面向无线传感器网络的多因素安全增强认证协议  

作　　者：张凌浩 梁晖辉 邓东 刘洋洋 唐超 常政威 桂盛霖[3] ZHANG Linghao;LIANG Huihui;DENG Dong;LIU Yangyang;TANG Chao;CHANG Zhengwei;GUI Shenglin(State Grid Sichuan Eletric Power Research Institute,Chengdu 610072;Power Internet of Things Key Laboratory of Sichuan Province,Chengdu 610031;School of Computer Science and Engineering,University of Electronic Science and Technology of China,Chengdu 611731)

机构地区：[1]国网四川省电力公司电力科学研究院,成都610072 [2]电力物联网四川省重点实验室,成都610031 [3]电子科技大学计算机科学与工程学院,成都611731

出　　处：《电子科技大学学报》2023年第5期699-708,共10页Journal of University of Electronic Science and Technology of China

基　　金：国家自然科学基金(61401067);四川省科技重大专项(2018GZDZX0009);四川省重点研发项目(2023YFG0112)。

摘　　要：为解决现有协议普遍存在的离线字典攻击、缺少匿名性、无前向安全等安全缺陷,基于最新安全模型,将KSSTI攻击和注册合法用户攻击加入安全模型评价标准中,形成增强安全模型,提出了一种面向无线传感器网络的多因素安全增强认证协议,实现了用户通过网关与传感器节点两端的安全会话密钥协商。BAN逻辑和启发式分析结果表明该协议实现了双向认证,满足匿名性、前向安全、抵抗内部攻击、抵抗KSSTI攻击等重要安全属性。相比于已有协议,该文协议的安全等级更高且计算量与通信量适中,适用于安全等级要求高且传感器节点计算资源受限的应用场景。To solve security defects generally lain in many existing protocols,such as offline dictionary attack,lack of anonymity and no forward security,based on the latest security model,this paper adds KSSTI attack and registered legitimate user attack into the security model evaluation standard to form an enhanced security model.Based on this enhanced security model,a multi-factor security enhanced authentication protocol for wireless sensor networks is proposed,which realizes the secure session key negotiation among users and sensor nodes through the gateway.The results of BAN logic and heuristic analysis show that the protocol realizes two-way authentication and meets the important security attributes of anonymity,forward security,resistance to internal attacks,resistance to KSSTI attacks and so on.Compared with the existing protocols,this protocol has higher security level and moderate amount of computation and communication.It is suitable for the application scenarios with high security level requirements and limited computing resources of sensor nodes.

关 键 词：认证协议 增强安全模型 三因素 无线传感器网络 

分 类 号：TP309.08[自动化与计算机技术—计算机系统结构]