CN117097488A - Equipment group security verification method based on node path finding - Google Patents

Equipment group security verification method based on node path finding Download PDF

Info

Publication number
CN117097488A
CN117097488A CN202311353330.4A CN202311353330A CN117097488A CN 117097488 A CN117097488 A CN 117097488A CN 202311353330 A CN202311353330 A CN 202311353330A CN 117097488 A CN117097488 A CN 117097488A
Authority
CN
China
Prior art keywords
node
devices
verification
father
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202311353330.4A
Other languages
Chinese (zh)
Other versions
CN117097488B (en
Inventor
周让
陈文进
杨可
张新鹏
王洪辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Univeristy of Technology
Original Assignee
Chengdu Univeristy of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Univeristy of Technology filed Critical Chengdu Univeristy of Technology
Priority to CN202311353330.4A priority Critical patent/CN117097488B/en
Publication of CN117097488A publication Critical patent/CN117097488A/en
Application granted granted Critical
Publication of CN117097488B publication Critical patent/CN117097488B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/16Multipoint routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/48Routing tree calculation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a device group security verification method based on node path finding, which comprises the following steps of initializing node devices; generating a communication diagram of the device group S; when the verifier needs to verify the security of the device group S, an initial device D is selected from the device group S S The method comprises the steps of carrying out a first treatment on the surface of the From D S Initially, constructing a spanning tree in the communication graph with the communication identifiers; and verifying the device group S step by step from the leaf node to the root node. The invention collects the verification information of each node equipment by constructing the spanning tree in the communication diagram, and accumulates the verification report from the child node from bottom to top to the node equipmentThe verifier ensures the security of the group device. If the main father node is unable to communicate during the return of the verification report, the invention can strengthen the expansibility and the safety of the group verification method, and the group device returns more effective verification information, thereby reducing the management burden of the network manager and improving the reliability and the safety of the whole system.

