Internet of Things client privacy protection authentication method based on edge computing

Abstract

The invention relates to an Internet of Things client privacy protection authentication method based on edge computing, which comprises the following steps: S1, a central base station establishes public parameters of a system, completes registration of all clients and n edge servers, and constructs a binary tree according to the upper limit of the number of the clients, each edge server generates a group of public and private key pairs, a public key is safely shared to any entity in the system, and the central base station generates a public key of the system according to the public key of the edge server; s2, issuing an attribute key to the client; s3, the cloud server calculates a cloud server token according to the attribute key, and the client generates a signature message according to the cloud server token; s4, any other client judges whether the signature message is legal or not according to a predicate strategy, if yes, 1 is output, and if not, 0 is output; and S5, realizing revocation of the client by using a binary tree structure.

Description

technical field [0001] The present invention relates to the technical field of information security, and more particularly to an authentication method for privacy protection of an Internet of Things client based on edge computing. Background technique [0002] In the process of message transmission, IoT devices ensure the integrity of transmitted messages by introducing various signature mechanisms. However, in traditional digital signature mechanisms, verification is performed against a specific public key, which completely exposes the associated identity information to any verification entity. In other words, such a signature mechanism does not provide any privacy or anonymity requirements. In order to balance message integrity verification and identity privacy protection, various schemes have been proposed to solve these two security problems at the same time. In particular, pseudonym technology is widely used in the aspect of realizing anonymous communication and prote...

AI Technical Summary

Problems solved by technology

[0003] These pseudonym mechanisms based on symmetric ciphers, asymmetric ciphers, and identity ciphers are static in nature and cannot meet the needs of dynamic or frequently updated IoT systems. The development of attribute encryption technology provides a new solution to this problem. direction

In the attribute signature system, the signer constructs a legal signature according to the predicate strategy of the commitment, and after the verifier successfully verifies the signature, he can obtain that the signed message has not been tampered with and the signer does have the attribute set that satisfies the predicate strategy, but cannot Get more specific identity information of the signer

[0004] However, in the traditional attribute signature mechanism, a single authorization center can forge the signature of any client by generating a client key, or when the authorization center is attacked, the entire system will be threatened

Although multiple authorization attribute signature schemes have been constructed, they have not changed the fact that the central authorization center determines the system master key, so they have not fundamentally solved the key escrow problem

At the same time, as the client moves and its location changes, the revocation of the client is also a big challenge. The only credible authorization center may issue private keys for illegal clients for the sake of reputation or fail to update the private key for revocation clients in time. These will affect the security of the system; in the final signature generation process, a large number of power operations and bilinear operations with high computational complexity are unaffordable for mobile devices with limited computing power and storage resources.

Images