[go: up one dir, main page]

CN119696775A - A verifiable outsourced key negotiation method based on privacy protection in IoT scenarios - Google Patents

A verifiable outsourced key negotiation method based on privacy protection in IoT scenarios Download PDF

Info

Publication number
CN119696775A
CN119696775A CN202411821118.0A CN202411821118A CN119696775A CN 119696775 A CN119696775 A CN 119696775A CN 202411821118 A CN202411821118 A CN 202411821118A CN 119696775 A CN119696775 A CN 119696775A
Authority
CN
China
Prior art keywords
key
node
sgx
negotiation
pseudonym
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202411821118.0A
Other languages
Chinese (zh)
Other versions
CN119696775B (en
Inventor
李兴华
王宇航
王运帷
童秋云
王晨宇
张俊伟
姜奇
郭晶晶
杨超
任哲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN202411821118.0A priority Critical patent/CN119696775B/en
Publication of CN119696775A publication Critical patent/CN119696775A/en
Application granted granted Critical
Publication of CN119696775B publication Critical patent/CN119696775B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a verifiable outsourcing key negotiation method based on internet of things scene privacy protection, which is applied to a key negotiation system, wherein the key negotiation system comprises a plurality of internet of things equipment nodes and a Cloud service platform formed by trusted execution hardware SGX and Cloud; the invention builds a trusted zone on the Cloud service platform by utilizing SGX, combines technologies such as proxy re-encryption, pseudonym transformation, merkle signature tree and the like, fully combines the advantages of SGX high reliability and Cloud server strong computation, designs an efficient verifiable outsourcing key negotiation method, realizes efficient trusted collaboration of SGX and Cloud, and ensures anonymity and unlinkability of participants, thereby ensuring privacy protection of outsourcing key negotiation.