Description

Equipment group security verification method based on node path finding
Technical Field
The invention relates to the field of security of the Internet of things, in particular to a device group security verification method based on node routing.
Background
Currently, the idea of the emerging industry trend is to compose an intelligent system from a large number of heterogeneous embedded devices and mobile devices, i.e. to form the so-called internet of things (IoT). It is predicted that billions of connected devices will implement more new services and experiences in the future. Some examples of which include: 1. an industrial control system; 2. connected internet of things devices in an intelligent environment; 3. an ad hoc dynamic network. Such systems are commonly referred to as device clusters. In order to ensure proper operation of an internet of things system, it is critical to maintain its software integrity and protect it from attacks. In a group of devices, each device may have different functionality and security requirements, and thus a flexible and efficient method is needed to ensure the security of the overall system.
With the continuous development of the internet of things, the scale and complexity of equipment groups are also continuously increased. Therefore, there is a need to seek a more efficient, extensible and secure device group attestation method to accommodate the needs of future internet of things systems and ensure that device groups in the internet of things can reliably operate in complex environments. As the network scale expands, network attacks and data leakage events also frequently occur. Hackers can utilize the loopholes of the Internet of things equipment to carry out large-scale network attack to form a huge botnet, and threaten network security and social stability. In order to cope with these security challenges, effective security measures need to be taken in various fields, and protection and monitoring of the internet of things equipment are enhanced. The method comprises the steps of strengthening the security design and encryption mechanism of the equipment, periodically updating and maintaining the firmware and software of the equipment, establishing a security audit and monitoring system, and timely discovering and coping with potential security threats.
In recent years, researchers have devised a solution for group attestation, which is an emerging security technology that provides a powerful solution to these security threats. Group certification allows multiple devices to cooperatively and jointly generate certification information, improves the reliability and security of verification, and provides more reliable verification results. In addition, group attestation can also enhance trust and collaboration capabilities between devices, facilitating multi-device collaboration in a distributed system.
However, the conventional group proof method also has various problems: 1. conventional group attestation methods may utilize broadcast technology for inter-device communication, which may result in significant communication overhead, and information is readily available to adversaries, thereby reducing security of the system. 2. In the traditional group proving method, a spanning tree construction mode is utilized, only a simple verification result can be returned to prove the safety of the whole group, but the safety condition of each device cannot be specified, and the method is not beneficial to the maintenance and safety management of a network manager on the devices. 3. In the traditional group proving method, a spanning tree construction method is utilized, so that the dropped equipment cannot be well processed. Once this is encountered, all the security reports accumulated by all devices under the subtree will be invalidated, affecting the security assessment of the entire device group.
Disclosure of Invention
The invention aims to provide the node-based security verification method for the equipment group, which can still provide a reliable group verification report for a verifier under the condition of equipment disconnection and can adapt to the dynamic property of the embedded equipment of the Internet of things.
In order to achieve the above purpose, the technical scheme adopted by the invention is as follows: a device group security verification method based on node routing comprises the following steps:
(1) Initializing node equipment;
initializing each node device, including: generating an initial software configuration digest c, a software configuration digest certificate cert (c), a signature key pair (SK, PK), an identity certificate cert (PK) and a neighbor device list for each node device, wherein the neighbor device list is empty and is used for storing neighbor devices of the node device, and the neighbor devices are node devices which are directly communicated with the node device;
(2) Generating a communication diagram of the device group S;
(21) Selecting N node devices, and setting the connection relation between each node device and the rest node devices;
(22) Establishing communication connection among the node devices connected with each other, registering, adding the node devices connected with each other into a neighbor device list of the other party, and forming a communication diagram of a device group S by the communication connection of N node devices;
for two interconnected node devices, the registration process is: generating a communication key between the two, exchanging and verifying a software configuration abstract certificate of the other party;
(3) When the verifier needs to verify the security of the device group S, a communication identifier q is generated, and a node device for transmitting q is selected from the device group S and marked as an initial device D S
(4) From D S Firstly, constructing a spanning tree in a communication diagram by q, wherein the spanning tree comprises (41) - (44);
(41) Presetting a receiving time t 0 D is to S As the root node of the spanning tree, to D S Is broadcast q by a neighbor device;
(42) Neighbor device at t 0 Receiving communication identifier q, if received, triggering execution of spanning tree protocol, D S Wherein a neighbor device D k The method for executing the spanning tree protocol comprises the following steps:
(42-1)D k at t 0 Receiving a communication identifier q, recording node equipment sent by the communication identifier q in time sequence, marking the first node as a main father node, and marking the rest nodes as standby father nodes;
(42-2) the Master parent node will D k Recording as own child node;
(43) To the next level topology:
D k is A k ,D k To A k Broadcasting q by other neighbor devices except the main father node to trigger the corresponding node device to execute the spanning tree protocol;
(44) Step-by-step downward topology until leaf nodes are generated;
(5) Verifying the equipment group S step by step from the leaf node to the root node, specifically;
