Research On User Privacy Protection Scheme Based On Multi-factor In Internet Of Things

In recent years,with the development of cloud computing,big data and other related technologies,the Internet of Things(Io T)has gradually moved from concept to reality.Its application has expanded from military to industrial fields,and now it has gradually entered people's daily life.However,a large number of data security transmission schemes based on a single factor are unable to resist many possible security threats in the Io T.The lack of privacy protection seriously hinders its further promotion and application.Specifically,a single-factor privacy protection scheme is often unable to resist device theft,impersonation and other types of attacks.Therefore,more factors need to be considered in the Io T privacy protection schemes.In addition,due to the limited resources of terminal equipment,how to reduce the cost of user authentication as much as possible while ensuring the security of information is also worth further research.In view of this,a multi-factor based user privacy protection scheme is proposed in this thesis,which comprehensively considers many factors such as password,smart card and biological template in the Io T,in order to protect the user's privacy information security from illegal infringement.A multi-factor certificateless signcryption protocol is proposed in this thesis,which uses certificateless encryption to avoids the cost of key escrow,and relies on signcryption to establish secure communication between entities.Only one interaction between registered entities is needed to realize the confirmation of identity information and the transmission of encrypted messages,which reduces the number of negotiations and communications.It is worth noting that the user needs to provide a biological template to verify the validity of the identity when using the intelligent device to remotely control the system.Compared with the traditional protocol of signature-after-encryption protocol,the communication and calculation overhead of the protocol proposed in this thesis is lower.In addition,in some special Io T environment such as the vehicular ad-hoc networks,terminal equipments are often in a moving state,and the identity authentication is required frequently between entities.Therefore,a multi-factor based lightweight anonymous authentication protocol is proposed in this thesis.In this protocol,a terminal user can use the smart card and the biological template to complete the authentication with the nearest first node.With the help of this node,the terminal user can quickly authenticate with the next node without repeating the original complete authentication process.Considering the mobility of users and the immediacy of interactions,this protocol can effectively reduce authentication costs and improve user authentication efficiency.We analyzes the proposed scheme from two aspects of security and efficiency performance.Simulation experiments and numerical comparisons prove that our scheme is feasible and practical.