面向物联网的认证密钥协商协议研究综述  

作　　者：王凯 董建阔 肖甫[1] 吉欣仪 胡昕 WANG Kai;DONG Jiankuo;XIAO Fu;JI Xinyi;HU Xin(School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China)

机构地区：[1]南京邮电大学计算机学院,南京210023

出　　处：《网络空间安全科学学报》2024年第5期2-16,共15页Journal of Cybersecurity

基　　金：国家自然科学基金(62302238,62372245)。

摘　　要：物联网(Internet of Things,IOT)是由大量连接的对象或设备组成的一种新型互联网络。物联网中的物理对象或传感设备能够收集周围环境产生的敏感数据,然后通过不安全的公开信道进行数据信息的交换和共享。因此,必须创建安全的媒介来保护数据的机密性和完整性,防止遭受敌手的攻击。在这方面,认证密钥协商(Authenticated Key Agreement,AKA)协议能够实现网络通信实体之间的相互认证,并生成一个共享的对称会话密钥,用于加密未来传送的数据。首先,回顾了一些面向物联网应用场景提出的AKA协议,这些AKA协议使用椭圆曲线密码学或切比雪夫混沌映射密码机制作为构建模块进行设计。随后,列举了这些AKA协议容易遭受的攻击和缺乏的安全属性。最后,针对设计安全高效的AKA协议提出了几条有用的建议,这些建议有助于AKA协议设计者实现其所声称的安全功能属性。The Internet of Things(IoT)is a new type of interconnected network composed of a large number of connected objects or devices.The physical objects or sensing devices in the Internet of Things can collect sensitive data generated by the surrounding envi-ronment and then exchange and share data information through insecure public channels.Therefore,it is necessary to create secure medi-ums to protect the confidentiality and integrity of data and prevent attacks from adversaries.In this regard,authenticated key agreement(AKA)protocols can achieve mutual authentication between network communication entities and generate a shared symmetric session key for encrypting future transmitted data.The review of several AKA protocols proposed for Internet of Things application scenarios was presented first.These protocols utilized elliptic curve cryptography or Chebyshev chaotic mapping cryptographic mechanisms as key components of their design.Next,the vulnerabilities and security shortcomings to which these reviewed AKA protocols are susceptible were outlined.Finally,several useful suggestions for designing a secure and efficient AKA protocol were proposed.These recommenda-tions aim to help AKA protocol designers achieve their desired security and functionality features.

关 键 词：物联网 安全认证 密钥协商 离线口令猜测攻击 数据安全 会话密钥 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]