(51) Determining a father node for each child node, wherein the father node is one of a main father node or a standby father node of the child node;
(52) Starting from the leaf node, the child node sends self-signed security verification information to the parent node, and the parent node obtains a verification result after security verification;
(53) Generating a verification report by the father node after obtaining verification results of all child nodes, forming an information packet by the verification report and safety verification information of the father node, sending the information packet to the father node, wherein the father node sending the information packet is a subordinate father node, and the father node receiving the information packet is an superordinate father node;
(54) The upper parent node performs security verification on the security verification information of the lower parent node to obtain a verification result, and accumulates the verification report sent by the lower parent node upwards until the information packet Jing Gen node is sent to a verifier;
(55) The verifier performs security verification on the security verification information of the root node to obtain a verification result of the root node, and receives a verification report sent from the root node.
Preferably, the node devices are devices of the same class or heterogeneous devices, and each node device at least comprises a read-only memory, a memory protection unit and a clock with a write protection function.
Preferably, in step (1), for a node device:
an initial software configuration digest c, generated by a hash function for each node device according to the initial software configuration;
a software configuration digest certificate cert (c), a certificate that signs the initial software configuration digest c for the network administrator OP using its public key PKo;
in the signature key pair (SK, PK), SK is a private key of the node equipment, and PK is a public key of the node equipment;
the identity certificate cert (PK) is a certificate signed by the network manager OP using its public key PKo.
Preferably, the step (22) forms a communication map specifically;
(b1) Two node devices are selected from N node devices to form a device group S;
(b2) Selecting whether to connect and executing a registration protocol according to the connection relation of the two node devices;
if the two are connected, establishing communication connection between the two, executing a registration protocol, and mutually joining into a neighbor device list of the other party; otherwise, not executing the operation;
(b3) Adding S from one node device selected from N-2 node devices, selecting whether to connect and executing a registration protocol according to the connection relation between the node device and other node devices in the S;
(b4) And adding the rest node devices into the S in turn, and forming a communication diagram of the device group S by the communication connection relation of the N node devices.
Preferably, step (51) determines that the parent node is specifically;
(a1) Presetting a receiving time t 1
(a2) The child node sends security verification information to the main parent node, if the main parent node receives the security verification information, the child node returns confirmation information, otherwise, the child node does not return;
(a3) Child node at t 1 Waiting for confirmation information in the duration, if the confirmation information is received, taking the main father node as the father node, otherwise, marking the main father node as an unvented node, and executing the step (a 4);
(a4) Traversing the standby father node, finding a child node, after sending the security verification information, returning the confirmation information and at t 1 And the standby parent node received by the child node in the duration is used as the parent node.
Preferably, in step (52), the sending, by the child node, security verification information signed by the child node to the parent node is specifically:
for a child node D j Its father node is D i ,D j To D i Transmitted security verification information M j Comprises D j Heartbeat message hb j Verification message u j Software ofConfiguring digest certificate cert (c) j ) Information category;
said heartbeat message hb j From ID j 、t j 、c j ' and cert (c) j ) A constitution in which ID j For D j Device ID, t of (a) j For D j To D i Time stamp for transmitting security verification information, c j ' configure digest for current software, is D j Generating through a hash function according to the current software configuration;
the verification message u j From hb j Through D j And D i Inter-communication key k ij Encrypting by using a MAC algorithm;
the information category includes a verification request;
D j for M j Is signed HB j = sign(SK j ; hb j , u j , MSGTYPE=req);
Wherein SK is j For D j Msgtype=req represents M j Is an authentication request.
Preferably, when the position of a node device changes or a node device is newly added, the communication connection of the original communication diagram is disconnected, and the communication diagram of the device group S is regenerated according to the step (2).
Noun interpretation:
1. group proof: english Swarm Attestation. The group attestation method allows a verifier to attest multiple attestations in parallel. Unlike traditional remote attestation, group attestation is not just an individual attestation, but rather a plurality of individuals participate together and cooperate to complete an attestation process. Group certificates may be used in a variety of scenarios, such as group authentication, group authorization, group decision, etc. In group attestation, each group member has its own identity and certificate, and through cooperation and coordination, the group members can jointly attest to the security and integrity of the device.
2. The verifier: english Verifier, abbreviated Ver. It is mainly responsible for verifying and auditing certificates and related information from other participants, ensuring validity and correctness of group certificates. The role of the verifier may be played by different entities, such as servers in the network, blockchain nodes, or other legitimate participants. The verifier typically has some computational and memory resources to execute the verification algorithm and store the relevant verification information.
3. Network manager: english Network Operator, abbreviation OP: is a security entity that we assume, all devices in the group are initialized and deployed by it, mainly responsible for distributing keys and distributing security certificates. The network manager is in an absolutely secure environment, so that in this solution, the adversary's software attacks and physical attacks on him are not considered.
4. Group: english Swarm. Refers to a collection of multiple participants. These participants may be individuals, devices, nodes, or other entities that may cooperate and cooperate with each other. In the scheme, a network consisting of various heterogeneous embedded devices is specified.
