->Calculating a modular operation result;
column vectorThe following relation exists in the operation process of (a):
wherein,representation->And->Pair->Calculating a modular operation result;
according to column vectorsColumn vector->And column vector->The operation result of the (a) calculates the signature information of the second device, and the calculation process of the signature information of the second device has the following relation:
wherein,a timestamp representing the second device;
will beAs second key negotiation information, and second key negotiation information and a time stamp +.>Transmitting to the first device;
the second device calculates a session key according to the received first key negotiation information and second key negotiation information, and the session key calculation process has the following relation:
wherein,representation->And->The result of multiplication->Representation->And->The result of multiplication->Public key and +.>Multiplying with the private key of the second device and +.>Summation of multiplication results->Representing a negotiation of a resulting session key by the second device and the first device;
the calculation process of (2) has the following relation:
the calculation process of (2) has the following relation:
the calculation process of (2) has the following relation:
step 7: the first device checks the correctness of the received second key negotiation information, and calculates a session key according to the first key negotiation information and the second key negotiation information.
The specific steps of the scheme are as follows:
the first device checks the received second key agreement information and the time stampIf the verification is passed, continuing the next step, otherwise ending the key negotiation process, the first device verifies the received second key negotiation information and the timestamp +.>The correctness procedure of (2) has the following relation:
wherein,hash function +.>About->、/>、/>、/>、/>、/>And->Function value of->The calculation process has the following relation:
the first device calculates a session key according to the received first key negotiation information and second key negotiation information, and the session key calculation process has the following relation:
wherein,watch->And->The result of multiplication, < >>Representation->And->The result of multiplication->Public key and +.>Multiplying with the private key of the first device and +.>Summation of multiplication results->Representing a negotiation of a resulting session key by the first device and the second device;
the calculation process of (2) has the following relation:
the calculation process of (2) has the following relation:
the calculation process of (2) has the following relation:
referring to fig. 2, the present embodiment provides an industrial internet of things certificateless grid authentication key agreement system, where the system applies the above method for industrial internet of things certificateless grid authentication key agreement, and the system includes:
the parameter setting module is used for:
given security parameters, a key generation center generates public parameters according to the requirement of solving the problem of non-homogeneous small integer on a grid, and calculates a main public-private key pair by using the public parameters;
a key generation module for:
the first equipment and the second equipment respectively select secret values for the first equipment and the second equipment, calculate the secret values, and send the calculation results of the identity information and the secret values to the key generation center;
the key generation center selects partial private keys for the first equipment and the second equipment respectively, and sends the partial private keys back to the first equipment and the second equipment respectively;
the first equipment and the second equipment verify the correctness of part of private keys sent back by the key generation center and combine the correctness with the secret value and the calculation result of the secret value to respectively generate public and private key pairs of the first equipment and the second equipment;
a key negotiation module, configured to:
the first equipment randomly selects a column vector, calculates first key negotiation information according to the public parameters, and sends the first key negotiation information to the second equipment;
the second equipment checks the correctness of the received first key negotiation information, randomly selects a column vector, calculates second key negotiation information according to the public parameters and sends the second key negotiation information to the first equipment, and calculates a session key according to the first key negotiation information and the second key negotiation information;
the first device checks the correctness of the received second key negotiation information, and calculates a session key according to the first key negotiation information and the second key negotiation information.
Referring to fig. 3, in order to verify the validity of the present invention, statistics is performed on the execution efficiency of the overall process of the present invention, where the statistics of the key negotiation stage is that the calculation of the key negotiation party is time-consuming, and does not include the duration of waiting for a response. The experiment adopts Python programming, uses Numpy and PyCrypto libraries, the operating system is Windows7, and the operating hardware environment is CPU:1.8 GHz Intel (R) Core (TM) i7-8550U, memory: 16GB. As can be seen from fig. 3, the authentication key negotiation protocol provided by the invention does not involve complex operation in generating the public and private key pairs of the equipment, has higher efficiency and very short running time, and is suitable for some industrial internet of things equipment with limited resources.
Compared with the prior art, the invention has the following beneficial effects:
the invention is a certificate key negotiation scheme of the base Yu Ge cipher, which can resist quantum attack, and is safe and efficient. And the key generation center selects proper system public parameters according to the security parameters and discloses the system public parameters. The new equipment and the key generation center interact to jointly complete the generation of the public and private key pairs of the equipment. When two devices negotiate a session key, an initiator generates and sends negotiation information, a receiver calculates key negotiation information and the session key after authenticating the identity of the initiator, the key negotiation information is sent back to the initiator, and finally the initiator authenticates the identity of a receiver and calculates the session key. The invention does not need public key certificates, and avoids the problems of certificate management and key escrow. Meanwhile, the protocol only relates to addition and multiplication operations of matrixes and vectors, so that the operation efficiency is high, and the method is suitable for industrial Internet of things equipment with limited resources.
In the description of the present specification, a description referring to terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The foregoing examples illustrate only a few embodiments of the invention and are described in detail herein without thereby limiting the scope of the invention. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the invention, which are all within the scope of the invention. Accordingly, the scope of protection of the present invention is to be determined by the appended claims.

