一种基于NTRU算法的物联网设备接入认证方案
|
摘要
物联网设备的接入认证是物联网应用大规模部署的基础,现有的用于物联网设备接入认证方案中使用的几乎都是椭圆曲线密码学(ECC)算法,而ECC算法涉及到点乘运算,效率不高。文中提出了一种基于数论研究单元(NTRU)算法的设备接入认证方案。NTRU算法的加密和解密都只使用简单的多项式乘法,和ECC算法的点乘运算相比计算速度快,而且NTRU算法还可以抵抗量子攻击。该方案不仅可以提供设备和服务器相互认证,而且对已知的攻击有很好的抵抗性。通过Java编程实现了NTRU算法和ECC算法,验证结果表明提出方案计算开销小,可以大幅节省认证时间,十分适合资源受限的物联网环境。
Access authentication for IoT(Internet of Things) devices is the basis for large-scale deployment of IoT applications.Almost all of the existing access authentication schemes for IoT devices use ECC(Elliptic Curve Cryptography),while ECC involves point multiplication,which is not efficient.A device access authentication scheme based on NTRU(Number Theory Research Unit) is proposed.Both the encryption and decryption of the NTRU use only simple polynomial multiplication,which is faster than the point multiplication of the ECC,and the NTRU can also resist quantum attacks.This scheme not only provides mutual authentication between the devices and the server,but also has good resistance to known attacks.The NTRU and ECC are implemented by Java programming.The verification results show that the proposed scheme has low computational cost and can save a lot of authentication time,which is very suitable for the resource-constrained IoT environment.
Access authentication for IoT(Internet of Things) devices is the basis for large-scale deployment of IoT applications.Almost all of the existing access authentication schemes for IoT devices use ECC(Elliptic Curve Cryptography),while ECC involves point multiplication,which is not efficient.A device access authentication scheme based on NTRU(Number Theory Research Unit) is proposed.Both the encryption and decryption of the NTRU use only simple polynomial multiplication,which is faster than the point multiplication of the ECC,and the NTRU can also resist quantum attacks.This scheme not only provides mutual authentication between the devices and the server,but also has good resistance to known attacks.The NTRU and ECC are implemented by Java programming.The verification results show that the proposed scheme has low computational cost and can save a lot of authentication time,which is very suitable for the resource-constrained IoT environment.
引文
[1] FRUSTACI M,PACE P,ALOI G,et al.Evaluating critical security issues of the iot world:present and future challenges[J].IEEE Internet of Things Journal,2018,5(4):2483-2495.
[2] AL-FUQAHA A,GUIZANI M,MOHAMMADI M,et al.Internet of things:a survey on enabling technologies,protocols,and applications[J].IEEE Communications Surveys & Tutorials,2015,17(4):2347-2376.
[3] SHA K,WEI W,YANG T A,et al.On security challenges and open issues in Internet of Things[J].Future Generation Computer Systems,2018,83:326-337.
[4] KOBLITZ N.Elliptic curve cryptosystems[J].Mathematics of Computation,1987,48(177):203-209.
[5] SHOR P W.Algorithms for quantum computation:discrete logarithms and factoring[C]//Proceedings of 35th Annual Symposium on Foundations of Computer Science.1994:124-134.
[6] SHOR P W.Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer[J].SIAM Review,1999,41(2):303-332.
[7] HOFFSTEIN J.NTRU:a new high speed public key cryptosystem[C]//Algorithmic Number Theory.1998.
[8] HOFFSTEIN J,PIPHER J,SILVERMAN J H.NTRU:a ring-based public key cryptosystem[C]//International Algorithmic Number Theory Symposium.1998:267-288.
[9] CHEN R,PENG D.A novel NTRU-based handover authentication scheme for wireless networks[J].IEEE Communications Letters,2018,22(3):586-589.
[10] KALRA S,SOOD S K.Secure authentication scheme for IoT and cloud servers[J].Pervasive and Mobile Computing,2015,24:210-223.
