CN112437055A - Electric power internet of things network terminal NTRU safe access method based on edge calculation - Google Patents
Electric power internet of things network terminal NTRU safe access method based on edge calculation Download PDFInfo
- Publication number
- CN112437055A CN112437055A CN202011250137.4A CN202011250137A CN112437055A CN 112437055 A CN112437055 A CN 112437055A CN 202011250137 A CN202011250137 A CN 202011250137A CN 112437055 A CN112437055 A CN 112437055A
- Authority
- CN
- China
- Prior art keywords
- mme
- server
- information
- terminal equipment
- electric power
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to the field of communication, in particular to an NTRU (network terminal for remote control) safety access method based on edge calculation. Terminal equipment of power internet of thingsAnd sending authentication information to the edge computing MME server when communication needs to be initiated. Electric power internet of things terminal equipment is judged through calculation comparison after information is received by edge calculation MME serverAnd if the access is legal, returning authentication information. After receiving authentication information of edge computing MME server, electric power internet of things terminal equipmentComparing the local information with the local information, and if the comparison is successful, establishing the electric power internet of things terminal equipmentAnd an encrypted secure channel with the edge computing MME server.
Description
Technical Field
The invention relates to the field of communication, in particular to an NTRU (network terminal unit) safe access method based on edge calculation.
Background
The essence of the power internet of things is the connection and interaction of information, and the power internet of things has the characteristics of data diversification, large data volume, complex data structure and the like. Due to the coexistence of multiple protocols in the power internet of things at present, the safety of the core system network layer of the power internet of things faces huge challenges due to the diversity of data sources and data types. And the elliptic Curve cipher ECC (elliptic Curve cryptography) algorithm commonly used for the authentication of the Internet of things has low dot product operation efficiency and poor quantum attack resistance and is easy to crack by the Shor algorithm. Therefore, the power internet of things needs to support the secure access of a large number of terminal devices under the condition that multiple technical standards coexist, and an access server is required to have strong data processing capacity.
Disclosure of Invention
In order to solve the defects in the prior art, the invention provides an NTRU (network transfer unit) secure access method of an electric power internet of things network terminal based on edge calculation, which improves the security of network access and reduces the calculation amount of a server.
In order to achieve the above purpose, the invention adopts the following technical scheme: an NTRU safe access method of an electric power internet of things terminal based on edge calculation comprises the following steps:
the method comprises the following steps: and (5) initializing. The main architecture of the system is as follows: electric power thing networking terminal equipment DiAn edge computing (MME) server is connected, and the edge computing (MME) server is connected with a system (HSS) (Home Subscriber Server). Initialization in protocolIn the formation stage, the system HSS server selects three integers (N, p, q) meeting an NTRU (number Theory Research number) algorithm, wherein N is a positive prime number, and p and q are mutually prime numbers; four sets of polynomials of degree N-1 (L) are selectedf,Lg,Lr,Lm) Wherein f, g, r and m represent the number of coefficients which is not 0 in the polynomial, and the polynomial satisfies the formula:
wherein a isiIs a coefficient, takes the value of 0 or 1, xiFor variables, the formula represents all a from 0 to N-1 for iixiAnd (6) summing.
The NTRU algorithm works on ring R:
R=Z[X]/(XN-1)
by multiplying on ring R, e.g. the polynomial H ═ F ×, G can be calculated as
Meanwhile, the HSS server of the system randomly selects a polynomial g to be in the LgAnd a single secure hash function{1}*Represents a 01 sequence of arbitrary length, which is mapped to a modulo-q non-0 integer
System HSS server selects a polynomial f to edge calculation MME serverMME∈LfAs the private key, it is required that F is presentpE.g. R and FqE under the condition of RMMESatisfies the following conditions:
Fp*fMME≡1(mod p)
Fq*fMME≡1(mod q)
meaning that the left formula of "≡" modulo either p or q both result in 1, yielding FpAnd FqAre respectively fMMEMultiplicative inverse in the case of modulo p and modulo q. And calculates the public key h according to the following formulaMME:
hMME≡FP*g(mod q)
Public and private key pair through system HSS serverSending to an edge computing MME server, whereinIs fMMEThe inverse on ring R.
