Multi-gateway authentication method and system, storage medium, computer equipment and terminal

Abstract

The invention belongs to the technical field of communication network security, and discloses a multi-gateway authentication method and system, a storage medium, computer equipment and a terminal. The multi-gateway authentication method comprises the steps of: performing offline initialization; performing user registration; registering sensor nodes; logging in by a user; and carrying out authentication and key negotiation. According to the invention, a public key mechanism is introduced into a multi-gateway authentication scheme of the wireless sensor network through a rabin mechanism, mutual authentication and session key negotiation between a user and sensor equipment can be realized, and the privacy of the user is protected; as a public key mechanism is introduced, anonymity and non-traceability can be realized on the premise of ensuring bidirectional authentication, and the method has good forward security. Meanwhile, multiple attack modes such as replay attacks, simulation attacks and man-in-the-middle attacks can be resisted, and technical support can be provided for multi-gateway scenes needing real-time data access and cross-regional access such as industrial Internet of Things and smart medical treatment.

Description

technical field [0001] The invention belongs to the technical field of communication network security, and in particular relates to a multi-gateway authentication method, system, storage medium, computer equipment and terminal. Background technique [0002] At present, the authentication protocol is an important measure to ensure the security of the Internet of Things. Traditional network devices can use classic public key encryption algorithms to design authentication schemes, but due to the limited computing and storage resources of IoT devices, they can only use lightweight encryption algorithms. Most of the existing protocols are single-gateway authentication protocols, which can only ensure that users and devices within the coverage area of ​​a single gateway can establish secure sessions. In a wireless sensor network, when there is only a single gateway, high-speed data streams may conflict, and because the distance between the edge sensor and the gateway node in the ...

AI Technical Summary

Problems solved by technology

[0005](1) The security mechanism of the Internet of Things is usually embedded security, its terminal resources are limited and usually deployed in an open unattended environment, WSN is the core of the Internet of Things technology, the computing power and resources of its sensor nodes are limited, and how to ensure its security authentication needs to be solved urgently

[0006](2) In the case of a single gateway, high-speed data streams may collide, and the distance between the edge sensor and the gateway node in the single-gateway model is too far to cause reception The cost of sending and sending messages becomes higher, the communication overhead increases, and the network performance decreases, etc.

[0007](3) At present, there are few researches on multi-gateway authentication protocols. Existing multi-gateway authentication protocols are based on lightweight operations such as hash and XOR or symmetric Encryption algorithm, however public key algorithm is an essential tool to achieve forward security

[0010](2) wireless sensor network, the computing resources and storage resources of most devices are limited, the traditional public key infrastructure (Public Key Infrastructure, PKI) and based on The authentication protocol of public key cryptographic primitives cannot be directly transplanted, so it is necessary to design a lightweight authentication protocol to ensure the legitimacy of the identity of the communication entity and reduce the computing overhead of sensor nodes as much as possible

[0011](3) In a wireless sensor network, in a single gateway scenario, there may be high-speed data flow conflicts. Far will lead to higher cost of receiving and sending messages, increased communication overhead, and reduced network performance

Specifically: in the above scenario, if an attacker monitors, intercepts, and tampers with the communication information of the open link, thereby stealing the identity information or other authentication information of the entity to be authenticated, this will pose a threat to the security of the entity to be authenticated. and divulge the content of the communication

Second, if a lightweight authentication scheme cannot be implemented, resource-constrained wireless sensor devices cannot perform complex calculations, resulting in the inability to implement the authentication scheme

Images