Claims (9)

1. The industrial Internet of things certificateless grid-based authentication key negotiation method is characterized by comprising the following steps of:
step 1: given a security parameter, a key generation center generates a public parameter by using the security parameter according to the requirement of solving the problem of non-homogeneous small integers on the grid, and calculates a main public-private key pair by using the public parameter;
step 2: the first equipment and the second equipment respectively select secret values for the first equipment and the second equipment, calculate the secret values, and send the calculation results of the identity information and the secret values to the key generation center;
step 3: the key generation center selects partial private keys for the first equipment and the second equipment respectively, and sends the partial private keys back to the first equipment and the second equipment respectively;
step 4: the first equipment and the second equipment verify the correctness of part of private keys sent back by the key generation center and combine the correctness with the secret value and the calculation result of the secret value to respectively generate public and private key pairs of the first equipment and the second equipment;
step 5: the first equipment randomly selects a column vector, calculates first key negotiation information according to the public parameters, and sends the first key negotiation information to the second equipment;
step 6: the second equipment checks the correctness of the received first key negotiation information, randomly selects a column vector, calculates second key negotiation information according to the public parameters and sends the second key negotiation information to the first equipment, and calculates a session key according to the first key negotiation information and the second key negotiation information;
step 7: the first device checks the correctness of the received second key negotiation information, and calculates a session key according to the first key negotiation information and the second key negotiation information.
2. The industrial internet of things certificateless grid-based authentication key agreement method according to claim 1, wherein in step 1, security parameters are givenThe key generation center generates public parameters by utilizing the safety parameters according to the requirement of solving the problem of non-homogeneous small integer on the grid, and the method for calculating the main public and private key pairs by utilizing the public parameters comprises the following specific steps:
according to given security parametersCalculating an approximation, wherein the approximation calculation process has the following relation:
wherein,representing an approximation, ++>Representing a polynomial function;
selecting a prime number according to the calculated approximate value, wherein the prime number selection process has the following relation:
wherein,representing prime numbers, & lt & gt>Representing a non-progressive tense lower bound, +.>Represent logarithms;
an integer is selected according to prime numbers, and the integer selection process has the following relation:
wherein,represents an integer;
selecting one according to prime numbers and integersSize +.>Order matrix->And column vector->So that->Wherein->Order matrixColumn vector->
According toOrder matrix->Column vector->And prime number->The main public key is calculated, and the main public key calculation process has the following relation:
wherein,representing the master public key->Representing a transpose operation->Representing modular operation;
three different hash functions are selected, and the three hash function selection processes have the following relational expression:
wherein,、/>and->Respectively three different hash functions, < ->Acceptable inputs are a bit string consisting of 0, 1 of arbitrary length and 3 +.>Element composition of->Acceptable input consists of 2 bit strings of arbitrary length 0, 1 and 5Element composition of->Acceptable inputs are made of 10 +.>Elements of (3->Element composition of->、/>And->All map inputs to +.>In (I)>Representation->N-dimensional column vector on->An integer multiplication loop group representing the q-1 order;
will beAs master private key, will +.>As a public parameter.
3. The method for negotiating the certification-free lattice-based authentication key of the industrial internet of things according to claim 2, wherein in the step 2, the first device and the second device respectively select secret values for themselves, perform calculation, and send the calculation results of the identity information and the secret values to the key generation center, the method specifically comprises the following steps:
the first device randomly selects a column vectorColumn vector->
According to the selected column vector、/>Order matrix->And prime number->Calculating a second partial public key of the first device, wherein the second partial public key calculation process of the first device has the following relation:
wherein,a second partial public key representing the first device;
public key the second part of the first deviceAnd identity information of the first device itself +.>Sending the information to a key generation center;
the second device randomly selects a column vectorColumn vector->
According to the selected column vector、/>Order matrix->And prime number->Calculating a second partial public key of the second device, wherein the second partial public key calculation process of the second device has the following relation:
wherein,representing a second partial public key of the second device;
public key of the second part of the second deviceAnd identity information of the second device itself +.>And sending the result to a key generation center.