System HSS server publishing { H1,N,p,q,Lr,Lm,hMMEAs the whole system parameter, and take { g, L }f,LgKeep it as non-public information.
The HSS server of the system is each electric power internet of things terminal equipment DiAssigning a unique N-bit information PIDiAs identity information and randomly selecting a polynomialCalculate its public key as followsWhereinIs thatInverse on ring R:
public and private key pairTerminal equipment D capable of being used in electric power internet of thingsiSetting before deployment or sending the data to the terminal equipment D of the power internet of things through the HSS server and the edge calculation MME serveri;
Step two: electric power thing networking terminal equipment DiAnd (6) authenticating login. Electric power thing networking terminal equipment DiRandomly selecting a polynomial ri∈LrCalculating the encryption information ei:
ei=phMME*ri+hDi(mod q)
Generating an identity verification code ICAi:
Then generating an information group Mi=(PIDi||ei||ti) Wherein t isiIs the current timestamp; generating shared session key SKi=H1(PIDi||ICAi) (ii) a Generating authentication information Auth1=H1(Mi||SKi). Electric power thing networking terminal equipment DiSending information { M to edge computing MME Serveri,Auth1}。
Step three: edge computing MME server authentication. Edge computing MME server received power Internet of things terminal equipment DiAfter the information is sent, the { M } is obtainedi,Auth1}. From MiDirectly separating to obtain time information tiAnd encryption information eiWhen t isiIf the current time period is exceeded, the power internet of things terminal equipment D is directly refusediAnd authenticating the access. Edge computing MME server by resolving eiCan directly obtain the electric power internet of things terminal equipment DiIs given with public key information hMMEThe calculation process is as follows:
first, an intermediate quantity polynomial a is calculated, wherein the coefficients of a are selected to be within the interval [ -q/2, q/2 ]:
a≡fMME*ei(mod q)
decrypted information hMMEComprises the following steps:
hMME≡Fp*a(mod p)
and calculates the identity authentication code IAC by using the following formulaMME:
Edge computing MME server computing shared session key information SKi=H1(PIDi||IACMME) And is combined with H1(Mi||SKi) With the received authentication information Auth1Comparing, if the values are consistent, the edge computing MME server considers that the electric power internet of things terminal equipment D isiThe access is legal.
Returning authentication information Auth obtained by calculation of edge calculation MME server2:
Auth2=H1(PIDi||IACMME||SKi)
And sends the information to the terminal equipment D of the power internet of thingsi。
Step four: electric power thing networking terminal equipment DiAnd (6) verifying. Authentication information Auth of MME server received by edge computing2Then, the electric power thing allies oneself with network terminal equipment DiFirst, the PID is verifiediIf they are consistent, then calculate the local information H1(PIDi||IACMME||SKi) And with Auth2And (6) carrying out comparison. If the numerical values are consistent, the edge computing MME server is considered to be a legal server which can be accessed, and the electric power internet of things terminal equipment D is establishediEncrypted secure channel with edge computing MME server and through SKiData encryption is performed as a shared session key. Otherwise, ending the access process and restarting the access authentication.
The protocol is applied to the terminal equipment D of the power internet of thingsiAnd a 2-step authentication mode is adopted between the edge computing MME server, so that the efficiency of the security authentication network is improved. Time stamp information t is added in NTRU security encryption algorithmiAnd quantum computing attack can be resisted. The safety information of the network system is managed by the HSS server of the system in a unified way, and the specific safety authentication is completed on the edge computing MME server, so that the isolation of the HSS server of the system and the edge computing MME server is realized, and the safety access performance of the network is further ensured.
The invention achieves the following beneficial effects: the invention relates to a network application layer security authentication method, which unifies different technical standard protocols of the Internet of things on an application layer and realizes the standardization of a terminal node access protocol of the Internet of things of electric power. By adopting the improved NTRU security authentication encryption algorithm, the rapid security verification work of the large-scale Internet of things terminal can be realized under a smaller calculation amount. Meanwhile, as application layer authentication and encryption are adopted, the method can be uniformly integrated on NB-IoT, eMTC, LoRa, Sigfox and other standards in the application layer, and realizes the uniform standard on the edge computing MME server.
