| The birth and development of 5G technology has greatly promoted the application of the Internet of Things in actual production and life.With a large number of Internet of Things devices being widely deployed and applied,the communication demand of terminal devices has also increased significantly,so the security communication and privacy protection of Internet of Things devices are very important.TLS protocol,as the most widely used Internet security protocol at present,carries out encrypted communication after the identity authentication of the communication entity,and plays an important role in the secure communication of the device in the network layer.TLS protocol uses public key infrastructure(PKI)to implement identity authentication for communication entities.When this authentication method is applied to the Internet of things with limited equipment performance and large number,it will face the problems of complex certificate management and maintenance,and difficult to expand.Applying IBE based password mechanism to the identity authentication of the Internet of things can avoid the above defects and provide security for the communication in the Internet of things environment.Therefore,this dissertation studies the identity authentication method of Internet of things based on IBE and its integration with TLS protocol,which is the network security protocol,and specifically does the following:(1)The principle of IBE system and architecture were studied and expounded.According to the characteristics of Internet of things and the core idea of IBE mechanism,the dissertation also improved the CSAS authentication scheme and proposed IBE-VF scheme.In the network layer,IBE-VF scheme can provide a two-way identity authentication.At the same time,the dissertation made an analysis on the security and correctness of the scheme.Then the dissertation also introduced the implementation process;(2)The TLS protocol is extended based on the IBE-VF authentication scheme.The main work was to analyze and modify the handshake model of the TLS protocol,and build a handshake model based on IBE-VF.The extended TLS protocol supports the IBE-VF authentication scheme during the handshake phase,and the other parts are compatible with the original TLS protocol.Based on Open SSL,this paper implemented the extended TLS protocol by modifying the client's and server's infinite state machines and adding algorithms that support IBE-VF authentication;(3)A fusion method of ibe-vf authentication scheme and network security protocol TLS was designed to realize the identity authentication of Internet of things devices before encrypted communication.This dissertation analyzed the handshake model of TLS protocol,modified the finite state machine of client and server based on Open SSL.Then the dissertation added algorithms to support IBE-VF authentication,and constructed a handshake model based on IBE-VF,which made the extended TLS protocol support IBE-VF authentication scheme in handshake phase,and other parts were compatible with the original TLS protocol;... |