4. The method for negotiating the certification-free lattice-based authentication key of the industrial internet of things according to claim 3, wherein in the step 3, the key generating center selects part of the private keys for the first device and the second device respectively, and sends the part of the private keys back to the first device and the second device respectively, the method comprising the following steps:
the key generation center selects random column vectorsColumn vector->
According to the selected column vectorThe first part public key of the first device is calculated, and the first part public key calculation process of the first device has the following relation:
wherein,a first portion public key representing a first device;
according to the selected column vectorThe first partial private key of the first device is calculated, and the first partial private key calculation process of the first device has the following relation:
wherein,a first partial private key representing a first device,/->Representing a hash function +.>Identity information about the first device itself +.>First partial public key of first device +.>Second partial public key of the first device +.>And main public key->Function value of->The relation is as follows:
combining the first partial private key of the first device and the first partial public key of the first device as the partial private keySend back to the first device;
the key generation center selects random column vectorsColumn vector->
According to the selected column vectorCalculating a first part of public key of the second device, wherein the first part of public key calculation process of the second device has the following relation:
wherein,representing a first partial public key of a second device;
according to the selected column vectorCalculating a first partial private key of the second device, wherein the first partial private key calculation process of the second device has the following relation:
wherein,a first partial private key representing a second device,/->Representing a hash function +.>Identity information about the second device itself +.>First partial public key of second device +.>Second partial public key of second device +.>And main public key->Function value of->The relation is as follows:
combining the first partial private key of the second device and the first partial public key of the second device as a partial private keyAnd back to the second device.
5. The method for negotiating the certification-free lattice-based authentication key of the internet of things according to claim 4, wherein in the step 4, the first device and the second device check the correctness of the partial private key sent back from the key generation center and combine the secret value and the calculation result of the secret value to generate the public-private key pair of the first device and the second device respectively, specifically comprising the following steps:
the first device verifies the correctness of the partial private key sent back by the key generation center, and the verification process has the following relation:
after the verification is passed, the methodPrivate key as first device +.>Will->Public key as first device +.>
The second device verifies the correctness of the partial private key sent back by the key generation center, and the verification process has the following relation:
will bePrivate key as second device +.>Will->Public key as second device +.>
6. The method for negotiating the certification-free lattice-based authentication key of the industrial internet of things according to claim 5, wherein in the step 5, the first device randomly selects a column vector, calculates first key negotiation information according to a common parameter, and transmits the first key negotiation information to the second device, the method specifically comprises the following steps:
randomly selecting column vectorsColumn vector->And column vector->,/>So that->
Respectively to column vectorsColumn vector->And column vector->Performing operation, column vector->The following relation exists in the operation process of (a):
wherein,representation->And->Pair->Calculating a modular operation result;
column vectorThe following relation exists in the operation process of (a):
wherein,representation->And->Pair->Calculating a modular operation result;
column vectorThe following relation exists in the operation process of (a):
wherein,representation->And->Pair->Calculating a modular operation result;
according to column vectorsColumn vector->And column vector->Calculation result calculation device of->Signature information of (a) device->The calculation process of the signature information of (a) has the following relation:
wherein,a timestamp representing the first device;
will beAs first key negotiation information, and the first key negotiation information and the time stamp +.>To the second device.
7. The method for negotiating the certification-free lattice-based authentication key of the industrial internet of things according to claim 6, wherein in the step 6, the second device checks the correctness of the received first key negotiation information, the second device randomly selects the column vector, calculates the second key negotiation information according to the common parameters and sends the second key negotiation information to the first device, and the method for calculating the session key according to the first key negotiation information and the second key negotiation information specifically comprises the following steps:
the second device checks the received first key agreement information and the time stampIf the verification is passed, continuing the next step, otherwise ending the key negotiation process, the second device verifying the received first key negotiation information and the time stamp +.>The correctness procedure of (2) has the following relation:
wherein,representing a hash function +.>About->、/>、/>、/>、/>And->Function value of->The calculation process has the following relation:
randomly selecting column vectorsColumn vector->And column vector->,/>So that->
Respectively to column vectorsColumn vector->And column vector->Performing operation, column vector->The following relation exists in the operation process of (a):