Drawings
FIG. 1 is a power Internet of things system framework;
FIG. 2 shows a terminal device of an electric power Internet of things for secure access;
fig. 3 is an edge computing network security access protocol.
Detailed Description
The invention is further described below with reference to the accompanying drawings. It should be noted that these embodiments are not intended to limit the present invention, and those skilled in the art should be able to make functional, methodical, or structural equivalents and substitutions according to these embodiments within the scope of the present invention.
As shown in fig. 1, the power internet of things is a large-scale industrial internet of things, the architecture of the power internet of things comprises three typical network structures of an internet of things perception extension layer, a network transmission layer and a platform application layer, and the invention provides a method for solving the problem of a power internet of things network terminal device D by adopting an edge computing application layeriSecure access and edge computing. In an edge computing application layer, an edge computing server is adopted to carry out power internet of things terminal equipment D from standards such as NB-IoT, eMTC, LoRa and SigfoxiAnd carrying out safe access.
Fig. 2 is a process of safely accessing a specific body to a terminal device of an electric power internet of things. NB-IoT and eMTC equipment access to an MME server with an edge computing function through a mobile base station and LoRa and Sigfox equipment through special Internet of things gateway equipment. The edge computing MME server has access and edge computing capabilities, and can realize the security authentication and access of the electric power internet of things terminal equipment with different standards. And the data after the security authentication is transmitted to a system HSS server by the edge computing MME server. In the process of security authentication, a system HSS server stores information such as public keys, private keys and user identities required by security authentication, and updates the security authentication information of the power internet of things through an edge computing MME server.
Fig. 3 is a network security access protocol of the power internet of things using edge computing. In the protocol, a system HSS server uniformly manages the whole power Internet of things, and an edge computing MME server is responsible for a power Internet of things network terminal device DiManagement, security authentication, data decryption, and the like. The protocol shown in fig. 3 operates in several steps:
the method comprises the following steps: in the initialization phase of access, the system HSS server issues data information required for complete authentication.
Step two: electric power thing networking terminal equipment DiWhen the access is needed, only authentication with an edge computing MME server is needed, and the security access encryption algorithm adopts an NTRU security encryption algorithm. Firstly, the electric power thing networking terminal equipment DiInitiate authentication logon and compute to edgeThe MME server sends encrypted authentication information; the edge computing MME server compares the received authentication information, computes feedback authentication information and sends the feedback authentication information to the electric power Internet of things terminal equipment Di(ii) a Electric power thing networking terminal equipment DiAnd comparing the authentication information fed back by the MME server with the local authentication information to determine whether the access is legal or not, and finishing the security authentication.
Step three: electric power thing networking terminal equipment DiAnd encrypting the data information and sending the data information to the edge computing MME server, and sending the data information to the system HSS server in a plaintext form after decryption and authentication of the edge computing MME server.
The protocol is applied to the terminal equipment D of the power internet of thingsi2-step authentication mode is adopted between the edge computing MME server, so that the efficiency of the security authentication network is improved; timestamp information is added in the NTRU security encryption algorithm, and quantum computing attack can be resisted. The safety information of the network system is managed by the HSS server of the system in a unified way, and the specific safety authentication is completed on the edge computing MME server, so that the isolation of the HSS server of the system and the edge computing MME server is realized, and the safety access performance of the network is further ensured.
An NTRU safe access method of an electric power internet of things terminal based on edge calculation comprises the following steps:
the method comprises the following steps: and (5) initializing. The main architecture of the system is as follows: electric power thing networking terminal equipment DiAn edge computing (MME) server is connected, and the edge computing (MME) server is connected with a system (HSS) (Home Subscriber Server). In a protocol initialization stage, a system HSS server selects three integers (N, p, q) meeting an NTRU (number Theory Research number) algorithm, wherein N is a positive prime number, and p and q are mutually prime numbers; four sets of polynomials of degree N-1 (L) are selectedf,Lg,Lr,Lm) Wherein f, g, r and m represent the number of coefficients which is not 0 in the polynomial, and the polynomial satisfies the formula:
wherein a isiIs a coefficient, takes the value of 0 or 1, xiFor variables, the formula represents all a from 0 to N-1 for iixiAnd (6) summing.
