Research On Lightweight Anonymous Authentication Protocol In Internet Of Things

In recent years,the Internet of Things has gained rapid development and provided great convenience to people’s life,which is considered as the third technological revolution for future development,but the privacy security issue is an important factor affecting its practical application.Due to the characteristics of the Internet of Things,it is difficult to apply the existing anonymous authentication protocols directly in the Internet of Things.On one hand,the main communication method of the Internet of Things is wireless communication,and its openness makes it more vulnerable to network attacks,leading to various security issues,such as identity privacy leakage.On the other hand,most of the Internet of Things devices have limited computing and storage capacity to handle complex cryptographic computations.To address the above issues,the main points of this thesis are as follows:(1)A lightweight anonymous authentication protocol based on elliptic curve cryptography is proposed in wireless body area networks.This protocol achieves bidirectional authentication between the client and the remote server with low overhead.The client communicates using a pseudonym in the protocol,the remote server can authenticate the user’s identity with the information obtained,and the client also needs to authenticate the remote server.To facilitate the application of the system,we divide the wireless body area network into several sub-regions,and there is a revocation center in each region to manage the users in the current region,sharing the management pressure of the network manager.An efficient revocation mechanism is also proposed in the thesis to achieve the revocation of malicious users by changing the region key.This protocol meets the security requirements and has low overhead in terms of computation,communication and storage.(2)A certificateless lightweight anonymous authentication protocol for enhanced security is proposed in the Internet of Vehicles.This protocol addresses the major flaws(unlinkability and anonymity not achieved)in Li et al.’s protocol by achieving anonymity of messages and unlinkability between different messages by using random parameters to encrypt unique identifiers in the protocol with little additional overhead.This protocol does not take the approach of storing the system key directly in the tamper-proof device of the vehicle as in most protocols,avoiding side channel attacks.This protocol also designs an efficient revocation mechanism that replaces the system key by replacing the vehicle’s current area key,which effectively improves the revocation efficiency.Through analysis,this protocol has better security,lower computation overhead and communication overhead.In summary,this thesis surveys the related literature and deeply investigates the lightweight anonymous authentication protocol,which takes the two most typical application scenarios in the Internet of Things,wireless body area networks and Internet of Vehicles,as examples,and better solves the problems of low security,high communication overhead and functional defects in the existing protocols,providing some reference value for the research in this field.