摘要
针对现有的物联网设备安全接入方案不适用于资源受限的物联网设备的问题,提出一种基于tPUF的物联网设备安全接入方案。利用物理不可克隆函数技术(Physical Unclonable Function,PUF),物联网设备不需要存储任何秘密信息,实现设备与认证端的双向认证以及协商会话秘钥;利用可信网络连接技术(Trusted Network Connect,TNC),完成认证端对物联网设备的身份认证、平台身份认证、完整性认证。安全性分析表明,方案能够有效抵抗篡改、复制、物理攻击等。实验结果表明,相较于其他方案,该方案明显降低了设备的资源开销。
Aiming at the problem that the existing IoT device secure access scheme is not applicable to resource-constrained IoT devices,a tPUF-based IoT device secure access scheme is proposed.Utilizing Physical Unclonable Function(PUF),IoT devices do not need to store any secret information,enabling mutual authentication between the device and the authenticator,and negotiating session keys.It utilizes Trusted Network Connect(TNC)technology to achieve identity authentication,platform identity authentication,and integrity authentication of IoT devices from the authentication end.Security analysis shows that the scheme can effectively resist tampering,replication,and physical attacks.Experimental results show that,compared with other schemes,this scheme significantly reduces the equipment resource overhead.
作者
邹建文
赵波
李想
刘一凡
黎佳玥
ZOU Jianwen;ZHAO Bo;LI Xiang;LIU Yifan;LI Jiayue(Key Laboratory of Aerospace Information Security and Trusted Computing,Ministry of Education,School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China)
出处
《计算机工程与应用》
CSCD
北大核心
2021年第2期119-126,共8页
Computer Engineering and Applications
基金
武汉市应用基础前沿项目(2018010401011295)
国家自然科学基金联合基金项目(U1936122)
中央高校基本科研业务费专项资金项目(2042017kf024)
中国工程院项目(212000005)
国家电网公司总部科技项目。
关键词
物联网
物理不可克隆函数
可信网络连接
双向认证
设备安全接入
Internet of Things
physical unclonable function
trusted network connection
mutual authentication
device security access