Research On Multi-Factor Lightweight Authentication Protocols In Internet Of Things

With the continuous integration of Internet of Things(Io T)technology into people's lives,the scale of the Internet of Things and the types of devices in it are rapidly increasing.Mutual authentication between different entities is an important means to ensure information and network security.However,many Io T devices have limited resources,such as low energy and computing power,so it is a challenging problem to achieve authentication between energy-limited devices and user devices in the Internet of Things.Therefore,it is a challenging problem to achieve mutual authentication between energy-constrained devices and user equipment in the Internet of Things.The authentication method based on user name and password has disadvantages such as low security and easy leakage of passwords.In addition to the wide application of smart cards in the industry,two factor authentication schemes based on smart cards have subsequently been proposed.However,the various multi-factor authentication schemes proposed today are always exposed to various security vulnerabilities due to the inconsistent security evaluation standards.On the other hand,although smart card-based authentication schemes have the advantages of portability and simplicity,they are not very applicable to the increasing number of mobile devices in the Internet of Things,such as smartphones,smart bracelets,smart watches,tablet computers,etc.The requirements for all mobile devices to be equipped with smart card reading and writing capabilities are too high,so it is necessary to study a secure identity authentication scheme suitable for mobile devices.In response to these problems,this thesis uses multi-factor authentication methods with the Internet of Things as the background to study lightweight security authentication protocols for mobile devices and energy-constrained Io T devices,which account for a large proportion of Io T devices.The main research work of this thesis is as follows:1.Aiming at the problem of secure identity authentication for mobile devices,this thesis deeply analyzes the advantages and disadvantages of existing mobile device authentication schemes,and combines the characteristics of mobile devices to propose a second-factor authentication protocol based on hash chains.This protocol uses a new hash chain construction method,which significantly improves the security of the hash chain and can effectively realize the authentication of mobile devices.The difficulty of the adversary's attack protocol is analyzed through the random oracle model,and it is confirmed that the invalid password cannot increase the probability of the adversary's attacking the protocol through simulation and experiment.2.Aiming at the problem of multi-gateway security authentication and key agreement in Io T,based on the analysis of the existing problems in the existing multi-factor authentication scheme,combining with the latest multi-factor authentication protocol evaluation standards,this thesis proposes a multi-factor authentication protocol based on hash function and XOR operation.This protocol can achieve security authentication and key agreement between Io T devices and users in a multi-gateway scenario,and provides security requirements that other protocols do not have,such as forward security,smart card revocation,etc.Through security analysis and comparison with the same type of protocol,it is found that the protocol proposed in this thesis requires lower computing resources,ensures high efficiency,and significantly improves security.