5. Signature: english Signature. Refers to a digital signature attached to information or a document for verifying the integrity, authenticity and origin of the information or document. The signature is generated by the sender and appended to the information, and the receiver can verify the validity of the signature using the public key.
6. Hash function: english Hash function is an algorithm that converts input data (messages, files, etc.) into output values of fixed length. The output value of a hash function is often referred to as a hash value, digest, or hash value. The hash function maps the input data to a short, fixed-length binary string, which is ideally unique. The present invention requires the use of hash functions in both generating the initial software configuration digest c and the current software configuration digest.
7. Group node devices are a number of common devices in a network. The system is composed of a network of a plurality of nodes, each node device having its own independent and unique device number ID. Each node device needs to maintain a list of neighbor devices, e.g., node device D i Is A i The list records information of all neighbor devices of the node device. These devices may be heterogeneous, but they must have the lightest securityThe frame comprises a read-only memory ROM, a memory protection unit MPU and a clock with a write protection function. Furthermore, these devices may be geographically distributed over a wide area. The ROM, the MPU and the clocks with write protection function are used to indicate that each device needs to have these physical protection functions, such as a write protection clock, to prevent an intruder from modifying the later used time stamp.
Compared with the prior art, the invention has the advantages that:
(1) The method can effectively verify the integrity state of the group node equipment, ensure the validity of the identity of the node equipment and the correctness of the running software of the node equipment, and effectively prevent various malicious attacks of the adversary equipment on the node equipment.
(2) The invention constructs the spanning tree in the communication diagram, improves the spanning tree protocol, marks the father node and the son node, improves the broadcasting mode, greatly reduces the communication cost compared with the traditional broadcasting mode, and simultaneously effectively reduces the calculation performance requirement on the embedded equipment in the Internet of things.
(3) The invention provides a new equipment group proving method, which finally reports the safety states of all node equipment to a verifier by accumulating verification reports of each node from a child node to a father node, thereby providing more information for the maintenance of the equipment group and greatly reducing the management burden and maintenance cost of a network manager.
(4) The invention also adds a path finding method, records a main father node and a standby father node for each child node, and determines a new father node according to steps (a 1) - (a 4) in the case of the father node equipment dropping during verification.
Drawings
FIG. 1 is a flow chart of the present invention;
fig. 2 is a communication diagram of a device group S according to the present invention;
FIG. 3 is a flow chart of step (5) of the present invention.
Detailed Description
The invention will be further described with reference to the accompanying drawings.
Example 1: referring to fig. 1-3, a device group security verification method based on node routing includes the following steps:
(1) Initializing node equipment;
initializing each node device, including: generating an initial software configuration digest c, a software configuration digest certificate cert (c), a signature key pair (SK, PK), an identity certificate cert (PK) and a neighbor device list for each node device, wherein the neighbor device list is empty and is used for storing neighbor devices of the node device, and the neighbor devices are node devices which are directly communicated with the node device;
(2) Generating a communication diagram of the device group S;
(21) Selecting N node devices, and setting the connection relation between each node device and the rest node devices;
(22) Establishing communication connection among the node devices connected with each other, registering, adding the node devices connected with each other into a neighbor device list of the other party, and forming a communication diagram of a device group S by the communication connection of N node devices;
for two interconnected node devices, the registration process is: generating a communication key between the two, exchanging and verifying a software configuration abstract certificate of the other party;
(3) When the verifier needs to verify the security of the device group S, a communication identifier q is generated, and a node device for transmitting q is selected from the device group S and marked as an initial device D S
(4) From D S Firstly, constructing a spanning tree in a communication diagram by q, wherein the spanning tree comprises (41) - (44);
(41) Presetting a receiving time t 0 D is to S As the root node of the spanning tree, to D S Is broadcast q by a neighbor device;
(42) Neighbor device at t 0 Receiving communication identifier q, if received, triggering execution of spanning tree protocol, D S Wherein a neighbor device D k The method for executing the spanning tree protocol comprises the following steps:
(42-1)D k at t 0 Receiving a communication identifier q, recording node equipment sent by the communication identifier q in time sequence, marking the first node as a main father node, and marking the rest nodes as standby father nodes;
(42-2) the Master parent node will D k Recording as own child node;
(43) To the next level topology:
D k is A k ,D k To A k Broadcasting q by other neighbor devices except the main father node to trigger the corresponding node device to execute the spanning tree protocol;
(44) Step-by-step downward topology until leaf nodes are generated;
(5) Verifying the equipment group S step by step from the leaf node to the root node, specifically;
(51) Determining a father node for each child node, wherein the father node is one of a main father node or a standby father node of the child node;
(52) Starting from the leaf node, the child node sends self-signed security verification information to the parent node, and the parent node obtains a verification result after security verification;
(53) Generating a verification report by the father node after obtaining verification results of all child nodes, forming an information packet by the verification report and safety verification information of the father node, sending the information packet to the father node, wherein the father node sending the information packet is a subordinate father node, and the father node receiving the information packet is an superordinate father node;
