| With the popularization of Io T devices,the massive data generated by Io T devices will inevitably require data interaction and information communication between devices.Therefore,secure communication between Io T devices is very important.Authentication mechanisms play a key role in secure communication between devices.At present,there are three main authentication schemes for Io T devices: authentication based on symmetric key,authentication based on public key infrastructure,and authentication based on identity encryption.Among them,the authentication based on symmetric key does not require the participation of a trusted third party,but it is necessary to ensure that the first transmission of the symmetric key channel is absolutely secure;the authentication based on public key infrastructure and the authentication method based on identification require a trusted third party.With the involvement of three parties,this centralized authentication method is vulnerable to a single point of failure.Therefore,it is necessary to propose a new architecture to ensure high-level authentication,so as to achieve more valuable data interaction.At present,the usage scenarios of the Internet of Things are complex and changeable,and the cross-domain authentication in different scenarios has different security requirements such as the accuracy of authentication and real-time performance.As an emerging technology combining distributed technology and cryptography technology,blockchain technology provides a new solution for cross-domain identity authentication.First of all,the current centralized authentication methods have problems such as difficulty in certificate management,single point of failure,and difficulty in revocation of secret keys,and the security and anonymity of the discrete authentication method based on blockchain cannot be guaranteed,and the efficiency of authentication is also To be improved.This thesis proposes a certificateless anonymous cross-domain identity authentication model that integrates certificateless encryption,pseudonym mechanism and elliptic curve encryption.Identity authentication is performed through key negotiation,which is suitable for scenarios with high authentication accuracy requirements.The terminal device first performs identity registration before initiating a cross-domain request;the device that initiates the cross-domain request signs the request with the private key during registration to indicate its identity;the target trusted domain verifies the signature to verify the validity of the identity.Theoretical analysis and experiments show that the proposed model is feasible.Secondly,in view of the insufficient accuracy of the current identity authentication system based on the trust evaluation model,a trust evaluation model based on the reward and punishment mechanism for Io T devices is proposed.It is suitable for scenarios with frequent cross-domain requests and high real-time requirements.The terminal device has the right to challenge and be challenged.If the challenge result is correct,the challenger will be rewarded.If the challenge result is wrong,the challenger will be punished and the challenged device will be rewarded at the same time.The behavior of the device is analyzed by multiple nodes and the trust value is calculated,and the trust value is stored in the blockchain network.Experiments show that the trust value of malicious nodes will drop sharply after showing attack behavior,malicious nodes can be quickly identified,and the accuracy,precision and recall rate can reach more than 98%,which verifies the effectiveness of the proposed model. |
PDF Full Text Request