| The Internet of Things(IoT)is an enormous ubiquitous-network which is connecting the objects through various sensor devices and networks.User can utilize existing network infrastructure to remotely control or access these sensing devices to facilitate the exchange of information.Nowadays,IoT has been gradually applied in transportation,education,logistics,medical and other industries,which bring a great convenience to people.However,due to the openness of communication channel and environment,it is vulnerable to various security attacks,such as denial of service,replay and impersonation attacks.Therefore,it is very important to design a security authentication protocol to protect the communication security in IoT.Nowadays,quantities of authentication schemes have been proposed,including identity-based,certificate-based and signature-based schemes.But,most of them still have some weaknesses,such as high computation overhead,not providing user anonymity or being vulnerable to some attacks.Hence,in order to improve these weaknesses,the completed work in this thesis is as follows:Firstly,for two or more authentication messages sent by the same user,the attacker can determine these authentication messages come from the same user,which may lead to expose the user's identity.Hence,an unlinkable and anonymous authentication scheme is proposed.In the proposed scheme,in order to avoid the security threat that the trusted third party becomes a malicious attacker,user's public key and private key are generated by himself and a trusted third party respectively.The proposed scheme is mainly constructed based on bilinear mapping algorithm and achieves unlinkability and forward security.Under the random oracle model,it is unforgeable and session key is indistinguishable.In addition,communication and computational costs of the proposed scheme are evaluated and compared with some existing similar schemes,which exhibits that it pleasantly addresses the needs of IoT for communication overhead and computational overhead.Secondly,a privacy-preserving authentication scheme with deniability is proposed.It mainly considers the situation that a user's request information is forwarded by a receiver to a third party,resulting in the user's privacy being exposed.The proposed scheme assigns some authentication functions to gateway node to ensure strong anonymity of user.Then,security analysis shows that the proposed scheme is proved to be feasible by using BAN logic,and it is semantically secure under the random oracle model.Finally,the proposed scheme is compared with the existing similar schemes in terms of security and performance,which shows that the proposed scheme is feasible for IoT. |
PDF Full Text Request