The NTRU algorithm works on ring R:
R=Z[X]/(XN-1)
by multiplying on ring R, e.g. the polynomial H ═ F ×, G can be calculated as
Meanwhile, the HSS server of the system randomly selects a polynomial g to be in the LgAnd a single secure hash function{1}*Represents a 01 sequence of arbitrary length, which is mapped to a modulo-q non-0 integer
System HSS server selects a polynomial f to edge calculation MME serverMME∈LfAs the private key, it is required that F is presentpE.g. R and FqE under the condition of RMMESatisfies the following conditions:
Fp*fMME≡1(mod p)
Fq*fMME≡1(mod q)
meaning that the left formula of "≡" modulo either p or q both result in 1, yielding FpAnd FqAre respectively fMMEMultiplicative inverse in the case of modulo p and modulo q. And calculates the public key h according to the following formulaMME:
hMME≡FP*g(mod q)
Public and private key pair through system HSS serverSending to an edge computing MME server, whereinIs fMMEThe inverse on ring R.
System HSS server publishing { H1,N,p,q,Lr,Lm,hMMEAs the whole system parameter, and take { g, L }f,LgKeep it as non-public information.
The HSS server of the system is each electric power internet of things terminal equipment DiAssigning a unique N-bit information PIDiAs identity information and randomly selecting a polynomialCalculate its public key as followsWhereinIs thatInverse on ring R:
public and private key pairTerminal equipment D capable of being used in electric power internet of thingsiSetting before deployment or sending the data to the terminal equipment D of the power internet of things through the HSS server and the edge calculation MME serveri;
Step two: electric power thing networking terminal equipment DiAnd (6) authenticating login. Electric power thing networking terminal equipment DiRandomly selecting a polynomial ri∈LrCalculating the encryption information ei:
Generating an identity verification code ICAi:
Then generating an information group Mi=(PIDi||ei||ti) Wherein t isiIs the current timestamp; generating shared session key SKi=H1(PIDi||ICAi) (ii) a Generating authentication information Auth1=H1(Mi||SKi). Electric power thing networking terminal equipment DiSending information { M to edge computing MME Serveri,Auth1}。
Step three: edge computing MME server authentication. Edge computing MME server received power Internet of things terminal equipment DiAfter the information is sent, the { M } is obtainedi,Auth1}. From MiDirectly separating to obtain time information tiAnd encryption information eiWhen t isiIf the current time period is exceeded, the power internet of things terminal equipment D is directly refusediAnd authenticating the access. Edge computing MME server by resolving eiCan directly obtain the electric power internet of things terminal equipment DiIs given with public key information hMMEThe calculation process is as follows:
first, an intermediate quantity polynomial a is calculated, wherein the coefficients of a are selected to be within the interval [ -q/2, q/2 ]:
a≡fMME*ei(mod q)
decrypted information hMMEComprises the following steps:
hMME≡Fp*a(mod p)
and calculates the identity authentication code IAC by using the following formulaMME:
Edge computing MME server computing shared session key information SKi=H1(PIDi||IACMME) And is combined with H1(Mi||SKi) With the received authentication information Auth1Comparing, if the values are consistent, the edge computing MME server considers that the electric power internet of things terminal equipment D isiThe access is legal.
