Efficient privacy-preserving user authentication scheme with forward secrecy for industry 4.0  被引量：5

作　　者：Chenyu WANG Ding WANG Guoai XU Debiao HE 

机构地区：[1]School of Cyber Security,Beijing University of Posts and Telecommunications,Beijing 100876,China [2]State Key Laboratory of Cryptology,P.O.Box 5159,Beijing 100878,China [3]College of Cyber Science,Nankai University,Tianjin 300350,China [4]Tianjin Key Laboratory of Network and Data Security Technology,Nankai University,Tianjin 300350,China [5]School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China

出　　处：《Science China(Information Sciences)》2022年第1期188-202,共15页中国科学（信息科学）（英文版）

基　　金：supported by the National Key Research and Development Plan of China(Grant No.2018YFB0803605);National Natural Science Foundation of China(Grant No.61802006)。

摘　　要：Industry 4.0,which combines information technology,network and industrial production,is expected to have a tremendous impact on our daily lives.In such a complex and security-critical system with resource-constrained sensor nodes,the design of a secure user authentication scheme for preventing real-time data from unauthorized access is full of challenges,and the main crux lies in how to realize the important property of forward secrecy.Existing schemes either fail to achieve forward secrecy or achieve forward secrecy with high computation cost on sensor nodes.Besides,they often fail to conform to the development trend of industry 4.0 systems where a cloud center is necessary to help intelligent decision-making and alleviate computation and storage pressure.Therefore,in this paper,we propose an efficient privacy-preserving user authentication scheme with forward secrecy for industry 4.0,and formally prove its security in the random oracle model.Compared with previous schemes,it has three advantages:(1)all eleven state-of-the-art criteria are achieved;(2)its computation cost on sensor nodes is comparable to those insecure schemes that employ only symmetric cryptographic algorithms,and is superior to those that also use asymmetric cryptographic algorithms;(3)it takes the advantage of the computation and storage capabilities of the cloud center to achieve user anonymity and the resistance to offline dictionary attack without performing any asymmetric cryptographic algorithms on gateways.Our computation cost on gateways is the smallest among all state-of-the-art relevant schemes for comparison.

关 键 词：industry 4.0 wireless sensor networks password authentication forward secrecy offline dictionary attack 

分 类 号：TP212.9[自动化与计算机技术—检测技术与自动化装置] TN918.4[自动化与计算机技术—控制科学与工程]