Description

Verifiable outsourcing key negotiation method based on scene privacy protection of Internet of things
Technical Field
The invention belongs to the field of internet of things and key agreement, and particularly relates to a verifiable outsourcing key agreement method based on internet of things scene privacy protection.
Background
Much research has been done in key agreement today, however, existing schemes generally assume that all devices support a uniform key agreement protocol, which is not practical in an actual internet of things (Internet of Things, ioT) scenario. Devices in the internet of things may come from different network domains and supported key agreement protocols may vary due to differences in hardware performance, computing power, and communication environment. In particular, some devices may have high computational power and be able to perform complex key agreement protocols, while other resource-constrained devices may only support lightweight protocols. In this case, when the device needs to perform key negotiation with diversified other devices, a compatible protocol is not always found, and the isomerism of the protocol makes the existing key negotiation scheme have a limitation in the practical application scenario of the internet of things.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides a verifiable outsourcing key negotiation method based on scene privacy protection of the Internet of things. The technical problems to be solved by the invention are realized by the following technical scheme:
the verifiable outsourcing key negotiation method based on the scene privacy protection of the Internet of things is applied to a key negotiation system, the key negotiation system comprises a plurality of nodes of equipment of the Internet of things and a Cloud service platform formed by trusted execution hardware SGX and Cloud, and the method comprises the following steps:
In the Node registration stage, a Node serving as a registration Node locally generates an initial pseudonym and a key contribution seed, encrypts data based on the generated initial pseudonym and key contribution seed, and sends the data together with a Node certificate of the Node to the Cloud service platform for registration application; the SGX verifies the validity of the Node certificate, derives and stores a plurality of pseudonyms and key contribution materials for the registration Node after verification is passed, and stores the mapping relation between the pseudonyms and the identity marks of the registration Node;
In the key negotiation stage, an initiating node initiating the key negotiation encrypts and signs an identity identification set and a negotiation mode of a negotiation participant, packages the identity identification set and the negotiation mode together with an unused pseudonym to form a key negotiation request message, and sends the key negotiation request message to the Cloud service platform, SGX authenticates the identity of the key negotiation participant by inquiring the mapping relation, after the authentication is passed, SGX calculates a session key according to keys Gong Xianji of each participant by acquiring key materials from the Cloud, packages and sends the session key ciphertext and a session key signature to the Cloud, and the Cloud generates the session key ciphertext which can be decrypted only by using a private key of each participant by a proxy re-encryption technology, so that each participant decrypts the session key and updates the key.
In one embodiment of the present invention, for Node i as a registration Node, in the Node registration stage, after locally generating an initial pseudonym and a key contribution seed, and performing data encryption based on the generated initial pseudonym and key contribution seed, the data encryption is sent to the cloud service platform together with a Node certificate of the Node for applying for registration, where the process includes:
Node i generates an initial temporary public-private key pair according to the input security parameter 1 λ Wherein, Representing the initial temporary private key of Node i,An initial temporary public key representing Node i;
Node i randomly samples initial pseudonym Seed of key contribution;
Node i selects the number n of pseudonyms and key contribution materials to be derived and uses the long term public key pk SGX pair of SGX Performing asymmetric encryption to obtain a ciphertext message C 1, wherein I represents splicing;
Node i uses its own long-term private key Signing the ciphertext message C 1 to obtain a ciphertext message signature sigC 1, packaging the ciphertext message C 1 and the ciphertext message signature sigC 1 together with a Node certificate Cert i of the Node i to form a registration message Msg 1, and sending the registration message Msg 1 to the cloud service platform and forwarding the registration message to SGX therein;
Node i pair initial temporary private key Performing private key hash operation to obtain a new temporary private keyUsing initial pseudonymsTemporary private keyGenerating new pseudonyms by hashingWill beAs a pseudonymous material.
In one embodiment of the present invention, for Node i as a registration Node, in the Node registration phase, the SGX verifies the validity of a Node certificate, and after verification, derives and stores a plurality of pseudonyms and key contribution materials for the registration Node, and stores a mapping relationship between the pseudonyms and the identities of the registration Node, including:
SGX verifies the legality of Node certificate Cert i of Node i, and obtains the identity UID i and the long-term public key of Node i from Node certificate Cert i after verification
Long term public key of Node i for SGXVerifying the correctness of the ciphertext message signature sigC 1, and after the verification is passed, decrypting the ciphertext message C 1 by adopting the long-term private key sk SGX of SGX to obtainSeed,n;
For each j of j e { 1..the, n } takes the value, SGX performs the following process in turn, randomly sampling the secret value k j, contributing k j to the Seed derived keySymmetric Key SGX encryption Key contribution with SGXObtaining key contribution encryption resultsFor temporary private keyPerforming private key hash operation to obtain a new temporary private keyNew temporary private keyCombining pseudonymsGenerating new pseudonyms by hashingSGX-based proxy re-encryption private key SK RE and temporary private keyGenerating pseudonymsCorresponding proxy re-encryption keyWill be kanaCorresponding proxy re-encryption keyContribution materialIs combined intoNewly adding the Table PID;
SGX will The new Table Node is added to complete registration, whereinIs pseudonymous material used by UID i for the next key agreement;
The SGX signs the successful registration message by using its own long-term private key sk SGX to obtain message Msg 2, and sends the message Msg 2 to Node i.
In one embodiment of the present invention, in the node registration phase, each time there is a node registration, the node registration number NodeCount is incremented by one;
every time the number of registered nodes exceeds a set threshold T, the SGX builds a new Merkle signature tree based on the stored pseudonym and key contribution material and updates it to Cloud, comprising:
The SGX constructs a j-th Merkle signature Tree j as a new Merkle signature Tree according to the pseudonym in the Table PID, the corresponding proxy re-encryption key and contribution material and the Root node Root j-1 of the j-1 th Merkle signature Tree j-1;
The SGX signs the Root node Root j of the j-th Merkle signature Tree j by using the own long-term private key sk SGX to obtain a Root node signature sigRoot j;
SGX packages the j-th Merkle signature Tree j and root node signature sigRoot j into message Msg 3 and sends to Cloud;
The SGX set node registration number NodeCount is 0, and the Table PID Table is emptied;
The SGX locally stores a new Root node Root j and discards the old Root node Root j-1;
after receiving the message Msg 3, the Cloud merges the Tree j and sigRoot j carried therein with the old Merkle signature Tree j-1, updates the Tree to a complete Merkle signature Tree, and stores it in the Cloud.
In one embodiment of the present invention, for Node B as an initiating Node and another negotiating party Node A, in the key negotiation stage, the initiating Node initiating key negotiation encrypts and signs the id set and negotiation mode of the negotiating party, and packages the id set and negotiation mode together with the unused pseudonym into a key negotiation request message, and sends the key negotiation request message to the cloud service platform, a process includes:
Node B pair temporary private keys Performing a KDF key derivative function to obtain a corresponding symmetric keyWherein Node B unused pseudonym is its j 1 th pseudonym and Node A unused pseudonym is its j 2 th pseudonym;
Node B selects key negotiation Mode, uses symmetric key to make key negotiation Mode and UID set (UID B,UIDA) of key negotiation participator Symmetric encryption is carried out to obtain a ciphertext message D 1, wherein a key negotiation Mode comprises DH operation and random number exclusive OR;