Returning authentication information Auth obtained by calculation of edge calculation MME server2:
Auth2=H1(PIDi||IACMME||SKi)
And sends the information to the terminal equipment D of the power internet of thingsi。
Step four: electric power thing networking terminal equipment DiAnd (6) verifying. Authentication information Auth of MME server received by edge computing2Then, the electric power thing allies oneself with network terminal equipment DiFirst, the PID is verifiediIf they are consistent, then calculate the local information H1(PIDi||IACMME||SKi) And with Auth2And (6) carrying out comparison. If the numerical values are consistent, the edge computing MME server is considered to be a legal server which can be accessed, and the electric power internet of things terminal equipment D is establishediEncrypted secure channel with edge computing MME server and through SKiData encryption is performed as a shared session key. Otherwise, ending the access process and restarting the access authentication.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.
Claims (4)
1. An NTRU safe access method of an electric power internet of things terminal based on edge calculation is characterized by comprising the following steps:
the method comprises the following steps: initialization, electric power thing networking terminal equipment DiConnecting an edge calculation MME server, wherein the edge calculation MME server is connected with a system HSS server, and in a protocol initialization stage, the system HSS server selects three integers (N, p and q) meeting an NTRU algorithm, wherein N is a positive prime number, and p and q are mutually prime numbers; four sets of polynomials of degree N-1 (L) are selectedf,Lg,Lr,Lm) Wherein f, g, r and m represent the number of coefficients which is not 0 in the polynomial, and the polynomial satisfies the formula:
wherein a isiIs a coefficient, takes the value of 0 or 1, xiFor variables, the formula represents all a from 0 to N-1 for iixiThe sum is obtained by summing up the sum,
the NTRU algorithm works on ring R:
R=Z[X]/(XN-1)
by denoting the multiplication on ring R, the polynomial H ═ F × G can be calculated as
Meanwhile, the HSS server of the system randomly selects a polynomial g to be in the LgAnd a single secure hash function{1}*Represents a 01 sequence of arbitrary length, which is mapped to a modulo-q non-0 integer
System HSS server selects a polynomial f to edge calculation MME serverMME∈LfAs the private key, it is required that when a polynomial F existspe.R and polynomial FqE under the condition of RMMESatisfies the following conditions:
Fp*fMME≡1(mod p)
Fq*fMME≡1(mod q)
meaning that the left formula of "≡" modulo either p or q both result in 1, yielding FpAnd FqAre respectively fMMEThe multiplicative inverse in the case of modulo p and modulo q, and the public key h is calculated according to the following equationMME:
hMME≡FP*g(mod q)
Public and private key pair through system HSS serverSending to an edge computing MME server, whereinIs fMMEThe inverse on ring R;
system HSS server publishing { H1,N,p,q,Lr,Lm,hMMEAs the whole system parameter, and take { g, L }f,LgStoring as non-public information;
the HSS server of the system is each electric power internet of things terminal equipment DiAssigning a unique N-bit information PIDiAs identity information and randomly selecting a polynomialCalculate its public key as followsWhereinIs thatInverse on ring R:
public and private key pairTerminal equipment D capable of being used in electric power internet of thingsiSetting before deployment or sending the data to the terminal equipment D of the power internet of things through the HSS server and the edge calculation MME serveri;
Step two: electric power thing networking terminal equipment DiAnd (6) authenticating login. Electric power thing networking terminal equipment DiRandomly selecting a polynomial ri∈LrCalculating the encryption information ei:
Generating an identity verification code ICAi:
Then generating an information group Mi=(PIDi||ei||ti) Wherein t isiIs the current timestamp; generating shared session key SKi=H1(PIDi||ICAi) (ii) a Generating authentication information Auth1=H1(Mi||SKi). Electric power thing networking terminal equipment DiSending information { M to edge computing MME Serveri,Auth1};
Step three: edge computing MME server authentication. Edge computing MME server received power Internet of things terminal equipment DiAfter the information is sent, the { M } is obtainedi,Auth1}. From MiDirectly separating to obtain time information tiAnd encryption information eiWhen t isiIf the current time period is exceeded, the power internet of things terminal equipment D is directly refusediAnd authenticating the access. Edge computing MME server by resolving eiCan directly obtain the electric power internet of things terminal equipment DiIs given with public key information hMMEThe calculation process is as follows:
