Research And Design Of Security Mechanism In Terminal System Of The Internet Of Things

At present, the security problems of the Internet of Things are increasing prominently, whichbecame the bottleneck of its development. In general, the security architecture of the Internet of thingscan be divided into three levels, the security of the sensing layer, the security of the transport layerand the security of the application layer. The security of the sensing layer has much differencebetween traditional network and the Internet of Things, which is determined by theresource-constrained of the terminal system, such as the limited energy supply, limited processingpower and limited storage capacity, etc. When design security mechanisms, which we pursue is nolonger a high level of security, but how to provide appropriate security level with limited resources.For the application requirement of a kind of terminal system in the Internet of Things, this paperstudied lightweight block cipher, lightweight hash function, and identity authentication technology,which include:This paper improved the lightweight block cipher CLEFIA-128from its encryption structure andround function. Test and analysis show that the software and hardware implementation efficiencyincreased. Dependency test shows that the improved algorithm can realize the avalanche effect1round in advance. Differential, linear and impossible differential analysis show that the securityof the improved algorithm also increased.This paper designed a lightweight hash function named CHF, and its ultra-lightweight versionU-CHF. Which used the sponge structure as its iterative structure, and the algorithm of the typeof improved CLEFIA-128as its compression function. Dependency test and safety analysis showthat the proposed algorithm can satisfy the security requirements of the lightweight Hashfunction. Analysis and test show that the efficiency of the algorithm is both software-orientedand hardware oriented.This paper designed a hybird mutual identity authentication mechanism, which uses symmetricauthentication in the stage of the terminal authenticates the server, but asymmetric authenticationin the stage of the server authenticates the terminal. The analysis shows that it not only ensurethe security but also the efficiency of the system.