Node B uses unused pseudonyms And packaging the ciphertext message D 1 into a key negotiation request message Msg 4, and sending the key negotiation request message to the SGX in the cloud service platform.
In one embodiment of the present invention, in the key negotiation stage, the SGX performs identity authentication on the key negotiation participant by querying the mapping relationship, and after the authentication is passed, the SGX calculates a session key according to a key Gong Xianji of each party by acquiring a key material from the Cloud, and packages and sends a session key ciphertext and a session key signature to the Cloud, including:
upon receiving the key agreement request message Msg 4, the SGX is pseudonymized Querying Table Node for index, and obtaining UID B of identity of Node B and temporary private key
SGX is based on temporary private keyComputing symmetric keysAnd using symmetric keysDecrypting the ciphertext message D 1 to obtain UID' B,UIDA and Mode, verifying whether the UID B=UID'B is met, and if not, exiting the key negotiation operation;
SGX uses the identity UID A of Node A as index to query the Table Node to obtain the pseudonym of Node A Temporary private key
SGX passes pseudonymsObtaining key material from a Cloud query Merkle signature tree, the key material including key contribution material and data validation materialWherein verMrt includes root node signature sigRoot and other auxiliary verification materials;
SGX verifies sigRoot signature correctness and with its own long-term public key pk SGX Integrity of the data to prevent clouds from providing erroneous node key contributions;
SGX decrypts with symmetric Key Key SGX Obtaining key contribution
SGX negotiates the key negotiation Mode selected by the participants and the key contribution of each participantThe session key SKey is calculated, and the session key SKey is encrypted by using the proxy re-encryption public key PK RE of the SGX to obtain a session key ciphertext C SKey;
SGX calculates pseudonym material that Node B、NodeA used next time And updating the Table Node Table by using UID B、UIDA as an index;
The SGX signs the session key SKey by adopting the self long-term private key sk SGX to obtain a session key signature sigSKey, packages the session key ciphertext C SKey and the session key signature sigSKey into a message Msg 5, and sends the message to the Cloud.
In one embodiment of the present invention, in the key negotiation stage, the process of generating session key ciphertext for each co-participant that can only be decrypted with its private key by means of proxy re-encryption techniques, comprises:
After receiving the message Msg 5, cloud uses pseudonyms respectively Corresponding proxy re-encryption keyPerforming proxy re-encryption on the session key ciphertext C SKey to obtain ciphertext C A and C B;
Cloud will C B and sigSKey are packed into corresponding message Msg 6 and sent to Node B toC A and sigSKey are packaged into corresponding message Msg 6 and sent to Node A;
clouds will key negotiation message Inserted into key negotiation record Table Record.
In one embodiment of the present invention, in the key negotiation stage, for Node B, as a negotiation participant, the process of decrypting the session key and updating the key includes:
After receiving the message Msg 6, the Node B uses its own temporary private key Decrypting the ciphertext C B to obtain a session key SKey;
Node B uses the long-term public key pk SGX of SGX to verify the correctness of the session key SKey;
node B utilizes a temporary private key Calculating temporary private key used next time through hash operation
Node B uses pseudonymsTemporary private keyCalculating the next-used kana through hash operation
Node B locally stores the next-used pseudonymTemporary private keyAnd discarding the used pseudonymTemporary private key
In the key negotiation stage, for Node A, the process of decrypting the session key and updating the key is performed, including:
After receiving the message Msg 6, the Node A uses its own temporary private key Decrypting the ciphertext C A to obtain a session key SKey;
Node A uses the long-term public key pk SGX of SGX to verify the correctness of the session key SKey;
node A utilizes a temporary private key Calculating temporary private key used next time through hash operation
Node A uses pseudonymsTemporary private keyCalculating the next-used kana through hash operation
Node A locally stores the next-used pseudonymTemporary private keyAnd discarding the used pseudonymTemporary private key
In one embodiment of the present invention, in the key negotiation stage, if there are multiple key negotiation requests missed by the node of the internet of things device, the session key self-healing process is executed after the online is re-established, including the following procedures:
step a1, for the pseudonymous material stored locally The offline Node k obtains the newly added content Table' record in the key negotiation record Table Record of the cloud service platform during offline;
Step a2, query Whether in Table' record;
step a3, if not, the Node and Node k initiate key negotiation in the offline time, and the session key self-healing process is exited;
Step a4, if present, using the temporary private key Decrypting the ciphertext C k to obtain a session key SKey, and verifying the correctness of the session key SKey;
step a5, calculating
And a step a6, repeating the steps a 2-a 5 until the self-healing of all session keys is completed in the offline period, and then the Node k stores unused pseudonymous materials, discards all the used pseudonymous materials and completes the self-healing process of the session keys.
In one embodiment of the present invention, after Node B verifies the correctness of the session key SKey with the long-term public key pk SGX of SGX, and after performing the session key self-healing process after the offline internet of things device Node is online again, the method further includes:
And the equipment node of the Internet of things judges whether the pseudonym and the contribution material of the equipment node reach the exhaustion critical condition, if so, the new initial pseudonym and the new key contribution seed are uploaded to the cloud service platform again, and the updating operation of the pseudonym and the contribution material is completed so as to ensure the successful proceeding of the subsequent key negotiation.
The invention has the beneficial effects that:
The embodiment of the invention provides a verifiable outsourcing key negotiation method based on the scene privacy protection of the Internet of things based on the outsourcing calculation and soft and hard cooperation ideas, and aims to solve the key negotiation problem of the Internet of things equipment in an algorithm heterogeneous environment. The invention introduces the SGX to construct a trusted zone in the cloud service platform, fully integrates the advantages of high trust of the SGX and strong computation of the cloud server, realizes efficient outsourcing key negotiation between the Internet of things equipment, and ensures anonymity and unlinkability of negotiation participants.
In the key agreement process, the SGX is responsible for performing session key calculations and generating a signature digest that can be verified by the participants. In addition, to reduce the encryption computation overhead of SGX, proxy re-encryption techniques are used so that the cloud generates session key ciphertexts for each participant that can be decrypted with their private key without touching the key. The design realizes the efficient cooperation of SGX and cloud, and obviously improves the verification efficiency of the participants and the efficiency of key negotiation while guaranteeing the security of key negotiation.
Moreover, the invention provides an SGX-assisted efficient pseudonym transformation mechanism. The one-time signature based on the pseudonym certificate is realized by utilizing the SGX trusted environment, so that the participant can hide the true identity of the participant in the key negotiation process. Furthermore, the invention combines Merkle tree technology to reduce signature calculation overhead of SGX, and realize efficient transformation of the pseudonym certificate of the participant, so that even if an attacker or a cloud service provider monitors multiple key negotiation sessions, the attacker or the cloud service provider cannot link the same participant, anonymity and unlinkability of the participant are ensured, and privacy protection capable of verifying outsourcing key negotiation is realized.
Drawings
Fig. 1 is a schematic diagram of a key negotiation system according to an embodiment of the present invention;
Fig. 2 is a schematic flow chart of a verifiable package key negotiation method based on internet of things scene privacy protection according to an embodiment of the present invention;
fig. 3 is a schematic diagram of an interaction process of a node registration stage in a verifiable package key negotiation method based on internet of things scene privacy protection according to an embodiment of the present invention;
Fig. 4 is a schematic diagram of an interaction process of a key negotiation stage in a verifiable package key negotiation method based on internet of things scene privacy protection according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to specific examples, but embodiments of the present invention are not limited thereto.
