| 基于tPUF的物联网设备安全接入方案 |
| |
| 引用本文: | 邹建文,赵波,李想,刘一凡,黎佳玥.基于tPUF的物联网设备安全接入方案[J].计算机工程与应用,2021,57(2):119-126. |
| |
| 作者姓名: | 邹建文 赵波 李想 刘一凡 黎佳玥 |
| |
| 作者单位: | 武汉大学 国家网络安全学院 空天信息安全与可信计算教育部重点实验室,武汉 430072 |
| |
| 基金项目: | 中央高校基本科研业务费专项资金项目;国家自然科学基金联合基金项目;中国工程院项目;武汉市应用基础前沿项目;国家电网公司总部科技项目 |
| |
| 摘 要: | 针对现有的物联网设备安全接入方案不适用于资源受限的物联网设备的问题,提出一种基于tPUF的物联网设备安全接入方案。利用物理不可克隆函数技术(Physical Unclonable Function,PUF),物联网设备不需要存储任何秘密信息,实现设备与认证端的双向认证以及协商会话秘钥;利用可信网络连接技术(Trusted Network Connect,TNC),完成认证端对物联网设备的身份认证、平台身份认证、完整性认证。安全性分析表明,方案能够有效抵抗篡改、复制、物理攻击等。实验结果表明,相较于其他方案,该方案明显降低了设备的资源开销。
|
| 关 键 词: | 物联网 物理不可克隆函数 可信网络连接 双向认证 设备安全接入 |
tPUF-Based Security Access Scheme for IoT Devices |
| |
| ZOU Jianwen,ZHAO Bo,LI Xiang,LIU Yifan,LI Jiayue.tPUF-Based Security Access Scheme for IoT Devices[J].Computer Engineering and Applications,2021,57(2):119-126. |
| |
| Authors: | ZOU Jianwen ZHAO Bo LI Xiang LIU Yifan LI Jiayue |
| |
| Affiliation: | Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China |
| |
| Abstract: | Aiming at the problem that the existing IoT device secure access scheme is not applicable to resource-constrained IoT devices, a tPUF-based IoT device secure access scheme is proposed. Utilizing Physical Unclonable Function(PUF), IoT devices do not need to store any secret information, enabling mutual authentication between the device and the authenticator, and negotiating session keys. It utilizes Trusted Network Connect(TNC) technology to achieve identity authentication, platform identity authentication, and integrity authentication of IoT devices from the authentication end. Security analysis shows that the scheme can effectively resist tampering, replication, and physical attacks. Experimental results show that, compared with other schemes, this scheme significantly reduces the equipment resource overhead. |
| |
| Keywords: | Internet of Things physical unclonable function trusted network connection mutual authentication device security access |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
|