[11] CHANG C C,WU H L,SUN C Y.Notes on “Secure authentication scheme for IoT and cloud servers”[J].Pervasive and Mobile Computing,2017,38:275-278.
[12] WANG K H,CHEN C M,FANG W,et al.A secure authentication scheme for Internet of Things[J].Pervasive and Mobile Computing,2017,42:15-26.
[13] CHEN D,ZHANG N,QIN Z,et al.S2M:a lightweight acoustic fingerprints-based wireless device authentication protocol[J].IEEE Internet of Things Journal,2017,4(1):88-100.
[14] LI N,LIU D,NEPAL S.Lightweight mutual authentication for IoT and its applications[J].IEEE Transactions on Sustainable Computing,2017,2(4):359-370.
[15] SCIANCALEPORE S,PIRO G,BOGGIA G,et al.Public key authentication and key agreement in IoT devices with minimal airtime consumption[J].IEEE Embedded Systems Letters,2017,9(1):1-4.
[16] WANG D,CHENG H,HE D,et al.On the challenges in designing identity-based privacy-preserving authentication schemes for mobile devices[J].IEEE Systems Journal,2018,12(1):916-925.
[17] TRUONG T T,TRAN M T,DUONG A D.Improvement of the more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on ECC[C]//26th International Conference on Advanced Information Networking and Applications Workshops.2012:698-703.
[18] LI X,ZHANG Y,LIU X,et al.A lightweight roaming authentication protocol for anonymous wireless communication[C]//Global Communications Conference (GLOBECOM).2012:1029-1034.
[19] ZHANG G,FAN D,ZHANG Y,et al.A privacy preserving authentication scheme for roaming services in global mobility networks[J].Security and Communication Networks,2015,8(16):2850-2859.
[20] HAO P,WANG X,SHEN W.A collaborative PHY-aided technique for end-to-end IoT device authentication[J].IEEE Access,2018,6:42279-42293.
[21] JAULMES é,JOUX A.A chosen-ciphertext attack against NTRU[C]//Annual International Cryptology Conference.2000:20-35.
[22] HOWGRAVE-GRAHAM N,NGUYEN P Q,POINTCHEVAL D,et al.The impact of decryption failures on the security of NTRU encryption[C]//Annual International Cryptology Conference.2003:226-246.
[23] GAMA N,HOWGRAVE-GRAHAM N,NGUYEN P Q.Symplectic lattice reduction and NTRU[C]//Annual International Conference on the Theory and Applications of Cryptographic Techniques.2006:233-253.
[24] WANG A,WANG C,ZHENG X,et al.Random key rotation:side-channel countermeasure of NTRU cryptosystem for resource-limited devices[J].Computers & Electrical Engineering,2017,63:220-231.
[25] WANG D,DA B,LI J,et al.IBS enabled authentication for IoT in ION framework[C]//Global Internet of Things Summit (GIoTS).2017:1-6.
[26] SHAMIR A.Identity-based cryptosystems and signature schemes[C]//Workshop on the Theory and Application of Cryptographic Techniques.1984:47-53.
[27] KRAWCZYK H.HMQV:a high-performance secure Diffie-Hellman protocol[C]//Annual International Cryptology Conference.2005:546-566.
[2] AL-FUQAHA A,GUIZANI M,MOHAMMADI M,et al.Internet of things:a survey on enabling technologies,protocols,and applications[J].IEEE Communications Surveys & Tutorials,2015,17(4):2347-2376.
[3] SHA K,WEI W,YANG T A,et al.On security challenges and open issues in Internet of Things[J].Future Generation Computer Systems,2018,83:326-337.
[4] KOBLITZ N.Elliptic curve cryptosystems[J].Mathematics of Computation,1987,48(177):203-209.
[5] SHOR P W.Algorithms for quantum computation:discrete logarithms and factoring[C]//Proceedings of 35th Annual Symposium on Foundations of Computer Science.1994:124-134.