The embodiment of the invention provides a verifiable package key negotiation method based on internet of things scene privacy protection, which is applied to a key negotiation system, as shown in fig. 1, wherein the key negotiation system comprises a plurality of internet of things equipment nodes, and a Cloud service platform formed by trusted execution hardware SGX and Cloud, the trusted execution hardware SGX and the Cloud cooperate to construct the Cloud service platform capable of verifying package key negotiation, the Node is used as a main participant of key negotiation, the SGX is deployed at the Cloud as a trusted execution environment, and a trusted area is constructed at the Cloud service platform. Clouds are used to provide powerful computing and storage resources.
For simplicity, the following internet of things device nodes, trusted execution hardware, and cloud are denoted by Node, SGX, cloud respectively.
Specifically, referring to fig. 2, the verifiable package key negotiation method based on the scene privacy protection of the internet of things may include:
S1, in a Node registration stage, a Node serving as a registration Node locally generates an initial pseudonym and a key contribution seed, encrypts data based on the generated initial pseudonym and key contribution seed, and sends the data together with a Node certificate of the Node to the Cloud service platform for application registration; the SGX verifies the validity of the Node certificate, derives and stores a plurality of pseudonyms and key contribution materials for the registration Node after verification is passed, and stores the mapping relation between the pseudonyms and the identity marks of the registration Node;
S2, in the key negotiation stage, the initiating node initiating the key negotiation encrypts and signs the identity mark set and negotiation mode of the negotiating participators, packages the identity mark set and negotiation mode together with unused pseudonyms to form a key negotiation request message and sends the key negotiation request message to the Cloud service platform, SGX authenticates the identity of the key negotiating participators by inquiring the mapping relation, after the authentication is passed, SGX calculates a session key according to keys Gong Xianji of each participator by acquiring key materials from the Cloud, packages and sends the session key ciphertext and the session key signature to the Cloud, and the Cloud generates the session key ciphertext which can only be decrypted by the private key of each co-participator by proxy re-encryption technology, so that each co-participator decrypts the session key and updates the key.
In order to facilitate understanding of the embodiments of the present invention, a node registration stage and a key negotiation stage are described below.
Node registration phase
The interactive processing procedure of the node registration stage is shown in fig. 3. For easy understanding, the processing procedure at this stage is described by taking the Node i as an example, and the following is specific to the Node i as the registration Node, S1:
(1) In the node registration stage, an initial pseudonym and a key contribution seed are locally generated, data encryption is performed based on the generated initial pseudonym and key contribution seed, and the data encryption and a node certificate of the data encryption are sent to the cloud service platform together for applying for registration, and the process comprises the following steps:
①Nodei Generating an initial temporary public-private key pair according to the input security parameters 1 λ Wherein, Representing the initial temporary private key of Node i,An initial temporary public key representing Node i;
In this step, the generation of the initial temporary public-private key pair may be expressed as KeyGen represents key generation, and generates an initial temporary public-private key pair according to the security parameter 1 λ Can be implemented using existing techniques.
The security parameter 1 λ is a common term in cryptography, and public and private key pairs with different lengths, such as 256 bits, 512 bits or 1024 bits, can be generated according to the difference of the security parameter 1 λ.
②Nodei Random sampling of initial pseudonymsSeed of key contribution;
In this step, node i randomly samples the initial pseudonym The random sampling key contribution Seed may be expressed as respectivelyWherein, Representing a finite field with the number of elements q, and $ representing random sampling.
③Nodei The number n of pseudonyms and key contribution materials needing to be derived is selected and the long-term public key pk SGX pair of SGX is usedPerforming asymmetric encryption to obtain a ciphertext message C 1;
and n is a positive integer, and in the key negotiation system, all public keys are public. This step can be expressed as Representing asymmetric encryption with the long term public key pk SGX of SGX. The process of asymmetric encryption is understood with reference to the prior art and will not be described in detail here.
④Nodei With its own long-term private keySigning the ciphertext message C 1 to obtain a ciphertext message signature sigC 1, packaging the ciphertext message C 1 and the ciphertext message signature sigC 1 together with a Node certificate Cert i of the Node i to form a registration message Msg 1, and sending the registration message Msg 1 to the cloud service platform and forwarding the registration message to SGX therein;
Wherein the SGX is embedded in the cloud service platform.
Node i uses its own long-term private keyThe process of signing ciphertext message C 1 to obtain ciphertext message signature sigC 1 may be represented asMay be implemented using an existing elliptic curve signature algorithm, and the process of packing into the registration message Msg 1 may be denoted Msg 1←(Certi,C1,sigC1).
⑤Nodei For initial temporary private keyPerforming private key hash operation to obtain a new temporary private keyUsing initial pseudonymsTemporary private keyGenerating new pseudonyms by hashingWill beAs a pseudonymous material.
Wherein a new temporary private key is obtainedThe process of (2) can be expressed asGenerating new pseudonymsThe process of (2) can be expressed asSKHash denotes a private key Hash operation, hash denotes a Hash operation, and these two operations are understood by referring to the related art, and will not be described in detail herein. Will beThe local storage as pseudonymous material may be expressed as
(2) After receiving the registration message Msg 1, the SGX verifies the validity of the node certificate, and after the verification is passed, derives and stores a plurality of pseudonyms and key contribution materials for the registration node, and stores the mapping relationship between the pseudonyms and the identity of the registration node, including:
① SGX verifies the legality of Node certificate Cert i of Node i, and obtains the identity UID i and the long-term public key of Node i from Node certificate Cert i after verification
It will be appreciated by those skilled in the art that Node certificates are issued and signed by a trusted authority or CA, and that SGX verifies the legitimacy of Node certificate Cert i of Node i refers to verifying the signature of the trusted authority or CA.
After passing the verification, the identity identification UID i and the long-term public key of the Node i are obtained from the Node certificate Cert i Can be expressed asPARSECERT represents parsing extracted information from node certificates. It can be appreciated that Node certificate Cert i stores the identity UID i of Node i and the long-term public key
② Long term public key of Node i for SGXVerifying the correctness of the ciphertext message signature sigC 1, and after the verification is passed, decrypting the ciphertext message C 1 by adopting the long-term private key sk SGX of SGX to obtainSeed,n;
Long term public key using Node i Verifying the correctness of the ciphertext message signature sigC 1 is performedOperation, process of verifying cryptograph message signature and Node i use self long-term private keyThe process of signing the ciphertext message C 1 to obtain the ciphertext message signature sigC 1 is corresponding, as can be appreciated with reference to the prior art.
After verification is passed, the process of decrypting ciphertext message C 1 using the long-term private key sk SGX of SGX may be represented as:Seed, Representing decryption with the long-term private key sk SGX of SGX.
③ For each j value in j e { 1..n } SGX performs the following procedure in order:
A) Randomly sampling a secret value k j to k j to Seed derivative key contribution
Similarly, the random sampled secret value may be expressed asContribution by k j and Seed derived keyCan be expressed asDeriveContrib represents a derivative key contribution, and the derivative function used herein is not limited and may be an exclusive or, hash, KDF, or other operation, so long as randomness and security of the derivative key contribution can be ensured.
B) Symmetric Key SGX encryption Key contribution with SGXObtaining key contribution encryption results
This step can be expressed as Representing encryption with the symmetric Key SGX of SGX.
