Security hybrid encryption method based on narrowband Internet of Things

Abstract

The invention provides a security hybrid encryption method based on narrowband Internet of Things, which comprises the following steps of carrying out lightweight identity authentication on each terminal and a server, and realizing the identity authentication of the terminal and the transmission of an initial key and an initial IV vector by using unidirectional asymmetric encryption in the lightweight identity authentication, and after the identity authentication of the terminal succeeds, performing encryption communication between the terminal and the server by adopting a dynamic symmetric encryption and decryption algorithm, so that the symmetric encryption and decryption algorithm uses different symmetric keys and different structural parameters in each time of encryption communicationof each terminal. Lightweight identity recognition is adopted; on the basis of ensuring the security, the authentication time and the calculation consumption are greatly reduced, a dynamic symmetric encryption and decryption algorithm is adopted, a symmetric key and a set of structural parameters are ensured to be set at a time, the structural parameters of the algorithm are changed in a nonlinearmode under the condition that the large structure is not changed, and the capacity of the algorithm for resisting side channel attacks such as energy analysis is improved.

Description

technical field [0001] The invention relates to the technical field of information security in the narrowband Internet of Things, in particular to a secure hybrid encryption method based on the narrowband Internet of Things. Background technique [0002] The characteristics of Narrow Band Internet of Things (NB-IoT) can be divided into four categories. The first category is wide coverage: NB-IoT only consumes about 180kHz of bandwidth, and NB-IoT is comparable to existing Some networks have a gain of about 20dB, which is equivalent to a 100-fold increase in coverage; the second category is strong connection capability: one sector can support 100,000 connections; the third category is low power consumption: generally requires NB-IoT terminal modules can stand by for more than 10 years; the fourth category is low cost: lower costs can be achieved after industrial production. Due to the above advantages of NB-IoT, it is more suitable for remote meter reading, asset tracking, s...

AI Technical Summary

Problems solved by technology

[0005] 1) The method for the receiving parties to confirm each other’s identity: the traditional method is that both parties issue digital certificates separately by a reliable organization. This method is applicable if it is applied in a small-scale Internet of Things, but if it is applied in NB-IoT, it will cost a lot, usually The number of NB-IoT terminals is tens of thousands or millions. If you ask a reliable organization to issue digital certificates to them one by one, it will not only take a lot of time and effort but also increase a lot of costs, and digital certificates are often used in the communication process. Asymmetric communication will consume a lot of chip computing power and power consumption

[0006] 2) The danger of artificial key infusion: Many NB-IoT security chips require manual key infusion in the first step of initialization. transfer

But the danger of this method is the direct exposure of the initial key. Even if the algorithm uses the initial key, the hash algorithm or several other mathematical algorithms will be operated to reorganize the initial key. However, due to the initial The source is extremely vulnerable to the risk of artificial exposure, even if the hash algorithm is an irreversible algorithm, it will not bring any increase in security, and the security algorithm is not based on avoiding algorithm exposure to ensure its security, but Safety is guaranteed based on mathematical incomprehension, so if artificial perfusion is used, it will increase a lot of risks at the source for the entire safety mechanism

[0007] 3) Facing the challenge of side-channel attacks: In the information transmission of NB-IoT, the transmission of short messages and the same state information is often used, and the most common energy analysis attack in side-channel attacks is that a large number of collection terminals are sending The energy consumption information of the same plaintext and the same key is used, and then statistical analysis is performed. This attack method is quite dangerous for the information transmission of NB-IoT

If this scheme is applied to NB-IoT, it is very easy to face the energy analysis attack of side channel attack, and if the key transfer uses ECC (asymmetric encryption algorithm) every time, it will still bring time and calculation energy consumption, and if it is applied The application of NB-IoT will face the issue of digital certificate issuance for a large number of devices

Images