(54) The upper parent node performs security verification on the security verification information of the lower parent node to obtain a verification result, and accumulates the verification report sent by the lower parent node upwards until the information packet Jing Gen node is sent to a verifier;
(55) The verifier performs security verification on the security verification information of the root node to obtain a verification result of the root node, and receives a verification report sent from the root node.
In the invention, the node devices are the same type devices or heterogeneous devices, and each node device at least comprises a read-only memory, a memory protection unit and a clock with a write protection function.
In step (1), for a node device:
an initial software configuration digest c, generated by a hash function for each node device according to the initial software configuration;
a software configuration digest certificate cert (c), a certificate that signs the initial software configuration digest c for the network administrator OP using its public key PKo;
in the signature key pair (SK, PK), SK is a private key of the node equipment, and PK is a public key of the node equipment;
the identity certificate cert (PK) is a certificate signed by the network manager OP using its public key PKo.
The step (22) forms a communication diagram specifically;
(b1) Two node devices are selected from N node devices to form a device group S;
(b2) Selecting whether to connect and executing a registration protocol according to the connection relation of the two node devices;
if the two are connected, establishing communication connection between the two, executing a registration protocol, and mutually joining into a neighbor device list of the other party; otherwise, not executing the operation;
(b3) Adding S from one node device selected from N-2 node devices, selecting whether to connect and executing a registration protocol according to the connection relation between the node device and other node devices in the S;
(b4) And adding the rest node devices into the S in turn, and forming a communication diagram of the device group S by the communication connection relation of the N node devices.
Step (51) determining that the parent node is specifically;
(a1) Presetting a receiving time t 1
(a2) The child node sends security verification information to the main parent node, if the main parent node receives the security verification information, the child node returns confirmation information, otherwise, the child node does not return;
(a3) Child node at t 1 Waiting for confirmation information in the duration, if the confirmation information is received, taking the main father node as the father node, otherwise, marking the main father node as an unvented node, and executing the step (a 4);
(a4) Traversing the standby father node, finding a child node, after sending the security verification information, returning the confirmation information and at t 1 And the standby parent node received by the child node in the duration is used as the parent node.
In step (52), the child node sends the security verification information signed by itself to the parent node specifically:
for a child node D j Its father node is D i ,D j To D i Transmitted security verification information M j Comprises D j Heartbeat message hb j Verification message u j Software-configured digest certificate cert (c) j ) Information category;
said heartbeat message hb j From ID j 、t j 、c j ' and cert (c) j ) A constitution in which ID j For D j Device ID, t of (a) j For D j To D i Time stamp for transmitting security verification information, c j ' configure digest for current software, is D j Generating through a hash function according to the current software configuration;
the verification message u j From hb j Through D j And D i Inter-communication key k ij Encrypting by using a MAC algorithm;
the information category includes a verification request;
D j for M j Is signed HB j = sign(SK j ; hb j , u j , MSGTYPE=req);
Wherein SK is j For D j Msgtype=req represents M j Is an authentication request.
In addition, it should be noted that when a node device changes in position or a node device is newly added, the communication connection of the original communication diagram is disconnected, and the communication diagram of the device group S is regenerated in step (2).
Regarding the initialization of the node device in step (1): each node device of the invention is initialized by the network manager OP, and for the node device D i Network manager OP uses software configuration c i Software configuration digest certificate cert (c) initialized and signed by network manager OP i ) Verify to ensure c i Is D i Is provided. Each node device is initialized with the OP public key to later verify the software configuration digest certificates and identity certificates of the other node devices.
Regarding the neighbor device list: each node device has a neighbor list with an initial state of null. In step (22), the node devices are joined to the neighbor device list of the other party only after the communication connection is established between the node devices connected to each other and registered. The addition method is that, assume D i Broadcasting a collection information, and after receiving the collection information, replying a feedback information, D i After receiving the feedback information, the node equipment is added into a neighbor equipment list A i Is a kind of medium.
Registration with respect to step (22): in the present invention, when a device node device initially joins the device group S or changes its location, the newly joined node device will execute a registration protocol with all new neighbor devices. Suppose that an access node device D in device group S j The network manager accesses the new node device D again i In step (21), the two are in communication connection, D i For new access equipment, D j Is an accessed device.
D j 、D i During registration, D i And D j Generates a shared communication key k therebetween ij And represents a key set formed by communication authentication keys established by all neighbor devices accessed subsequently as K i . The establishment of the communication key may use D-based i Private key SK of (1) i 、D j Private key SK of (1) j 、D i Is certificate cert (PK) i )、D j Is identity certificate cert (P)K j ) Is accomplished using a key pre-allocation technique. After the two-device communication key is constructed, the two parties establish a use k ij An encryption channel is formed to exchange the subsequent safety information data, D j Will accept D i Sent software configuration digest certificate cert (c) i ) Come to learn D i Initial software configuration digest c of (2) i At the same time, the software configuration digest certificate cert (c j ) Transmitting D i Newly added node device D i Will and follow all accessed devices such as D k All of the above operations are performed, if the certificate verification is successful, D will be k Initial software configuration digest c of (2) k The method is stored so as to facilitate the follow-up verification of the proving report of the neighbor device; if the authentication fails, the device is not accepted as a new neighbor.