C) For temporary private keyPerforming private key hash operation to obtain a new temporary private keyNew temporary private keyCombining pseudonymsGenerating new pseudonyms by hashing
For temporary private keyPerforming private key hash operation to obtain a new temporary private keyCan be expressed asSKHash is a private key hash operation.
New temporary private keyCombining pseudonymsGenerating new pseudonyms by hashingCan be expressed asHash is a Hash operation.
D) SGX-based proxy re-encryption private key SK RE and temporary private keyGenerating pseudonymsCorresponding proxy re-encryption key
This step can be expressed as
E) Will be kanaCorresponding proxy re-encryption keyContribution materialIs combined intoNewly adding the Table PID;
this step can be expressed as I.e. storing the pseudonym and the key contribution material.
④ SGX willThe new Table Node is added to complete registration, whereinIs pseudonymous material used by UID i for the next key agreement;
this step can be expressed as Wherein, table Node reflects the mapping relation between the pseudonym and the identity of the registered node.
⑤ The SGX signs the successful registration message by using its own long-term private key sk SGX to obtain message Msg 2, and sends the message Msg 2 to Node i.
This step can be expressed asWherein, OK is a successful message of registration,Representing signing with the long-term private key sk SGX of SGX.
(3) In the Node registration stage, every time there is Node registration, the Node registration number NodeCount is increased by one, so as to ensure anonymity and unlinkability of the participants, and realize confusion of Node i pseudonymous material. Every time the number of registered nodes reaches a set threshold T, the SGX builds a new Merkle signature Tree based on the stored pseudonym and key contribution materials, i.e. builds a new Merkle signature Tree according to the local Table PID Table and updates it to Cloud, taking the j-th Merkle signature Tree j as an example, and every time the number of registered nodes exceeds the set threshold T, the above procedure includes:
① The SGX constructs a j-th Merkle signature Tree j as a new Merkle signature Tree according to the pseudonym in the Table PID, the corresponding proxy re-encryption key and contribution material and the Root node Root j-1 of the j-1 th Merkle signature Tree j-1;
This step may be denoted as Tree j←buildMerkle(TablePID,Rootj-1).
② The SGX signs the Root node Root j of the j-th Merkle signature Tree j by using the own long-term private key sk SGX to obtain a Root node signature sigRoot j;
this step can be expressed as Representing signing with the long-term private key sk SGX.
③ SGX packages the j-th Merkle signature Tree j and root node signature sigRoot j into message Msg 3 and sends to Cloud;
this step may be denoted Msg 3←(Treej,sigRootj).
④ The SGX set node registration number NodeCount is 0, and the Table PID Table is emptied;
⑤ The SGX locally stores a new Root node Root j and discards the old Root node Root j-1;
⑥ After receiving the message Msg 3, the Cloud merges the Tree j and sigRoot j carried therein with the old Merkle signature Tree j-1, updates the Tree to a complete Merkle signature Tree, and stores it in the Cloud.
Specifically, after receiving the SGX message Msg 3, cloud performs the Merge (Tree old,Treenew,sigRootnew) operation, where new corresponds to j, old corresponds to j-1, (Tree j,sigRootj) is merged with old Tree j-1, updated to a complete Merkle signature Tree, and stored in Cloud.
(II) Key negotiation stage
The interactive process of the key negotiation stage is shown in fig. 4. For easy understanding, the processing procedure in this stage is illustrated by taking Node B to initiate key agreement with Node A holding the jth 1 kana and the jth 2 kana, and specific contents of S2 for Node B as an initiating Node and another negotiating participant Node A are as follows:
(1) In the key negotiation stage, an initiating node initiating the key negotiation encrypts and signs an identity identifier set and a negotiation mode of a negotiation participant, packages the identity identifier set and the negotiation mode together with unused pseudonyms into a key negotiation request message, and sends the key negotiation request message to the cloud service platform, wherein the process comprises the following steps:
①NodeB For temporary private key Performing a KDF key derivative function to obtain a corresponding symmetric key
This step can be expressed asWherein for the temporary private keyThe process of doing the KDF key derivation function is understood with reference to the related art.
Wherein Node B unused pseudonym is its j 1 th pseudonym and Node A unused pseudonym is its j 2 th pseudonym;
②NodeB Selecting a key negotiation Mode, and using the key negotiation Mode and a UID set (UID B,UIDA) of a key negotiation participant to use a symmetric key Symmetric encryption is carried out to obtain a ciphertext message D 1, wherein a key negotiation Mode comprises DH operation and random number exclusive OR;
The process of obtaining ciphertext message D 1 at this step may be represented as:
Symmetric key for representation And (5) performing symmetric encryption.
③NodeB To make unused kanaAnd packaging the ciphertext message D 1 into a key negotiation request message Msg 4, and sending the key negotiation request message to the SGX in the cloud service platform.
This step can be expressed as
(2) In the key negotiation stage, the SGX performs identity authentication on the key negotiation participant by querying the mapping relationship, and after the authentication is passed, the SGX calculates a session key according to a key Gong Xianji of each party by acquiring a key material from the Cloud, packages a session key ciphertext and a session key signature, and sends the session key ciphertext and the session key signature to the Cloud, including:
① Upon receiving the key agreement request message Msg 4, the SGX is pseudonymized Querying Table Node for index, and obtaining UID B of identity of Node B and temporary private key
This step may be denoted as UID B,
② SGX is based on temporary private keyComputing symmetric keysAnd using symmetric keysDecrypting the ciphertext message D 1 to obtain UID' B,UIDA and Mode, verifying whether the UID B=UID'B is met, and if not, exiting the key negotiation operation;
SGX is based on temporary private key Computing symmetric keysCan be expressed as:
using symmetric keys The decrypted ciphertext message D 1 may be represented as:
verifying whether UID B=UID'B is satisfied, if not, exiting the key negotiation operation, expressed as:
check if UID B≠UID'B → Aborts, aborts indicates that the key agreement operation is exited.
③ SGX uses the identity UID A of Node A as index to query the Table Node to obtain the pseudonym of Node A Temporary private key
This step can be expressed as:
④ SGX passes pseudonyms Obtaining key material from a Cloud query Merkle signature tree, the key material including key contribution material and data validation materialWherein verMrt includes root node signature sigRoot and other auxiliary verification materials;
this step can be expressed as:
⑤ SGX verifies sigRoot signature correctness and with its own long-term public key pk SGX Integrity of the data to prevent clouds from providing erroneous node key contributions;
this step is SGX execution
⑥ SGX decrypts with symmetric Key Key SGX Obtaining key contribution
This step can be expressed as:
⑦ SGX negotiates the key negotiation Mode selected by the participants and the key contribution of each participant The session key SKey is calculated, and the session key SKey is encrypted by using the proxy re-encryption public key PK RE of the SGX to obtain a session key ciphertext C SKey;
The computing session key SKey may be expressed as The resulting session key ciphertext C SKey may be represented as Representing encryption with proxy re-encryption public key PK RE of SGX.
⑧ SGX calculates pseudonym material that Node B、NodeA used next timeAnd updating the Table Node Table by using UID B、UIDA as an index;
this step can be expressed as:
⑨ The SGX signs the session key SKey by adopting the self long-term private key sk SGX to obtain a session key signature sigSKey, packages the session key ciphertext C SKey and the session key signature sigSKey into a message Msg 5, and sends the message to the Cloud.
The packed message Msg 5 may be expressed as Msg 5←(CSKey, sigSKey).
(3) In the key negotiation stage, the process of generating session key ciphertext which can only be decrypted by the private key of each coordinator participant through the proxy re-encryption technology by the Cloud comprises the following steps:
① After receiving the message Msg 5, cloud uses pseudonyms respectively Corresponding proxy re-encryption keyPerforming proxy re-encryption on the session key ciphertext C SKey to obtain ciphertext C A and C B;
this step can be expressed as ReEnc denotes performing proxy re-encryption.
② Cloud willC B and sigSKey are packed into corresponding message Msg 6 and sent to Node B toC A and sigSKey are packaged into corresponding message Msg 6 and sent to Node A;
for Node B, this step can be expressed as For Node A, this step can be expressed as
③ Clouds will key negotiation messageInserted into key negotiation record Table Record.
