Research On Lightweight IoT Security Communication Method Based On Attribute Encryption

The Internet of Things is a network infrastructure that connects the information world and the physical world.It has the characteristics and requirements of the coexistence of a large number of heterogeneous nodes,multi-domain collaborative management,and real-time perception and interaction,which causes its real-time multi-domain communication to face severe security challenges.The traditional network security assurance mechanism cannot be directly applied in the multi-domain IoT environment due to the large algorithm overhead and the need for security infrastructure support.Combining the application requirements of IoT terminal equipment,this thesis is dedicated to the research of lightweight secure communication methods for multi-domain IoT,and researches on the secure communication mechanism of IoT from the aspects of lightweight cryptography,outsourcing encryption and decryption,and identity authentication.In response to the time-sensitive and low-overhead requirements of the security management of massive devices in IoT,a time-sensitive and verifiable outsourcing attribute encryption scheme(TSVO-CP-ABE)was designed.The method of verifiable outsourcing calculation reduces the decryption overhead of the device;the attribute encryption mode is adopted to realize the access control and large-scale key update of a large number of devices;an efficient device revocation method based on the multi-key method is proposed.The time parameter is added to the secret key to force the device to perform periodic verification.Under the random oracle model,it is proved that the TSVO-CP-ABE scheme can resist the selected ciphertext attack.Compared with the typical attribute encryption scheme that supports outsourcing,the decryption overhead of the scheme increases by 0.5ms,which is realized within the tolerable range of device computing overhead.With efficient cancellation and verifiable outsourcing,performance analysis shows that this solution can meet the needs of low-power IoT.Aiming at the problem of cross-domain security management caused by the lack of security infrastructure in the multi-domain IoT,a lightweight certificateless cross-domain authentication scheme(LCCDA)was designed on the basis of the TSVO-CP-ABE scheme.In the device attribute set,a unique attribute is selected for each device as the public key,and the attribute authority combines the public key and time parameters to generate the corresponding identity encryption private key.In the cross-domain authentication process,the legitimacy of the device identity is determined according to the device's ability to decrypt attributes and the whitelist of edge computing nodes,and the device authentication is realized based on the public and private keys encrypted by the identity.The time parameter is added to the key to set the key expiration date,which solves the problem that the public key cannot be revoked in certificateless authentication.Based on the difficult problem of DBDH,the security of the scheme is proved.The simulation results show that the scheme can realize the function of cross-domain mutual authentication,and the computational cost of the distributed authentication scheme is reduced by 16.4%,which effectively reduces the calculation cost of devices.Combining the key distribution scheme proposed in this thesis with the cross-domain identity authentication scheme can realize lightweight IoT secure communication,reduce the computational overhead of large-scale IoT devices in the key negotiation process,and realize two-way communication between devices in different domains Authentication,which provides a lightweight and secure communication method for resource-constrained IoT devices.