Regarding spanning tree protocol: in the spanning tree protocol designed by the invention, the maximum limit is not set for the number of the child nodes, because the limit for the number of the child nodes can cause that some devices can not be correctly added into the spanning tree under the condition of huge number of node devices.
Regarding the step-by-step verification of the device group S in the step (5), in the verification process, the child node sends its own security verification information to the parent node. For each subordinate father node, after the security verification of each corresponding child node is completed, the corresponding child node and the security verification information are sent to the superior father node for security verification, before each verification report is sent, the node checks whether the superior father node can pass, the superior father node returns a message to the subordinate father node after receiving the information, tells the subordinate father node that the verification information is received, and finally accumulates the verification report to the root node. During the verification process, the non-passable nodes are recorded in the non-passable node list and recorded together in the verification report.
Determining a parent node in step (51): each of the spanning trees is constructed from top to bottomThe child nodes all have own main father nodes, but when the verifier verifies, the node equipment can not communicate with the child nodes due to attack, disconnection and the like, and step (51) is adopted to reselect the father nodes from the standby father nodes, so that automatic path finding is realized. During selection, a standby father node can be selected first to see whether t is available 1 And if the confirmation information returned by the standby father node is received in the duration, the standby father node is directly used as the father node, and if the confirmation information is not received, a standby father node is selected again, and the judgment is reconfirmed according to the method.
In summary, the method of the present invention aims to ensure the security of group devices by collecting verification information of each node device by constructing a spanning tree in a communication graph, and accumulating verification reports from bottom to top from child nodes to verifiers. When the node equipment returns the verification report, if the situation that the father node equipment cannot communicate is met, a path-finding protocol is started, a standby node is found to resend the verification report, the expansibility and the safety of the group proving method can be effectively enhanced, and the group equipment can return more effective verification information, so that the management burden of a network manager is reduced, and meanwhile, the reliability and the safety of the whole system are also improved.
Example 2: referring to fig. 1-3, we present a specific method for verifying security of a device group based on node routing. In the present embodiment, a total of 8 device nodes, D1 to D8, respectively, are assumed.
(1) D1 to D8 are first initialized separately.
(2) Generating a communication map of the device group S, comprising steps (21) - (22).
(21) Selecting 8 node devices from D1 to D8, and setting the connection relation between each node device and the rest node devices; in fig. 2, we set that D1 is directly connected to D2, D3, D2 is connected to D1, D3, D4, D5, D3 is connected to D1, D2, D4 is connected to D6, and as shown in fig. 2, the connection modes are all preset.
(22) And establishing communication connection between the interconnected node devices, registering, and adding the interconnected node devices into a neighbor device list of the other party.
For D1, communication connection with D2 and D3 is required to be established and registered, and D2 and D3 are added into a neighbor device list of the device;
for D2, communication connection with D1, D3, D4 and D5 needs to be established and registered, and D1, D3, D4 and D5 are added into a neighbor device list of the device; and the communication diagram of the device group S is formed by processing the communication network up to D8 and finally forming a communication network by 8 nodes.
(3) When the verifier needs to verify the security of the device group S, a communication identifier q is generated, and a node device for transmitting q is selected from the device group S and marked as an initial device D S In this embodiment, D1 is selected as the initial device, and for convenience of description, D1 is directly used to denote the initial device D S
(4) Starting from D1, constructing a spanning tree in the communication diagram by q, and marking a father node and a standby father node in the construction process.
(5) The device group S is verified step by step from the leaf node to the root node, we take a leaf node D7 as an example, in fig. 2, D7 is a leaf node, its main father nodes are D4, and the standby father nodes are D6 and D8, including (51) - (54).
(51) For the leaf node D7, the parent node is determined, assuming that the leaf node D7 sends security verification information to D4, D4 can receive and return confirmation information, D4 at t 1 If the confirmation information is received in the duration, D4 is the father node, otherwise, the father node is selected from the standby nodes D6 and D8;
(52) Starting from D7, sending self-signed security verification information to D4, and obtaining a verification result after the D4 performs security verification;
(53) In fig. 2, all the child nodes D4 are D6 and D7, and after obtaining the verification results of all the child nodes, a verification report is generated, and the verification report and the security verification information of the child nodes form an information packet and are sent to the parent node D2 of the child nodes;
(54) And D2, carrying out security verification on the security verification information of the D4 to obtain a verification result, and accumulating the verification report sent by the D4 upwards until the information packet is sent to a verifier through the D1.
(55) And the verifier receives the information packet sent by the D1, and can obtain verification results of all the node devices accumulated upwards only by carrying out security verification on the D1 and acquiring the verification report accumulated to the D1.
The foregoing description of the preferred embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, and alternatives falling within the spirit and principles of the invention.

