| Under the background of Internet of things technology and 5g enabling,the smart home industry shows an explosive growth trend.Although the development of smart home has greatly improved people’s quality of life,the security and privacy of smart home is still the core issue in the industry.Facing the interconnected smart home network,this paper studies the key technologies of Internet of things security authentication,optimizes the authentication system based on public key infrastructure,designs and implements a device authentication system suitable for smart home network.The main work of this paper is as follows:Firstly,aiming at the security authentication of smart home network,the characteristics of interconnected home network are analyzed.Based on the public key infrastructure authentication system,a lightweight digital certificate is proposed to replace X.509 digital certificate;Combined with trusted computing technology,the security connection between home gateway and device cloud is designed and optimized to enhance the security of device cloud and reduce the associated security threat to device cloud when home gateway is broken.Secondly,the formal analysis method BAN logic is used to theoretically analyze the lightweight authentication protocol.At the same time,the security analysis and comparison tool Avispa is used to simulate the protocol and test the ability of the protocol to resist attacks,which strictly verifies the security and reliability of the protocol.After completing the protocol security demonstration,this paper also builds an interconnected smart home network based on OCF protocol,and implements the device authentication system on this network.Finally,through the function test and performance comparison test,the rationality and effectiveness of the system design are verified.The test results show that in addition to the security characteristics of the system,the computing overhead and storage overhead of the lightweight authentication protocol proposed in this paper are better than the traditional authentication scheme,and the point-to-point security authentication between devices is completed under the condition of reducing the loss of device authentication. |