first, an intermediate quantity polynomial a is calculated, wherein the coefficients of a are selected to be within the interval [ -q/2, q/2 ]:
a≡fMME*ei(mod q)
decrypted information hMMEComprises the following steps:
hMME≡Fp*a(mod p)
and calculates the identity authentication code IAC by using the following formulaMME:
Edge computing MME server computing shared session key information SKi=H1(PIDi||IACMME),And reacting H1(Mi||SKi) With the received authentication information Auth1Comparing, if the values are consistent, the edge computing MME server considers that the electric power internet of things terminal equipment D isiThe access is legal;
returning authentication information Auth obtained by calculation of edge calculation MME server2:
Auth2=H1(PIDi||IACMME||SKi)
And sends the information to the terminal equipment D of the power internet of thingsi;
Step four: electric power thing networking terminal equipment DiVerification, authentication information Auth received from edge computing MME server2Then, the electric power thing allies oneself with network terminal equipment DiFirst, the PID is verifiediIf they are consistent, then calculate the local information H1(PIDi||IACMME||SKi) And with Auth2Comparing, if the values are consistent, considering that the edge computing MME server is a legal server and can be accessed, and establishing electric power internet of things terminal equipment DiEncrypted secure channel with edge computing MME server and through SKiData encryption is performed as a shared session key. Otherwise, ending the access process and restarting the access authentication.
2. The NTRU security access method based on edge computing of power internet of things terminal of claim 1, wherein: the access method is carried out on a terminal device D of the electric power internet of thingsiAnd a 2-step authentication mode is adopted between the edge computing MME server, so that the efficiency of the security authentication network is improved.
3. The NTRU security access method based on edge computing of power internet of things terminal of claim 1, wherein: time stamp information t is added in NTRU security encryption algorithmiAnd quantum computing attack can be resisted.
4. The NTRU security access method based on edge computing of power internet of things terminal of claim 1, wherein: the safety information of the network system is managed by the HSS server of the system in a unified way, and the specific safety authentication is completed on the edge computing MME server, so that the isolation of the HSS server of the system and the edge computing MME server is realized, and the safety access performance of the network is further ensured.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011250137.4A CN112437055B (en) | 2020-11-10 | 2020-11-10 | Electric power internet of things network terminal NTRU safe access method based on edge calculation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011250137.4A CN112437055B (en) | 2020-11-10 | 2020-11-10 | Electric power internet of things network terminal NTRU safe access method based on edge calculation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112437055A true CN112437055A (en) | 2021-03-02 |
CN112437055B CN112437055B (en) | 2022-05-31 |
Family
ID=74699631
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011250137.4A Active CN112437055B (en) | 2020-11-10 | 2020-11-10 | Electric power internet of things network terminal NTRU safe access method based on edge calculation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112437055B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113395166A (en) * | 2021-06-09 | 2021-09-14 | 浙江大学 | Edge computing-based power terminal cloud edge terminal collaborative security access authentication method |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104333860A (en) * | 2014-10-31 | 2015-02-04 | 成都卫士通信息产业股份有限公司 | ZigBee security network with public key cryptography system NTRU (number theory research unit) |
CN107733632A (en) * | 2017-11-29 | 2018-02-23 | 四川大学 | A kind of wireless network secure switching method of anti-quantum attack |
US20190312728A1 (en) * | 2018-04-09 | 2019-10-10 | Infineon Technologies Ag | Method and processing device for performing a lattice-based cryptographic operation |
CN111083131A (en) * | 2019-12-10 | 2020-04-28 | 南瑞集团有限公司 | Lightweight identity authentication method for power Internet of things sensing terminal |