(4) In the key negotiation stage, as a negotiation participant, the process of decrypting the session key and updating the key is similar, and the specific steps are as follows:
1) In the key negotiation stage, for Node B, as a negotiation participant, a process of decrypting a session key and updating the key comprises:
① After receiving the message Msg 6, the Node B uses its own temporary private key Decrypting the ciphertext C B to obtain a session key SKey;
this step can be expressed as
②NodeB Verifying the correctness of the session key SKey by using the long-term public key pk SGX of the SGX;
this step can be expressed as
③NodeB Using temporary private keysCalculating temporary private key used next time through hash operation
This step can be expressed as
④NodeB By using pseudonymsTemporary private keyCalculating the next-used kana through hash operation
This step can be expressed as
⑤NodeB Storing the next-time pseudonym locallyTemporary private keyAnd discarding the used pseudonymTemporary private key
This step can be expressed as
2) In the key negotiation stage, for Node A, the process of decrypting the session key and updating the key is performed, including:
① After receiving the message Msg 6, the Node A uses its own temporary private key Decrypting the ciphertext C A to obtain a session key SKey;
②NodeA Verifying the correctness of the session key SKey by using the long-term public key pk SGX of the SGX;
③NodeA Using temporary private keys Calculating temporary private key used next time through hash operation
④NodeA By using pseudonymsTemporary private keyCalculating the next-used kana through hash operation
⑤NodeA Storing the next-time pseudonym locallyTemporary private keyAnd discarding the used pseudonymTemporary private key
Through the above processing, the internet of things device nodes Node B and Node A participating in the key negotiation can decrypt the session key and perform key update, thereby completing the key negotiation.
In the embodiment of the invention, because each Node has differences in computing capability, communication environment and the like, supported key negotiation protocols can be different, and the Node performs key negotiation with other nodes by means of the cloud service platform. In this process, node uses pseudonym to conduct outsourcing key negotiation, and uses signature abstract generated by SGX to verify session key obtained by decryption. In the node registration phase, the SGX derives pseudonym material and key contribution material for the node. During key agreement, the SGX is responsible for performing session key computations and generating a signature digest that can be validated by the participants. By cooperating with the cloud, the SGX generates a decryptable key ciphertext for each Node by using a proxy re-encryption technology on the premise of not exposing the key. In the key negotiation process, the Cloud generates a session key ciphertext which can be decrypted by a private key of the Cloud for each participant under the condition that the session key cannot be directly contacted by the Cloud through a proxy re-encryption technology. In addition, the Cloud is also responsible for the storage and retrieval functions of pseudonyms and key contribution materials, ensuring that SGX can be accessed efficiently.
In the embodiment of the invention, if a node misses a plurality of key negotiation requests in the offline period, the scheme of the invention not only can realize the self-healing of the offline node session key, but also ensures anonymity and unlinkability. In the following, the pseudonymous material is stored locallyThe Node i of (a) is offline, and the session key self-healing is performed after the Node is online again.
In the key negotiation stage, if the internet of things equipment node misses a plurality of key negotiation requests, the session key self-healing process is executed after the online is restarted, and the method comprises the following steps:
step a1, for the pseudonymous material stored locally The offline Node k obtains the newly added content Table' record in the key negotiation record Table Record of the cloud service platform during offline;
Step a2, query Whether in Table' record;
step a3, if not, the Node and Node k initiate key negotiation in the offline time, and the session key self-healing process is exited;
Step a4, if present, using the temporary private key Decrypting the ciphertext C k to obtain a session key SKey, and verifying the correctness of the session key SKey;
step a5, calculating
This step is understood with reference to the relevant procedure described above.
And a step a6, repeating the steps a 2-a 5 until the self-healing of all session keys is completed in the offline period, and then the Node k stores unused pseudonymous materials, discards all the used pseudonymous materials and completes the self-healing process of the session keys.
In addition, in the embodiment of the present invention, after Node B verifies the correctness of the session key SKey by using the long-term public key pk SGX of SGX, and after the session key self-healing process is performed after the offline internet of things device Node is online again, the method further includes:
And the equipment node of the Internet of things judges whether the pseudonym and the contribution material of the equipment node reach the exhaustion critical condition, if so, the new initial pseudonym and the new key contribution seed are uploaded to the cloud service platform again, and the updating operation of the pseudonym and the contribution material is completed so as to ensure the successful proceeding of the subsequent key negotiation.
And uploading new initial pseudonyms and key contribution seeds to the cloud service platform again to finish the updating operation of pseudonyms and contribution materials, wherein the relevant content understanding of the node registration stage can be seen, and repeated description is omitted.
The scheme of the embodiment of the invention can be used for unmanned aerial vehicle secret key negotiation scenes and the like, aiming at unmanned aerial vehicle secret key negotiation, the Node of the equipment of the Internet of things is an unmanned aerial vehicle, a plurality of unmanned aerial vehicle nodes form a cluster to carry out cooperative operation, information such as position, navigational speed, heading, task and the like are required to be shared in real time, and secret key negotiation is required to ensure safe transmission in order to prevent eavesdropping or tampering of malicious attackers.
The embodiment of the invention provides a verifiable outsourcing key negotiation method based on the scene privacy protection of the Internet of things based on the outsourcing calculation and soft and hard cooperation ideas, and aims to solve the key negotiation problem of the Internet of things equipment in an algorithm heterogeneous environment. The invention introduces the SGX to construct a trusted zone in the cloud service platform, fully integrates the advantages of high trust of the SGX and strong computation of the cloud server, realizes efficient outsourcing key negotiation between the Internet of things equipment, and ensures anonymity and unlinkability of negotiation participants.
In the key agreement process, the SGX is responsible for performing session key calculations and generating a signature digest that can be verified by the participants. In addition, to reduce the encryption computation overhead of SGX, proxy re-encryption techniques are used so that the cloud generates session key ciphertexts for each participant that can be decrypted with their private key without touching the key. The design realizes the efficient cooperation of SGX and cloud, and obviously improves the verification efficiency of the participants and the efficiency of key negotiation while guaranteeing the security of key negotiation.
Moreover, the invention provides an SGX-assisted efficient pseudonym transformation mechanism. The one-time signature based on the pseudonym certificate is realized by utilizing the SGX trusted environment, so that the participant can hide the true identity of the participant in the key negotiation process. Furthermore, the invention combines Merkle tree technology to reduce signature calculation overhead of SGX, and realize efficient transformation of the pseudonym certificate of the participant, so that even if an attacker or a cloud service provider monitors multiple key negotiation sessions, the attacker or the cloud service provider cannot link the same participant, anonymity and unlinkability of the participant are ensured, and privacy protection capable of verifying outsourcing key negotiation is realized.
It should be noted that in the description of the present invention, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature. In the description of the present invention, the meaning of "a plurality" is two or more, unless explicitly defined otherwise.
In the description of the present specification, a description referring to terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, one skilled in the art can combine and combine the different embodiments or examples described in this specification.
The foregoing description is only of the preferred embodiments of the present invention and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention are included in the protection scope of the present invention.

