适用于智能家居的格上基于身份多方认证密钥协商协议  被引量：2

作　　者：倪亮[1,2] 刘笑颜 谷兵珂 张亚伟 周恒昇 王念平[3] Ni Liang;Liu Xiaoyan;Gu Bingke;Zhang Yawei;Zhou Hengsheng;Wang Nianping(School of Computer Science,Zhongyuan University of Technology,Zhengzhou 450007,China;Henan Development&Innovation Laboratory of Industrial Internet Security Big Data,Zhongyuan University of Technology,Zhengzhou 450007,China;College of Cryptography Engineering,Information Engineering University,Zhengzhou 450001,China)

机构地区：[1]中原工学院计算机学院,郑州450007 [2]中原工学院河南省工业互联网安全大数据发展创新实验室,郑州450007 [3]信息工程大学密码工程学院,郑州450001

出　　处：《计算机应用研究》2024年第4期1191-1197,共7页Application Research of Computers

基　　金：河南省科技攻关计划资助项目(232102210134,182102210130);国家留学基金资助项目(201908410281);国家自然科学基金资助项目(61672031);河南省高等学校重点科研项目(21A520053)。

摘　　要：随着物联网应用的日益普及,物联网设备终端数量激增、种类多样、层次复杂,常处于不可控的环境之中,因此,确保数据传输过程的安全性和隐私性至关重要。对基于物联网架构的智能家居服务进行探讨得出,启用智能家居应用需涉及多个方面,如用户、云、物联网智能集线器(the IoT smart hub,ISH)和智能设备,它们需要多方验证以进行安全通信。由此提出了一种针对智能家居应用的格上基于身份多方认证密钥协商协议,并证明在eCK模型下是安全的。其安全性可以归约到环上带误差学习(ring learning with errors,RLWE)问题的困难性,能够抗量子计算攻击。所提协议由一个格上基于身份的加密方案转换而成,无须公钥证书,避免了部署一个庞大的公钥基础设施(public key infrastructure,PKI)。通过信息交互实现显式认证,且可具有一定的匿名性质,与其他相关的后量子格上多方认证密钥协商协议方案相比,该协议在安全性和执行效率方面更具优势。With the increasing popularity of IoT applications,the number of IoT device terminals is proliferating,the types are diverse,the levels are complex,and they are often in an uncontrollable environment,so it is critical to ensure the security and privacy of the data transmission process.This paper explored smart home services based on IoT architecture.Enabling smart home applications involved multiple parties,such as users,the cloud,ISH and smart devices,which required multi-party authentication for secure communication.This paper proposed a lattice-based multi-party authenticated key agreement protocol for smart home applications and proved that it was secure under the eCK model,and its security could be attributed to the difficulty of RLWE problem,which was resistant to quantum computing attacks.The proposed protocol is converted from an identity-based encryption scheme on lattice,does not require a public key certificate and avoids the deployment of a large PKI,achieves explicit authentication through message interaction,and can have a certain anonymity.Compared with other related post-quantum lattice-based multi-party authenticated key agreement protocol schemes,the proposed protocol is more advantageous in terms of security and execution efficiency.

关 键 词：智能家居 基于身份密码 环上带误差学习 多方认证密钥协商协议 后量子密码 匿名性 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]