CN111225375A (en) * | 2019-12-31 | 2020-06-02 | 汉熵通信有限公司 | Next-generation Internet of things system architecture design method and application system |
CN111371730A (en) * | 2018-12-26 | 2020-07-03 | 中国科学院沈阳自动化研究所 | Lightweight authentication method supporting anonymous access of heterogeneous terminal in edge computing scene |
CN111478902A (en) * | 2020-04-07 | 2020-07-31 | 江苏润和智融科技有限公司 | Power edge gateway equipment and sensing data uplink storage method based on same |
-
2020
- 2020-11-10 CN CN202011250137.4A patent/CN112437055B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104333860A (en) * | 2014-10-31 | 2015-02-04 | 成都卫士通信息产业股份有限公司 | ZigBee security network with public key cryptography system NTRU (number theory research unit) |
CN107733632A (en) * | 2017-11-29 | 2018-02-23 | 四川大学 | A kind of wireless network secure switching method of anti-quantum attack |
US20190312728A1 (en) * | 2018-04-09 | 2019-10-10 | Infineon Technologies Ag | Method and processing device for performing a lattice-based cryptographic operation |
CN111371730A (en) * | 2018-12-26 | 2020-07-03 | 中国科学院沈阳自动化研究所 | Lightweight authentication method supporting anonymous access of heterogeneous terminal in edge computing scene |
CN111083131A (en) * | 2019-12-10 | 2020-04-28 | 南瑞集团有限公司 | Lightweight identity authentication method for power Internet of things sensing terminal |
CN111225375A (en) * | 2019-12-31 | 2020-06-02 | 汉熵通信有限公司 | Next-generation Internet of things system architecture design method and application system |
CN111478902A (en) * | 2020-04-07 | 2020-07-31 | 江苏润和智融科技有限公司 | Power edge gateway equipment and sensing data uplink storage method based on same |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113395166A (en) * | 2021-06-09 | 2021-09-14 | 浙江大学 | Edge computing-based power terminal cloud edge terminal collaborative security access authentication method |
CN113395166B (en) * | 2021-06-09 | 2022-06-14 | 浙江大学 | Edge computing-based power terminal cloud edge terminal collaborative security access authentication method |
Also Published As
Publication number | Publication date |
---|---|
CN112437055B (en) | 2022-05-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102318258B (en) | The subjective entropy of identity-based | |
CN101442522B (en) | Identification authentication method for communication entity based on combined public key | |
CN104754581A (en) | Public key password system based LTE wireless network security certification system | |
CN111970699B (en) | Terminal WIFI login authentication method and system based on IPK | |
Singh et al. | Secured user's authentication and private data storage-access scheme in cloud computing using Elliptic curve cryptography | |
CN106850584B (en) | A kind of anonymous authentication method of curstomer-oriented/server network | |
KR101704540B1 (en) | A method of managing group keys for sharing data between multiple devices in M2M environment | |
CN101867477B (en) | Sensor network session key establishing method | |
CN112601221B (en) | Internet of things dynamic NTRU access authentication method based on time information | |
Castiglione et al. | An efficient and transparent one-time authentication protocol with non-interactive key scheduling and update | |
CN112437055B (en) | Electric power internet of things network terminal NTRU safe access method based on edge calculation | |
CN116599659B (en) | Certificate-free identity authentication and key negotiation method and system | |
Liu et al. | pKAS: A Secure Password‐Based Key Agreement Scheme for the Edge Cloud | |
CN111669275A (en) | Master-slave cooperative signature method capable of selecting slave nodes in wireless network environment | |
CN106487502B (en) | Lightweight key negotiation method based on password | |
KR100456624B1 (en) | Authentication and key agreement scheme for mobile network | |
Boudguiga et al. | An authentication scheme for IEEE 802.11 s mesh networks relying on Sakai-Kasahara ID-Based Cryptographic algorithms | |
Lei et al. | A pairing‐free identity‐based handover AKE protocol with anonymity in the heterogeneous wireless networks | |
CN114386020A (en) | Quick secondary identity authentication method and system based on quantum security | |
Zhang et al. | Verifier-based anonymous password-authenticated key exchange protocol in the standard model | |
CN113014376B (en) | Method for safety authentication between user and server | |
Hsu et al. | Password authenticated key exchange protocol for multi-server mobile networks based on Chebyshev chaotic map | |
CN114070570A (en) | Safe communication method of power Internet of things | |
Yussoff et al. | IBE-Trust: A security framework for wireless sensor networks | |
CN114070549A (en) | Key generation method, device, equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |