基于PUF的低开销物联网安全通信方案
|
摘要
将物理不可克隆函数(Physical Unclonable Function,PUF)与椭圆曲线上的无证书公钥密码体制相结合,提出一种面向物联网的安全通信方案,在节点设备不存储任何秘密参数的情况下,实现设备间消息的安全传递.方案无需使用高计算复杂度的双线性对运算,并提供了消息认证机制.安全性分析表明,该方案不仅能够抵抗窃听、篡改、重放等传统攻击,而且可以有效防范节点设备可能遭到的复制攻击.对比结果显示,相较于同类方案,该方案明显降低了设备的资源开销.
By combining the Physical Unclonable Function(PUF) with the certificateless public key cryptosystem on the elliptic curve,a secure communication scheme for IoT is proposed.The secure transmission of messages is realized on the condition of node devices not storing any secret parameters.The proposed scheme eliminates the need for bilinear pairing whose computing complexity is high and provides a message authentication mechanism.Security analysis demonstrates that the scheme can not only resist the traditional attacks such as eavesdropping,tampering and replay,but also protect the node device from replication attacks.Compared with related schemes,the proposed scheme obviously decreases the resource overhead of devices.
By combining the Physical Unclonable Function(PUF) with the certificateless public key cryptosystem on the elliptic curve,a secure communication scheme for IoT is proposed.The secure transmission of messages is realized on the condition of node devices not storing any secret parameters.The proposed scheme eliminates the need for bilinear pairing whose computing complexity is high and provides a message authentication mechanism.Security analysis demonstrates that the scheme can not only resist the traditional attacks such as eavesdropping,tampering and replay,but also protect the node device from replication attacks.Compared with related schemes,the proposed scheme obviously decreases the resource overhead of devices.
引文
[1] Li S,Xu L D,Zhao S.The Internet of things:a survey[J].Information Systems Frontiers,2015,17(2):243-259.
[2] Wenliang Du,Jing Deng,Yunghsiang S Han,et al.A pairwise key predistribution scheme for wireless sensor networks[J].ACM Transactions on Information and System Security (TISSEC),2005,8(2):228-258.
[3] 苏忠,林闯,任丰原.无线传感器网络中基于散列链的随机密钥预分发方案[J].计算机学报,2009,32(1):30-41.SU Zhong,LIN Chuang,REN Feng-yuan.Hash chain based random keys pre-distribution scheme in wireless sensor networks[J].Chinese Journal of Computers,2009,32(1):30-41.(in Chinese)
[4] Delgado-Mohatar O,Ster-Sabater A,Sierra J.A light-weight authentication scheme for wireless sensor networks[J].Ad Hoc Networks,2011,9(5):727-735.
[5] Huang J J,Juang W S,Fan C I.An efficient authentication and service key agreement scheme in IOT environments[J].Frontiers in Artificial Intelligence & Applications,2015,274:715-723.
[6] Hague-Chung,Choi K C,Jun M S.A design of key agreement scheme between lightweight devices in IoT environment[A].International Conference on Computer Science and Its Applications[C].GER:Springer Singapore,2016:224-229.
[7] Kothmayr T,Schmitt C,Hu W,et al.DTLS based security and two-way authentication for the Internet of Things[J].Ad Hoc Networks,2013,11(8):2710-2723.
[8] He D,Zeadally S,Kumar N,et al.Anonymous authentication for wireless body area networks with provable security[J].IEEE Systems Journal,2016,PP(99):1-12.
[9] Seo S H,Won J,Sultana S,et al.Effective key management in dynamic wireless sensor networks[J].IEEE Transactions on Information Forensics & Security,2015,10(2):371-383.
[10] Challa S,Wazid M,Das A K,et al.Secure signature-based authenticated key establishment scheme for future IoT applications[J].IEEE Access,2017,5(99):3028-3043.
[11] Marchand C,Bossuet L,Mureddu U,et al.Implementation and characterization of a physical unclonable function for IoT:a case study with the TERO-PUF[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2018,33(1):97-109.
[12] Pappu R,Recht B,Taylor J,et al.Physical one-way functions[J].Science,2002,297(5589):2026-2030.
[13] G Eaward Suh,Srinivas Devadas.Physical unclonable functions for device authentication and secret key generation[A].Design Automation Conference[C].USA:ACM/IEEE,2007.9-14.
[14] Chatterjee U,Chakraborty R S,Mukhopadhyay D.A PUF-based secure communication protocol for IoT[J].ACM Transactions on Embedded Computing Systems,2017,16(3):1-25.
[15] Lim D,Lee JW,Gassend B,et al.Extracting secret keys from integrated circuits[J].IEEE Transactions on Very Large Scale Integration Systems,2005,13(10):1200-1205.
[16] 谢永,吴黎兵,张宇波,等.面向车联网的多服务器架构的匿名双向认证与密钥协商协议[J].计算机研究与发展,2016,53(10):2323-2333.XIE Yong,YU Li-bing,ZHANG Yu-bo,et al.Anonymous mutual authentication and key agreement protocol in multi-server architecture for VANETs[J].Journal of Computer Research and Development,2016,53(10):2323-2333.(in Chinese)
[2] Wenliang Du,Jing Deng,Yunghsiang S Han,et al.A pairwise key predistribution scheme for wireless sensor networks[J].ACM Transactions on Information and System Security (TISSEC),2005,8(2):228-258.
[3] 苏忠,林闯,任丰原.无线传感器网络中基于散列链的随机密钥预分发方案[J].计算机学报,2009,32(1):30-41.SU Zhong,LIN Chuang,REN Feng-yuan.Hash chain based random keys pre-distribution scheme in wireless sensor networks[J].Chinese Journal of Computers,2009,32(1):30-41.(in Chinese)
[4] Delgado-Mohatar O,Ster-Sabater A,Sierra J.A light-weight authentication scheme for wireless sensor networks[J].Ad Hoc Networks,2011,9(5):727-735.
[5] Huang J J,Juang W S,Fan C I.An efficient authentication and service key agreement scheme in IOT environments[J].Frontiers in Artificial Intelligence & Applications,2015,274:715-723.
[6] Hague-Chung,Choi K C,Jun M S.A design of key agreement scheme between lightweight devices in IoT environment[A].International Conference on Computer Science and Its Applications[C].GER:Springer Singapore,2016:224-229.
[7] Kothmayr T,Schmitt C,Hu W,et al.DTLS based security and two-way authentication for the Internet of Things[J].Ad Hoc Networks,2013,11(8):2710-2723.
[8] He D,Zeadally S,Kumar N,et al.Anonymous authentication for wireless body area networks with provable security[J].IEEE Systems Journal,2016,PP(99):1-12.
[9] Seo S H,Won J,Sultana S,et al.Effective key management in dynamic wireless sensor networks[J].IEEE Transactions on Information Forensics & Security,2015,10(2):371-383.
[10] Challa S,Wazid M,Das A K,et al.Secure signature-based authenticated key establishment scheme for future IoT applications[J].IEEE Access,2017,5(99):3028-3043.
[11] Marchand C,Bossuet L,Mureddu U,et al.Implementation and characterization of a physical unclonable function for IoT:a case study with the TERO-PUF[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2018,33(1):97-109.
[12] Pappu R,Recht B,Taylor J,et al.Physical one-way functions[J].Science,2002,297(5589):2026-2030.
[13] G Eaward Suh,Srinivas Devadas.Physical unclonable functions for device authentication and secret key generation[A].Design Automation Conference[C].USA:ACM/IEEE,2007.9-14.
[14] Chatterjee U,Chakraborty R S,Mukhopadhyay D.A PUF-based secure communication protocol for IoT[J].ACM Transactions on Embedded Computing Systems,2017,16(3):1-25.
[15] Lim D,Lee JW,Gassend B,et al.Extracting secret keys from integrated circuits[J].IEEE Transactions on Very Large Scale Integration Systems,2005,13(10):1200-1205.
[16] 谢永,吴黎兵,张宇波,等.面向车联网的多服务器架构的匿名双向认证与密钥协商协议[J].计算机研究与发展,2016,53(10):2323-2333.XIE Yong,YU Li-bing,ZHANG Yu-bo,et al.Anonymous mutual authentication and key agreement protocol in multi-server architecture for VANETs[J].Journal of Computer Research and Development,2016,53(10):2323-2333.(in Chinese)