[6] SHOR P W.Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer[J].SIAM Review,1999,41(2):303-332.
[7] HOFFSTEIN J.NTRU:a new high speed public key cryptosystem[C]//Algorithmic Number Theory.1998.
[8] HOFFSTEIN J,PIPHER J,SILVERMAN J H.NTRU:a ring-based public key cryptosystem[C]//International Algorithmic Number Theory Symposium.1998:267-288.
[9] CHEN R,PENG D.A novel NTRU-based handover authentication scheme for wireless networks[J].IEEE Communications Letters,2018,22(3):586-589.
[10] KALRA S,SOOD S K.Secure authentication scheme for IoT and cloud servers[J].Pervasive and Mobile Computing,2015,24:210-223.
[11] CHANG C C,WU H L,SUN C Y.Notes on “Secure authentication scheme for IoT and cloud servers”[J].Pervasive and Mobile Computing,2017,38:275-278.
[12] WANG K H,CHEN C M,FANG W,et al.A secure authentication scheme for Internet of Things[J].Pervasive and Mobile Computing,2017,42:15-26.
[13] CHEN D,ZHANG N,QIN Z,et al.S2M:a lightweight acoustic fingerprints-based wireless device authentication protocol[J].IEEE Internet of Things Journal,2017,4(1):88-100.
[14] LI N,LIU D,NEPAL S.Lightweight mutual authentication for IoT and its applications[J].IEEE Transactions on Sustainable Computing,2017,2(4):359-370.
[15] SCIANCALEPORE S,PIRO G,BOGGIA G,et al.Public key authentication and key agreement in IoT devices with minimal airtime consumption[J].IEEE Embedded Systems Letters,2017,9(1):1-4.
[16] WANG D,CHENG H,HE D,et al.On the challenges in designing identity-based privacy-preserving authentication schemes for mobile devices[J].IEEE Systems Journal,2018,12(1):916-925.
[17] TRUONG T T,TRAN M T,DUONG A D.Improvement of the more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on ECC[C]//26th International Conference on Advanced Information Networking and Applications Workshops.2012:698-703.
[18] LI X,ZHANG Y,LIU X,et al.A lightweight roaming authentication protocol for anonymous wireless communication[C]//Global Communications Conference (GLOBECOM).2012:1029-1034.
[19] ZHANG G,FAN D,ZHANG Y,et al.A privacy preserving authentication scheme for roaming services in global mobility networks[J].Security and Communication Networks,2015,8(16):2850-2859.
[20] HAO P,WANG X,SHEN W.A collaborative PHY-aided technique for end-to-end IoT device authentication[J].IEEE Access,2018,6:42279-42293.
[21] JAULMES é,JOUX A.A chosen-ciphertext attack against NTRU[C]//Annual International Cryptology Conference.2000:20-35.
[22] HOWGRAVE-GRAHAM N,NGUYEN P Q,POINTCHEVAL D,et al.The impact of decryption failures on the security of NTRU encryption[C]//Annual International Cryptology Conference.2003:226-246.
[23] GAMA N,HOWGRAVE-GRAHAM N,NGUYEN P Q.Symplectic lattice reduction and NTRU[C]//Annual International Conference on the Theory and Applications of Cryptographic Techniques.2006:233-253.
[24] WANG A,WANG C,ZHENG X,et al.Random key rotation:side-channel countermeasure of NTRU cryptosystem for resource-limited devices[J].Computers & Electrical Engineering,2017,63:220-231.
[25] WANG D,DA B,LI J,et al.IBS enabled authentication for IoT in ION framework[C]//Global Internet of Things Summit (GIoTS).2017:1-6.
[26] SHAMIR A.Identity-based cryptosystems and signature schemes[C]//Workshop on the Theory and Application of Cryptographic Techniques.1984:47-53.
[27] KRAWCZYK H.HMQV:a high-performance secure Diffie-Hellman protocol[C]//Annual International Cryptology Conference.2005:546-566.