一种基于格的轻量级物联网群签密认证方案  

作　　者：徐川[1,2] 艾星好 王杉杉 赵国锋 韩珍珍[1,2] XU Chuan;AI Xinghao;WANG Shanshan;ZHAO Guofeng;HAN Zhenzhen(School of Communication and Information Engineering,Chongqing University of Posts and Telecommunications,Chongqing 400065,China;Sichuan Yijing Intelligent Terminal Co.,Ltd.,Yibin 644000,China)

机构地区：[1]重庆邮电大学通信与信息工程学院,重庆400065 [2]四川易景智能终端有限公司,四川宜宾644000

出　　处：《电信科学》2024年第4期88-106,共19页Telecommunications Science

基　　金：国家自然科学基金资助项目(No.62171070);重庆市博士后科学基金资助项目(No.CSTB2022NSCQ-BHX0043);2022宜宾市引进高层人才项目(No.2022YG05);重庆邮电大学博士研究生人才培养项目(No.BYJS202204)。

摘　　要：5G时代为物联网高速发展带来了机遇,身份认证是保障物联网安全的基础。然而在面对量子攻击时,由于物联网节点众多,基于签密的身份认证方案生成节点密钥将消耗大量资源,难以满足物联网低开销的需求。为此,设计了一种基于格的轻量级群签密认证方案。在密钥生成阶段,设计了改进陷门对角矩阵,优化生成密钥所需的原像采样算法,减小了生成大量密钥时所需的整体时间;在身份认证阶段,基于剩余哈希引理和签密性质,在一个逻辑步骤内对消息同时进行签名和加密,提出了低次数的点乘与哈希运算的交互流程,完成组长代替群组成员进行的接入认证。仿真实验表明,该方案降低了物联网设备接入时的交互次数,减少了身份认证阶段的计算开销,对比现有方案,签密与解签密的总开销降低了至少7%,同时证明了该方案能在物联网中抵抗量子攻击。The 5G era has brought opportunities for the rapid development of the Internet of things.Identity authentication is the basis for ensuring the security of the Internet of things.However,in the face of quantum attacks due to the large number of nodes in the Internet of things,the signcrypt-based identity authentication scheme will consume a lot of resources to generate node keys,which is difficult to meet the low cost requirements of the Internet of things.Therefore,a lightweight lattice-based group signcryption authentication scheme was designed.In the key generation stage,the improved trapdoor diagonal matrix was designed to optimize the original image sampling algorithm required for key generation and reduce the overall time required for generating a large number of keys.In the identity authentication stage,based on the residual Hash lemma and the signcryptic property,the message was signed and encrypted in one logical step at the same time,and the interaction flow of dot multiplication and Hash operation with low frequency was proposed to complete the access authentication performed by the group leader on behalf of the group members.Simulation experiments show that this scheme reduces the number of interactions during the access of Internet of things devices,reduces the computing cost of identity authentication stage,and reduces the total cost of signcryption and decryption by more than 7%compared with the existing schemes.Furthermore,the simulation results prove that this scheme can resist quantum attacks in the Internet of things.

关 键 词：群组认证 抗量子 物联网 轻量级 

分 类 号：TN918[电子电信—通信与信息系统] TP309[电子电信—信息与通信工程]