Claims (10)

1. The verifiable outsourcing key negotiation method based on the scene privacy protection of the Internet of things is characterized by being applied to a key negotiation system, wherein the key negotiation system comprises a plurality of Internet of things equipment nodes and a Cloud service platform formed by trusted execution hardware SGX and Cloud, and the method comprises the following steps:
In the Node registration stage, a Node serving as a registration Node locally generates an initial pseudonym and a key contribution seed, encrypts data based on the generated initial pseudonym and key contribution seed, and sends the data together with a Node certificate of the Node to the Cloud service platform for registration application; the SGX verifies the validity of the Node certificate, derives and stores a plurality of pseudonyms and key contribution materials for the registration Node after verification is passed, and stores the mapping relation between the pseudonyms and the identity marks of the registration Node;
In the key negotiation stage, an initiating node initiating the key negotiation encrypts and signs an identity identification set and a negotiation mode of a negotiation participant, packages the identity identification set and the negotiation mode together with an unused pseudonym to form a key negotiation request message, and sends the key negotiation request message to the Cloud service platform, SGX authenticates the identity of the key negotiation participant by inquiring the mapping relation, after the authentication is passed, SGX calculates a session key according to keys Gong Xianji of each participant by acquiring key materials from the Cloud, packages and sends the session key ciphertext and a session key signature to the Cloud, and the Cloud generates the session key ciphertext which can be decrypted only by using a private key of each participant by a proxy re-encryption technology, so that each participant decrypts the session key and updates the key.
2. The method according to claim 1, wherein for Node i as a registration Node, in the Node registration stage, after locally generating an initial pseudonym and a key contribution seed, and performing data encryption based on the generated initial pseudonym and key contribution seed, sending the data encryption to the cloud service platform along with its own Node certificate for applying for registration, including:
Node i generates an initial temporary public-private key pair according to the input security parameter 1 λ Wherein, Representing the initial temporary private key of Node i,An initial temporary public key representing Node i;
Node i randomly samples initial pseudonym Seed of key contribution;
Node i selects the number n of pseudonyms and key contribution materials to be derived and uses the long term public key pk SGX pair of SGX Performing asymmetric encryption to obtain a ciphertext message C 1, wherein I represents splicing;
Node i signs ciphertext message C 1 by using self long-term private key sk Nodei to obtain ciphertext message signature sigC 1, packages ciphertext message C 1 and ciphertext message signature sigC 1 together with Node certificate Cert i of Node i to be registration message Msg 1, and sends the registration message Msg 1 to the cloud service platform and forwards the registration message to SGX therein;
Node i pair initial temporary private key Performing private key hash operation to obtain a new temporary private keyUsing initial pseudonymsTemporary private keyGenerating new pseudonyms by hashingWill beAs a pseudonymous material.
3. The method according to claim 2, wherein for Node i as a registration Node, in the Node registration phase, the SGX verifies the validity of the Node certificate, and the process of deriving and storing a plurality of pseudonyms and key contribution materials for the registration Node after the verification is passed, and storing the mapping relationship between the pseudonyms and the identities of the registration Node includes:
SGX verifies the legality of Node certificate Cert i of Node i, and obtains the identity UID i and the long-term public key of Node i from Node certificate Cert i after verification
Long term public key of Node i for SGXVerifying the correctness of the ciphertext message signature sigC 1, and after the verification is passed, decrypting the ciphertext message C 1 by adopting the long-term private key sk SGX of SGX to obtainSeed,n;
For each j of j e { 1..the, n } takes the value, SGX performs the following process in turn, randomly sampling the secret value k j, contributing k j to the Seed derived keySymmetric Key SGX encryption Key contribution with SGXObtaining key contribution encryption resultsFor temporary private keyPerforming private key hash operation to obtain a new temporary private keyNew temporary private keyCombining pseudonymsGenerating new pseudonyms by hashingSGX-based proxy re-encryption private key SK RE and temporary private keyGenerating pseudonymsCorresponding proxy re-encryption keyWill be kanaCorresponding proxy re-encryption keyContribution materialIs combined intoNewly adding the Table PID;
SGX will The new Table Node is added to complete registration, whereinIs pseudonymous material used by UID i for the next key agreement;
The SGX signs the successful registration message by using its own long-term private key sk SGX to obtain message Msg 2, and sends the message Msg 2 to Node i.
4. A method according to claim 3, wherein in the node registration phase, the number of node registrations NodeCount is incremented each time there is a node registration;
every time the number of registered nodes exceeds a set threshold T, the SGX builds a new Merkle signature tree based on the stored pseudonym and key contribution material and updates it to Cloud, comprising:
The SGX constructs a j-th Merkle signature Tree j as a new Merkle signature Tree according to the pseudonym in the Table PID, the corresponding proxy re-encryption key and contribution material and the Root node Root j-1 of the j-1 th Merkle signature Tree j-1;
The SGX signs the Root node Root j of the j-th Merkle signature Tree j by using the own long-term private key sk SGX to obtain a Root node signature sigRoot j;
SGX packages the j-th Merkle signature Tree j and root node signature sigRoot j into message Msg 3 and sends to Cloud;
The SGX set node registration number NodeCount is 0, and the Table PID Table is emptied;
The SGX locally stores a new Root node Root j and discards the old Root node Root j-1;
after receiving the message Msg 3, the Cloud merges the Tree j and sigRoot j carried therein with the old Merkle signature Tree j-1, updates the Tree to a complete Merkle signature Tree, and stores it in the Cloud.
5. The method of claim 4, wherein for Node B as an initiating Node to negotiate with another participant Node A, in the key negotiation phase, the initiating Node that initiates key negotiation encrypts and signs the set of identities and negotiation patterns of negotiating participants, while packaging with unused pseudonyms as a key negotiation request message, and sending to the cloud service platform, comprising:
Node B pair temporary private keys Performing a KDF key derivative function to obtain a corresponding symmetric keyWherein Node B unused pseudonym is its j 1 th pseudonym and Node A unused pseudonym is its j 2 th pseudonym;
Node B selects key negotiation Mode, uses symmetric key to make key negotiation Mode and UID set (UID B,UIDA) of key negotiation participator Symmetric encryption is carried out to obtain a ciphertext message D 1, wherein a key negotiation Mode comprises DH operation and random number exclusive OR;
Node B uses unused pseudonyms And packaging the ciphertext message D 1 into a key negotiation request message Msg 4, and sending the key negotiation request message to the SGX in the cloud service platform.
6. The method of claim 5, wherein in the key negotiation stage, the SGX performs identity authentication on the key negotiation participants by querying the mapping relationship, and after the authentication is passed, the SGX calculates a session key from the key Gong Xianji of each party by acquiring key material from the Cloud, and sends a session key ciphertext and a session key signature package to the Cloud, which includes:
upon receiving the key agreement request message Msg 4, the SGX is pseudonymized Querying Table Node for index, and obtaining UID B of identity of Node B and temporary private key
SGX is based on temporary private keyComputing symmetric keysAnd using symmetric keysDecrypting the ciphertext message D 1 to obtain UID' B,UIDA and Mode, verifying whether the UID B=UID'B is met, and if not, exiting the key negotiation operation;
SGX uses the identity UID A of Node A as index to query the Table Node to obtain the pseudonym of Node A Temporary private key
SGX passes pseudonymsObtaining key material from a Cloud query Merkle signature tree, the key material including key contribution material and data validation materialWherein verMrt includes root node signature sigRoot and other auxiliary verification materials;
SGX verifies sigRoot signature correctness and with its own long-term public key pk SGX Integrity of the data to prevent clouds from providing erroneous node key contributions;
SGX decrypts with symmetric Key Key SGX Obtaining key contribution
SGX negotiates the key negotiation Mode selected by the participants and the key contribution of each participantThe session key SKey is calculated, and the session key SKey is encrypted by using the proxy re-encryption public key PK RE of the SGX to obtain a session key ciphertext C SKey;
SGX calculates pseudonym material that Node B、NodeA used next time And updating the Table Node Table by using UID B、UIDA as an index;
The SGX signs the session key SKey by adopting the self long-term private key sk SGX to obtain a session key signature sigSKey, packages the session key ciphertext C SKey and the session key signature sigSKey into a message Msg 5, and sends the message to the Cloud.
7. The method of claim 6, wherein in the key agreement phase, the process of generating session key ciphertext for each co-participant that is decryptable only with its private key by means of proxy re-encryption techniques, comprises:
After receiving the message Msg 5, cloud uses pseudonyms respectively Corresponding proxy re-encryption keyPerforming proxy re-encryption on the session key ciphertext C SKey to obtain ciphertext C A and C B;
Cloud will C B and sigSKey are packed into corresponding message Msg 6 and sent to Node B toC A and sigSKey are packaged into corresponding message Msg 6 and sent to Node A;
clouds will key negotiation message Inserted into key negotiation record Table Record.
8. The method of claim 7, wherein the process of decrypting the session key and updating the key for Node B as a negotiating party in the key negotiation phase comprises:
After receiving the message Msg 6, the Node B uses its own temporary private key Decrypting the ciphertext C B to obtain a session key SKey;
Node B uses the long-term public key pk SGX of SGX to verify the correctness of the session key SKey;
node B utilizes a temporary private key Calculating temporary private key used next time through hash operation
Node B uses pseudonymsTemporary private keyCalculating the next-used kana through hash operation
Node B locally stores the next-used pseudonymTemporary private keyAnd discarding the used pseudonymTemporary private key
In the key negotiation stage, for Node A, the process of decrypting the session key and updating the key is performed, including:
After receiving the message Msg 6, the Node A uses its own temporary private key Decrypting the ciphertext C A to obtain a session key SKey;
Node A uses the long-term public key pk SGX of SGX to verify the correctness of the session key SKey;
node A utilizes a temporary private key Calculating temporary private key used next time through hash operation
Node A uses pseudonymsTemporary private keyCalculating the next-used kana through hash operation
Node A locally stores the next-used pseudonymTemporary private keyAnd discarding the used pseudonymTemporary private key
9. The method according to claim 8, wherein in the key negotiation stage, if there are multiple key negotiation requests missed by the node of the internet of things device, the session key self-healing process is performed after the online is re-established, which includes the following procedures:
step a1, for the pseudonymous material stored locally The offline Node k obtains the newly added content Table' record in the key negotiation record Table Record of the cloud service platform during offline;
Step a2, query Whether in Table' record;
step a3, if not, the Node and Node k initiate key negotiation in the offline time, and the session key self-healing process is exited;
Step a4, if present, using the temporary private key Decrypting the ciphertext C k to obtain a session key SKey, and verifying the correctness of the session key SKey;
step a5, calculating
And a step a6, repeating the steps a 2-a 5 until the self-healing of all session keys is completed in the offline period, and then the Node k stores unused pseudonymous materials, discards all the used pseudonymous materials and completes the self-healing process of the session keys.
10. The method of claim 9, wherein after Node B verifies the correctness of the session key SKey with the long-term public key pk SGX of SGX and after performing the session key self-healing process after the offline internet of things device Node is brought back online, the method further comprises:
And the equipment node of the Internet of things judges whether the pseudonym and the contribution material of the equipment node reach the exhaustion critical condition, if so, the new initial pseudonym and the new key contribution seed are uploaded to the cloud service platform again, and the updating operation of the pseudonym and the contribution material is completed so as to ensure the successful proceeding of the subsequent key negotiation.
CN202411821118.0A 2024-12-11 2024-12-11 A Verifiable Outsourced Key Negotiation Method for Privacy Protection in IoT Scenarios Active CN119696775B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411821118.0A CN119696775B (en) 2024-12-11 2024-12-11 A Verifiable Outsourced Key Negotiation Method for Privacy Protection in IoT Scenarios