Claims (7)

1. The equipment group security verification method based on node path finding is characterized by comprising the following steps:
(1) Initializing node equipment;
initializing each node device, including: generating an initial software configuration digest c, a software configuration digest certificate cert (c), a signature key pair (SK, PK), an identity certificate cert (PK) and a neighbor device list for each node device, wherein the neighbor device list is empty and is used for storing neighbor devices of the node device, and the neighbor devices are node devices which are directly communicated with the node device;
(2) Generating a communication diagram of the device group S;
(21) Selecting N node devices, and setting the connection relation between each node device and the rest node devices;
(22) Establishing communication connection among the node devices connected with each other, registering, adding the node devices connected with each other into a neighbor device list of the other party, and forming a communication diagram of a device group S by the communication connection of N node devices;
for two interconnected node devices, the registration process is: generating a communication key between the two, exchanging and verifying a software configuration abstract certificate of the other party;
(3) When the verifier needs to verify the security of the device group S, a communication identifier q is generated, and a node device for transmitting q is selected from the device group S and marked as an initial device D S
(4) From D S Firstly, constructing a spanning tree in a communication diagram by q, wherein the spanning tree comprises (41) - (44);
(41) Presetting a receiving time t 0 D is to S As the root node of the spanning tree, to D S Is broadcast q by a neighbor device;
(42) Neighbor device at t 0 Receiving communication identifier q, if received, triggering execution of spanning tree protocol, D S Wherein a neighbor device D k The method for executing the spanning tree protocol comprises the following steps:
(42-1)D k at t 0 Receiving a communication identifier q, recording node equipment sent by the communication identifier q in time sequence, marking the first node as a main father node, and marking the rest nodes as standby father nodes;
(42-2) the Master parent node will D k Recording as own child node;
(43) To the next level topology:
D k is A k ,D k To A k Broadcasting q by other neighbor devices except the main father node to trigger the corresponding node device to execute the spanning tree protocol;
(44) Step-by-step downward topology until leaf nodes are generated;
(5) Verifying the equipment group S step by step from the leaf node to the root node, specifically;
(51) Determining a father node for each child node, wherein the father node is one of a main father node or a standby father node of the child node;
(52) Starting from the leaf node, the child node sends self-signed security verification information to the parent node, and the parent node obtains a verification result after security verification;
(53) Generating a verification report by the father node after obtaining verification results of all child nodes, forming an information packet by the verification report and safety verification information of the father node, sending the information packet to the father node, wherein the father node sending the information packet is a subordinate father node, and the father node receiving the information packet is an superordinate father node;
(54) The upper parent node performs security verification on the security verification information of the lower parent node to obtain a verification result, and accumulates the verification report sent by the lower parent node upwards until the information packet Jing Gen node is sent to a verifier;
(55) The verifier performs security verification on the security verification information of the root node to obtain a verification result of the root node, and receives a verification report sent from the root node.
2. The node-routing-based device group security verification method according to claim 1, wherein the node devices are devices of the same class or heterogeneous devices, each node device including at least a read-only memory, a memory protection unit, and a clock having a write protection function.
3. The node-routing-based device group security verification method of claim 1, wherein in step (1), for a node device:
an initial software configuration digest c, generated by a hash function for each node device according to the initial software configuration;
a software configuration digest certificate cert (c), a certificate that signs the initial software configuration digest c for the network administrator OP using its public key PKo;
in the signature key pair (SK, PK), SK is a private key of the node equipment, and PK is a public key of the node equipment;
the identity certificate cert (PK) is a certificate signed by the network manager OP using its public key PKo.
4. The node-based device group security verification method according to claim 1, wherein the step (22) forms a communication map specifically;
(b1) Two node devices are selected from N node devices to form a device group S;
(b2) Selecting whether to connect and executing a registration protocol according to the connection relation of the two node devices;
if the two are connected, establishing communication connection between the two, executing a registration protocol, and mutually joining into a neighbor device list of the other party; otherwise, not executing the operation;
(b3) Adding S from one node device selected from N-2 node devices, selecting whether to connect and executing a registration protocol according to the connection relation between the node device and other node devices in the S;
(b4) And adding the rest node devices into the S in turn, and forming a communication diagram of the device group S by the communication connection relation of the N node devices.
5. The node-based device group security verification method of claim 1, wherein step (51) determines that the parent node is in particular;
(a1) Presetting a receiving time t 1
(a2) The child node sends security verification information to the main parent node, if the main parent node receives the security verification information, the child node returns confirmation information, otherwise, the child node does not return;
(a3) Child node at t 1 Waiting for confirmation information in the duration, if the confirmation information is received, taking the main father node as the father node, otherwise, marking the main father node as an unvented node, and executing the step (a 4);
(a4) Traversing the standby father node, finding a child node, after sending the security verification information, returning the confirmation information and at t 1 And the standby parent node received by the child node in the duration is used as the parent node.
6. The node-routing-based device group security verification method according to claim 1, wherein in step (52), the sending, by the child node, the self-signed security verification information to the parent node is specifically:
for a child node D j Its father node is D i ,D j To D i Transmitted security verification information M j Comprises D j Heartbeat message hb j Verification message u j Software-configured digest certificate cert (c) j ) Information category;
said heartbeat message hb j From ID j 、t j 、c j ' and cert (c) j ) A constitution in which ID j For D j Device ID, t of (a) j For D j To D i Time stamp for transmitting security verification information, c j ' configure digest for current software, is D j Generating through a hash function according to the current software configuration;
the verification message u j From hb j Through D j And D i Inter-communication key k ij Encrypting by using a MAC algorithm;
the information category includes a verification request;
D j for M j Is signed HB j = sign(SK j ; hb j , u j , MSGTYPE=req);
Wherein SK is j For D j Msgtype=req represents M j Is an authentication request.
7. The node-routing-based device group security verification method of claim 1, wherein when a node device changes in location or a node device is newly added, the communication connection of the original communication map is disconnected, and the communication map of the device group S is regenerated according to step (2).
CN202311353330.4A 2023-10-19 2023-10-19 Equipment group security verification method based on node path finding Active CN117097488B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311353330.4A CN117097488B (en) 2023-10-19 2023-10-19 Equipment group security verification method based on node path finding

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311353330.4A CN117097488B (en) 2023-10-19 2023-10-19 Equipment group security verification method based on node path finding

Publications (2)

Publication Number Publication Date
CN117097488A true CN117097488A (en) 2023-11-21
CN117097488B CN117097488B (en) 2023-12-19

Family

ID=88775507

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311353330.4A Active CN117097488B (en) 2023-10-19 2023-10-19 Equipment group security verification method based on node path finding

Country Status (1)

Country Link
CN (1) CN117097488B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120237033A1 (en) * 2011-03-16 2012-09-20 Yasuyuki Tanaka Node, a root node, and a computer readable medium
CN103501484A (en) * 2004-08-16 2014-01-08 高通股份有限公司 Methods and apparatus for managing group membership for group communications
CN110022312A (en) * 2019-03-20 2019-07-16 杭州职业技术学院 One kind being used for the prolongable lightweight method of proof of internet of things equipment
US20190319801A1 (en) * 2019-06-28 2019-10-17 Intel Corporation Efficient post-quantum anonymous attestation with signature-based join protocol and unlimited signatures
CN114168703A (en) * 2021-11-17 2022-03-11 南方电网科学研究院有限责任公司 Group encrypted data retrieval method
CN114244499A (en) * 2020-09-09 2022-03-25 如般量子科技有限公司 Group communication method and system based on tree structure symmetric key pool
CN115001723A (en) * 2021-02-20 2022-09-02 南京如般量子科技有限公司 Group communication method and system based on tree structure and asymmetric key pool

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103501484A (en) * 2004-08-16 2014-01-08 高通股份有限公司 Methods and apparatus for managing group membership for group communications
US20120237033A1 (en) * 2011-03-16 2012-09-20 Yasuyuki Tanaka Node, a root node, and a computer readable medium
CN110022312A (en) * 2019-03-20 2019-07-16 杭州职业技术学院 One kind being used for the prolongable lightweight method of proof of internet of things equipment
US20190319801A1 (en) * 2019-06-28 2019-10-17 Intel Corporation Efficient post-quantum anonymous attestation with signature-based join protocol and unlimited signatures
CN114244499A (en) * 2020-09-09 2022-03-25 如般量子科技有限公司 Group communication method and system based on tree structure symmetric key pool
CN115001723A (en) * 2021-02-20 2022-09-02 南京如般量子科技有限公司 Group communication method and system based on tree structure and asymmetric key pool
CN114168703A (en) * 2021-11-17 2022-03-11 南方电网科学研究院有限责任公司 Group encrypted data retrieval method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
RANG ZHOU等: "File-Centric Multi-Key Aggregate Keyword Searchable Encryption for Industrial Internet of Things", 《 IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS 》 *
孙青等: "面向船联网的群组认证密钥协商协议设计", 《硕士电子期刊》 *

Also Published As

Publication number Publication date
CN117097488B (en) 2023-12-19

Similar Documents

Publication Publication Date Title
CN113194469B (en) 5G unmanned aerial vehicle cross-domain identity authentication method, system and terminal based on block chain
CN111010376B (en) Master-slave chain-based Internet of things authentication system and method
JP6406681B2 (en) System and method for pre-association service discovery
EP2859700B1 (en) Using neighbor discovery to create trust information for other applications
CN112039872A (en) Cross-domain anonymous authentication method and system based on block chain
CN101326763B (en) System and method for authentication of SP Ethernet aggregation networks
US20150149767A1 (en) Method and system for authenticating the nodes of a network
US20190014531A1 (en) Network Access Permission Management Method and Related Device
Xu et al. BE-RAN: Blockchain-enabled open RAN with decentralized identity management and privacy-preserving communication
US11362837B2 (en) Generating trustable RPL messages having root-signed rank values
CN112910861A (en) Group authentication and segmented authentication-based authentication method for terminal equipment of power internet of things
He et al. ROAchain: Securing route origin authorization with blockchain for inter-domain routing
Abduljabbar et al. MAC-Based Symmetric Key Protocol for Secure Traffic Forwarding in Drones
CN113572765A (en) Lightweight identity authentication key negotiation method for resource-limited terminal
KR100892616B1 (en) Method For Joining New Device In Wireless Sensor Network
Wacker et al. A new approach for establishing pairwise keys for securing wireless sensor networks
Weimerskirch et al. Identity certified authentication for ad-hoc networks
CN117097488B (en) Equipment group security verification method based on node path finding
Songshen et al. Hash-Based Signature for Flexibility Authentication of IoT Devices
JP2023506463A (en) Encrypted communication device and encrypted communication method
Martignon et al. DSA‐Mesh: a distributed security architecture for wireless mesh networks
CN117201042B (en) Automatic equipment verification method based on node information credibility metering
CN116389032B (en) SDN architecture-based power information transmission link identity verification method
CN114726604B (en) Multi-factor identity authentication method based on edge calculation and SDN under everything interconnection
Verma et al. Progressive authentication in ad hoc networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant