Research On Lightweight Authentication Technology For IoT Devices

The rapid development of the Internet of Things has led to a rapid increase in the number of various terminal devices deployed at the edge,and the amount of data collected and transmitted through the terminal devices is also increasing.However,most of the terminal devices on the Internet of Things lack suitable data in the process of data transmission with the platform.Efficient identity authentication and encrypted communication mechanisms for the Internet of Things environment,because many of the long-tested security mechanisms in the traditional Internet are not suitable for Internet of Things devices due to other characteristics such as the limitation of computing power of terminal devices.In order to ensure the security of terminal devices deployed in an unsupervised environment on a large scale,this paper studies the secure network access scheme,identity authentication and encrypted communication scheme of terminal equipment under the Internet of Things environment.Specifically,this paper mainly completes the following work :First of all,in order to ensure the security of Internet of Things terminal devices when registering on the network,this paper designs a solution for Internet of Things terminal device registration.The terminal and the gateway adopt the ECDH key agreement protocol to ensure that the device completes the network registration process and obtains its public and private keys.In the negotiation process,the terminal IP and MAC address are bound,gateway timestamps are added,the SM9 algorithm signature based on the identity,encryption and decryption are used to resist man-in-the-middle attacks to ensure the security of equipment access to the network.Finally,through the efficiency and safety analysis of the proposed scheme,it is proved that the scheme can effectively and safely enable the terminal equipment to complete the network registration.Secondly,in view of the computing performance limitations of the Io T device itself and the secure transmission of large amounts of data,this paper designs a two-way identity authentication scheme based on a challenge response mechanism.The scheme is based on the IBC authentication mechanism and completes key negotiation during the device authentication process.,So that both parties in communication can obtain the session key.In this way,the interaction between the terminal device and the gateway is reduced,so as to save time and improve efficiency.After the authentication is completed,the terminal starts to transmit encrypted data to the gateway.In order to improve the security of the transmitted data,this paper proposes a one-time encryption mechanism based on the AES algorithm.By improving the AES original key,the two parties The keys used in communication are different,and onetime encryption is realized,which further compensates for the shortcomings of the symmetric encryption algorithm and improves the security of the entire encrypted communication process.Finally,the efficiency and safety analysis of the proposed scheme is carried out,and it is proved that the scheme can meet the lightweight authentication and communication requirements of the Internet of Things.Finally,the system is developed and tested according to the proposed scheme,and the realization process of the scheme is displayed on the control platform.The results show that the scheme proposed in this paper can effectively complete the network registration of the device and realize the lightweight authentication of the terminal and the gateway.,Realize real-time communication and can effectively resist replay attacks,fake attacks,man-in-the-middle attacks and other common attack methods.