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411821118.0A CN119696775B (en) 2024-12-11 2024-12-11 A Verifiable Outsourced Key Negotiation Method for Privacy Protection in IoT Scenarios

Publications (2)

Publication Number Publication Date
CN119696775A true CN119696775A (en) 2025-03-25
CN119696775B CN119696775B (en) 2025-11-04

Family

ID=95038344

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411821118.0A Active CN119696775B (en) 2024-12-11 2024-12-11 A Verifiable Outsourced Key Negotiation Method for Privacy Protection in IoT Scenarios

Country Status (1)

Country Link
CN (1) CN119696775B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018076365A1 (en) * 2016-10-31 2018-05-03 美的智慧家居科技有限公司 Key negotiation method and device
CN111314871A (en) * 2020-01-22 2020-06-19 江西理工大学 Safe sharing travel service scheme based on alliance block chain
CN112947855A (en) * 2021-02-01 2021-06-11 电子科技大学 Efficient encryption repeated data deleting method based on hardware security zone
CN117041943A (en) * 2023-10-07 2023-11-10 曲阜师范大学 Block chain-based complete anonymous authentication and key agreement method in Internet of vehicles environment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018076365A1 (en) * 2016-10-31 2018-05-03 美的智慧家居科技有限公司 Key negotiation method and device
CN111314871A (en) * 2020-01-22 2020-06-19 江西理工大学 Safe sharing travel service scheme based on alliance block chain
CN112947855A (en) * 2021-02-01 2021-06-11 电子科技大学 Efficient encryption repeated data deleting method based on hardware security zone
CN117041943A (en) * 2023-10-07 2023-11-10 曲阜师范大学 Block chain-based complete anonymous authentication and key agreement method in Internet of vehicles environment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
李莉;沈苏彬;毛燕琴: "基于主机的网络层访问控制机制设计与实现", 计算机工程与应用, no. 08, 11 March 2006 (2006-03-11) *

Also Published As

Publication number Publication date
CN119696775B (en) 2025-11-04

Similar Documents

Publication Publication Date Title
CN111355745B (en) Cross-domain identity authentication method based on edge computing network architecture
CN108599925B (en) Improved AKA identity authentication system and method based on quantum communication network
CN114398602B (en) Internet of things terminal identity authentication method based on edge calculation
CN102404347A (en) Mobile internet access authentication method based on public key infrastructure
CN110493272B (en) Communication method and communication system using multiple keys
CN106878016A (en) Data is activation, method of reseptance and device
CN107493570B (en) A PMIPV6 anonymous access authentication system and method based on identity group signature
CN101420694A (en) WAPI-XG1 access and fast switch authentication method
CN113918971B (en) Block chain-based message transmission method, device, equipment and readable storage medium
CN115766119B (en) Communication method, device, communication system and storage medium
CN117424708B (en) Cross-domain authentication method based on blockchain and certificate-free signature
CN115459912B (en) Communication encryption method and system based on quantum key centralized management
Babu et al. Fog‐Sec: Secure end‐to‐end communication in fog‐enabled IoT network using permissioned blockchain system
CN117729056A (en) Equipment identity authentication method and system
CN114679261B (en) On-chain anonymous communication method and system based on key derivation algorithm
Li et al. Blockchain-based portable authenticated data transmission for mobile edge computing: A universally composable secure solution
Cho et al. Using QKD in MACsec for secure Ethernet networks
CN119051878A (en) Method and system for data encryption transmission
CN120074963B (en) Identity authentication method based on Chebyshev mapping
CN118659923B (en) A quantum-resistant security enhancement method for the Simple Authentication and Security Layer protocol
KR20040013966A (en) Authentication and key agreement scheme for mobile network
CN119788436A (en) Data protection method, device and storage medium
CN119696775B (en) A Verifiable Outsourced Key Negotiation Method for Privacy Protection in IoT Scenarios
CN118713920A (en) A method for verifying access security of an Internet of Things device
Deng et al. Identity-based secret sharing access control framework for information-centric networking

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant