工业互联网存储设备隐私安全  被引量：2

作　　者：杨珍娜 范九伦[1] 祝剑 韩刚 YANG Zhenna;FAN Jiulun;ZHU Jian;HAN Gang(School of Cyberspace Security,Xi'an University of Posts and Telecommunications,Xi'an 710121,China;Editorial Department of Journal,Xi'an University of Posts and Telecommunications,Xi'an 710121,China)

机构地区：[1]西安邮电大学网络空间安全学院,陕西西安710121 [2]西安邮电大学学报编辑部,陕西西安710121

出　　处：《西安邮电大学学报》2022年第1期35-42,共8页Journal of Xi’an University of Posts and Telecommunications

基　　金：国家自然科学基金项目(62071378,62071379,62171380,62102312);工业和信息化部通信软科学研究项目(2021R45);陕西省自然科学基础研究计划项目(2021JQ-722);陕西省高校科协青年人才托举计划项目(20210119)。

摘　　要：针对工业互联网中合法用户验证和用户隐私保护方面存在的缺陷,提出一种通用串行总线(Universal Serial Bus,USB)大容量存储设备的增强型安全协议(Control Protocol for USB,CPFU)。在YWC协议中引入新的哈希函数进行加密,使得攻击者在获取部分信息情况下,无法通过合法用户验证。基于Bellare-Rogaway不可区分性模型,将用户和服务器密钥进行交换,保证用户和服务器相互认证和协议会话密钥的机密性,为用户提供隐私保护。安全性分析表明,该协议具有用户隐私保护、防止密钥恢复攻击、防止离线口令猜测攻击、防止重放攻击和防止被盗验证者攻击等功能,并能够实现工业互联网存储设备USB端口文件的匿名传输,满足工业互联网存储设备安全需求。性能分析表明,该协议能够有效均衡计算与通信开销,安全性更高。Aiming at the defects of legal user authentication and user privacy protection in industrial Internet,an enhanced security protocol(CPFU)for universal serial bus(USB)mass storage devices is proposed.A new hash function is introduced into the YWC protocol for encryption,so that the attacker cannot pass the authentication of the legitimate user if he obtains part of the information.Based on the Bellare-Rogaway indistinguishability model,the user and server keys are exchanged to ensure mutual authentication between the user and the server,and the confidentiality of the protocol session keys,providing privacy protection for users.Security analysis shows that the protocol has the functions of user privacy protection,preventing key recovery attacks,preventing offline password guess attacks,preventing replay attacks,and preventing stolen verifier attacks,and can realize anonymous transmission for USB port files of industrial Internet storage devices,to meet the security requirements of industrial Internet storage devices.The performance analysis shows that the protocol can effectively balance the computing and communication overhead,and has higher security.

关 键 词：工业互联网 USB存储设备 用户验证 用户隐私 密钥恢复 

分 类 号：TN915.04[电子电信—通信与信息系统]