wherein,representation->And->Pair->Calculating a modular operation result;
column vectorThe following relation exists in the operation process of (a):
wherein,representation->And->After multiplication->Calculating a modular operation result;
column vectorThe following relation exists in the operation process of (a):
wherein,representation->And->Pair->Calculating a modular operation result;
according to column vectorsColumn vector->And column vector->The operation result of the (a) calculates the signature information of the second device, and the calculation process of the signature information of the second device has the following relation:
wherein,a timestamp representing the second device;
will beAs second key negotiation information, and second key negotiation information and a time stamp +.>Transmitting to the first device;
the second device calculates a session key according to the received first key negotiation information and second key negotiation information, and the session key calculation process has the following relation:
wherein,representation->And->The result of multiplication->Representation->And->The result of multiplication->Representing a public key of a first deviceMultiplying with the private key of the second device and +.>Summation of multiplication results->Representing a negotiation of a resulting session key by the second device and the first device;
the calculation process of (2) has the following relation:
the calculation process of (2) has the following relation:
the calculation process of (2) has the following relation:
8. the method for negotiating the certification-free lattice-based authentication key of the internet of things according to claim 7, wherein in the step 7, the first device checks the correctness of the received second key negotiation information, and the method for calculating the session key according to the first key negotiation information and the second key negotiation information specifically comprises the following steps:
the first device checks the received second key agreement information and the time stampIf the verification is passed, continuing the next step, otherwise ending the key negotiation process, the first device verifies the received second key negotiation information and the timestamp +.>The correctness procedure of (2) has the following relation:
wherein,hash function +.>About->、/>、/>、/>、/>、/>And->Function value of->The calculation process has the following relation:
the first device calculates a session key according to the received first key negotiation information and second key negotiation information, and the session key calculation process has the following relation:
wherein,watch->And->The result of multiplication, < >>Representation->And->The result of multiplication->Public key and +.>Multiplying with the private key of the first device and +.>Summation of multiplication results->Representing a negotiation of a resulting session key by the first device and the second device;
the calculation process of (2) has the following relation:
the calculation process of (2) has the following relation:
the calculation process of (2) has the following relation:
9. an industrial internet of things certificateless format authentication key agreement system, wherein the system applies a method of industrial internet of things certificateless format authentication key agreement according to any one of claims 1 to 8, the system comprising:
the parameter setting module is used for:
given security parameters, a key generation center generates public parameters according to the requirement of solving the problem of non-homogeneous small integer on a grid, and calculates a main public-private key pair by using the public parameters;
a key generation module for:
the first equipment and the second equipment respectively select secret values for the first equipment and the second equipment, calculate the secret values, and send the calculation results of the identity information and the secret values to the key generation center;
the key generation center selects partial private keys for the first equipment and the second equipment respectively, and sends the partial private keys back to the first equipment and the second equipment respectively;
the first equipment and the second equipment verify the correctness of part of private keys sent back by the key generation center and combine the correctness with the secret value and the calculation result of the secret value to respectively generate public and private key pairs of the first equipment and the second equipment;
a key negotiation module, configured to:
the first equipment randomly selects a column vector, calculates first key negotiation information according to the public parameters, and sends the first key negotiation information to the second equipment;
the second equipment checks the correctness of the received first key negotiation information, randomly selects a column vector, calculates second key negotiation information according to the public parameters and sends the second key negotiation information to the first equipment, and calculates a session key according to the first key negotiation information and the second key negotiation information;
the first device checks the correctness of the received second key negotiation information, and calculates a session key according to the first key negotiation information and the second key negotiation information.
CN202311417274.6A 2023-10-30 2023-10-30 Industrial Internet of things certificateless grid authentication key negotiation method and system Active CN117155710B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311417274.6A CN117155710B (en) 2023-10-30 2023-10-30 Industrial Internet of things certificateless grid authentication key negotiation method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311417274.6A CN117155710B (en) 2023-10-30 2023-10-30 Industrial Internet of things certificateless grid authentication key negotiation method and system

