| With the rapid development of the Internet of things(IoT),data security has drawn great concerns and becomes a key factor affecting the further development of IoT.Especially in the applications of smart cities and industrial IoT,the security of data is related to the economic benefits of the enterprise and even the security of the entire society.In most traditional IoT scenarios,symmetric encryption is used to ensure data security during the communication processes.The main factor affecting the security of symmetric encryption is how to achieve remote distribution and update of symmetric keys.On the other hand,the blockchain technology has made the distributed Internet of things become a trend for future development.On the basis of the previous research,how to realize the distributed key management and data consistency of IoT is the focus of IoT security research.Under both the scenarios of traditional centralized IoT and blockchain-based distributed IoT,this thesis focuses on key distribution,update,management,and data consistency to enhance the security mechanism of IoT applications.The main research contents are as follows:In this thesis,the existing security mechanisms of the Internet of things are summarized in the first place.Then,a key management mechanisms is designed for the traditional centralized IoT.This mechanism defines a key storage structure for IoT based on the Hierarchical Deterministic(HD)Wallet.The key pair is generated based on the Elliptic Curve Cryptography(ECC)algorithm,and the key agreement between device and server relies on the Elliptic Curve Diffie-Hellman key Exchange(ECDH)algorithm.At the same time,this mechanism can generate multiple static keys from forward and backward keys based on the bi-directional Hash algorithm.It can increase the key usage and greatly reduce the computational costs when generating the key and the communication overhead during key agreement process.Finally,the analysis and simulation results show that the centralized key management mechanism proposed in this thesis can realize the remote distribution and update of static key under traditional centralized IoT.Compared to traditional pre-distribution and physical update methods,it can not only enhance the security of the system,but also reach high computing and communication performance.Therefore,this mechanism can achieve the trade-off between security,computational cost and communication overhead.On the basis of previous research,this thesis further studies the distributed key management mechanisms for the Internet of things,and proposes a consensus verification algorithm to achieve data consistency.First,this thesis studies the distributed IoT system architecture based on blockchain.On this system,this thesis proposes a distributed key management mechanism for remote key distribution and update.Then,in order to ensure the consistency of the distributed IoT data during the key agreement process,this thesis proposes a consensus verification algorithm based on the characteristics of the IoT scenarios.First,the consensus committee is elected according to the geographical locations of the gateways and reaches a consensus on the block.Then,all nodes in the blockchain verify the block through aggregated signatures gossip.Finally,the block that completes consensus and signature verification process is called a determined block and added to the blockchain.This algorithm can allow thousands of blockchain nodes in the Internet of things to participate in consensus and has large fault tolerance on the number of Byzantine nodes.The analysis and simulation results show that it can not only improve security performance,but also take into account the complexity of computation and message.Therefore,this algorithm can meet the comprehensive requirements of security and efficiency for IoT applications. |
PDF Full Text Request