引用本文: |
-
张金花,李晓伟,曾新,赵榆琴,段燃,杨邓奇.边缘计算环境下基于区块链的跨域认证与密钥协商协议[J].信息安全学报,2021,6(1):54-61 [点击复制]
- ZHANG Jinhua,LI Xiaowei,ZENG Xin,ZHAO Yuqin,DUAN Ran,YANG Dengqi.Cross domain authentication and key agreement protocol based on blockchain in edge computing environment[J].Journal of Cyber Security,2021,6(1):54-61 [点击复制]
|
|
摘要: |
身份认证与密钥协商是接入物联网首先要考虑的安全问题。传统的物联网身份认证是基于“云中心-终端设备”的认证架构。而随着边缘计算技术的引入,认证架构转变为“边缘设备-终端设备”的架构,传统的认证方式不再适用。此外,物联网中存在多个通信域,不同域中的设备之间需要进行跨域间认证与密钥协商。针对以上问题,本文设计了边缘计算环境下基于区块链的跨域认证与密钥协商协议。将终端设备的证书Hash值存储在区块链上,避免了复杂的证书验证过程。基于联盟链的跨域属性使得不同域间的设备可以顺利完成认证和密钥协商。与已有的跨域认证与密钥协商协议相比,本文所提出的协议具有较高的效率,更适用于低性能的物联网设备。 |
关键词: 物联网 区块链 跨域认证 边缘计算 |
DOI:10.19363/J.cnki.cn10-1380/tn.2021.01.05 |
投稿时间:2020-09-18修订日期:2020-11-16 |
基金项目:国家自然科学基金(No.31960119,No.51809026,No.61902049),云南省地方高校联合项目(No.2017FH001-027,No.2017FH001-062,No.2017FH001-063)以及大理大学创新团队项目(No.ZKLX2020308)资助。 |
|
Cross domain authentication and key agreement protocol based on blockchain in edge computing environment |
ZHANG Jinhua, LI Xiaowei, ZENG Xin, ZHAO Yuqin, DUAN Ran, YANG Dengqi
|
(School of Mathematics and Computer, Dali University, Dali 671000, China) |
Abstract: |
Identity authentication and key agreement are the first security issues to be considered when accessing the Internet of Things(IoT). The traditional identity authentication of IoT is based on the “cloud center-terminal device” authentication architecture. With the introduction of edge computing technology, the authentication architecture has been transformed into “edge device-terminal device” architecture, and the traditional authentication method is no longer applicable. In addition, there are multiple communication domains in the IoT, and cross domain authentication and key agreement are needed between devices in different domains. To solve the above problems, this paper designs a cross domain authentication and key agreement protocol based on blockchain in the edge computing environment. The hash value of the certificate of the terminal device is put on the blockchain to avoid the complicated certificate verification process. Based on the cross domain attribute of consortium chain, the devices in different domains can complete authentication and key agreement successfully. Compared with the existing cross domain authentication and key agreement protocols, the proposed protocol has higher efficiency and is more suitable for low performance IoT devices. |
Key words: Internet of Things blockchain cross-domain authentication edge computing |