Publications (2)

Publication Number Publication Date
CN117155710A true CN117155710A (en) 2023-12-01
CN117155710B CN117155710B (en) 2024-01-26

Family

ID=88884788

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311417274.6A Active CN117155710B (en) 2023-10-30 2023-10-30 Industrial Internet of things certificateless grid authentication key negotiation method and system

Country Status (1)

Country Link
CN (1) CN117155710B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017202161A1 (en) * 2016-05-26 2017-11-30 中兴通讯股份有限公司 Certificateless two-party authenticated key agreement method, device, and data storage medium
WO2018044146A1 (en) * 2016-09-05 2018-03-08 Lg Electronics Inc. Lightweight and escrow-less authenticated key agreement for the internet of things
CN108234129A (en) * 2017-09-12 2018-06-29 北京电子科技学院 A kind of two-way authentication cryptographic key negotiation method and system based on lattice password
CN110176995A (en) * 2019-06-17 2019-08-27 西安邮电大学 Afterwards without certificate label decryption method on the lattice of quantum safety
CN114021165A (en) * 2021-10-29 2022-02-08 武汉大学 Partial private-public key pair construction method, authentication key negotiation method and system
CN114268439A (en) * 2021-12-16 2022-04-01 中原工学院 Identity-based authentication key negotiation method based on lattice
CN116599659A (en) * 2023-05-26 2023-08-15 重庆大学 Certificate-free identity authentication and key negotiation method and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017202161A1 (en) * 2016-05-26 2017-11-30 中兴通讯股份有限公司 Certificateless two-party authenticated key agreement method, device, and data storage medium
WO2018044146A1 (en) * 2016-09-05 2018-03-08 Lg Electronics Inc. Lightweight and escrow-less authenticated key agreement for the internet of things
CN108234129A (en) * 2017-09-12 2018-06-29 北京电子科技学院 A kind of two-way authentication cryptographic key negotiation method and system based on lattice password
CN110176995A (en) * 2019-06-17 2019-08-27 西安邮电大学 Afterwards without certificate label decryption method on the lattice of quantum safety
CN114021165A (en) * 2021-10-29 2022-02-08 武汉大学 Partial private-public key pair construction method, authentication key negotiation method and system
CN114268439A (en) * 2021-12-16 2022-04-01 中原工学院 Identity-based authentication key negotiation method based on lattice
CN116599659A (en) * 2023-05-26 2023-08-15 重庆大学 Certificate-free identity authentication and key negotiation method and system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
LUNZHI DENG: "Certificateless two-party authenticated key agreement scheme for smart grid", INFORMATION SCIENCES *
于璞: "针对5G网络中海量NB-IoT设备的快速认证与数据传输方案研究", 《中国优秀硕士学位论文全文数据库》 *

Also Published As

Publication number Publication date
CN117155710B (en) 2024-01-26

Similar Documents

Publication Publication Date Title
CN108111301B (en) Method and system for realizing SSH protocol based on post-quantum key exchange
Zeng et al. E-AUA: An efficient anonymous user authentication protocol for mobile IoT
WO2020087805A1 (en) Trusted authentication method employing two cryptographic values and chaotic encryption in measurement and control network
CN102026195B (en) One-time password (OTP) based mobile terminal identity authentication method and system
EP1847062B1 (en) Challenge-response signatures and secure diffie-hellman protocols
Islam et al. An improved three party authenticated key exchange protocol using hash function and elliptic curve cryptography for mobile-commerce environments
CN113301022B (en) Internet of things equipment identity security authentication method based on block chain and fog calculation
CN113300856B (en) Heterogeneous mixed signcryption method capable of proving safety
WO2015158172A1 (en) User identity identification card
CN102811224A (en) Method, device and system for implementation of SSL (secure socket layer)/TLS (transport layer security) connection
CN113612610B (en) Session key negotiation method
CN114826656A (en) Trusted data link transmission method and system
Huqing et al. Research on zero-knowledge proof protocol
CN113079132A (en) Mass Internet of things equipment authentication method, storage medium and information data processing terminal
CN112713995A (en) Dynamic communication key distribution method and device for terminal of Internet of things
CN116388995A (en) Lightweight smart grid authentication method based on PUF
Huang et al. A secure communication over wireless environments by using a data connection core
CN112380579A (en) Lattice-based forward security certificateless digital signature scheme
CN110048852B (en) Quantum communication service station digital signcryption method and system based on asymmetric key pool
CN117155710B (en) Industrial Internet of things certificateless grid authentication key negotiation method and system
Chakraborty et al. A pairing-free, one round identity based authenticated key exchange protocol secure against memory-scrapers
CN116192437A (en) Block chain and Signal protocol-based distribution network operation security access method and system
CN112423295B (en) Lightweight security authentication method and system based on block chain technology
CN109450641B (en) Access control method for high-end mold information management system
CN114386020A (en) Quick secondary identity authentication method and system based on quantum security

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant