CN117097488A - Equipment group security verification method based on node path finding - Google Patents
Equipment group security verification method based on node path finding Download PDFInfo
- Publication number
- CN117097488A CN117097488A CN202311353330.4A CN202311353330A CN117097488A CN 117097488 A CN117097488 A CN 117097488A CN 202311353330 A CN202311353330 A CN 202311353330A CN 117097488 A CN117097488 A CN 117097488A
- Authority
- CN
- China
- Prior art keywords
- node
- devices
- verification
- father
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012795 verification Methods 0.000 title claims abstract description 132
- 238000000034 method Methods 0.000 title claims abstract description 45
- 238000004891 communication Methods 0.000 claims abstract description 79
- 238000010586 diagram Methods 0.000 claims abstract description 23
- 230000006870 function Effects 0.000 claims description 17
- 238000012790 confirmation Methods 0.000 claims description 16
- 230000008569 process Effects 0.000 claims description 7
- 238000010276 construction Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 238000007726 management method Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000012550 audit Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000010485 coping Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/02—Topology update or discovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/16—Multipoint routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/48—Routing tree calculation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a device group security verification method based on node path finding, which comprises the following steps of initializing node devices; generating a communication diagram of the device group S; when the verifier needs to verify the security of the device group S, an initial device D is selected from the device group S S The method comprises the steps of carrying out a first treatment on the surface of the From D S Initially, constructing a spanning tree in the communication graph with the communication identifiers; and verifying the device group S step by step from the leaf node to the root node. The invention collects the verification information of each node equipment by constructing the spanning tree in the communication diagram, and accumulates the verification report from the child node from bottom to top to the node equipmentThe verifier ensures the security of the group device. If the main father node is unable to communicate during the return of the verification report, the invention can strengthen the expansibility and the safety of the group verification method, and the group device returns more effective verification information, thereby reducing the management burden of the network manager and improving the reliability and the safety of the whole system.
Description
Technical Field
The invention relates to the field of security of the Internet of things, in particular to a device group security verification method based on node routing.
Background
Currently, the idea of the emerging industry trend is to compose an intelligent system from a large number of heterogeneous embedded devices and mobile devices, i.e. to form the so-called internet of things (IoT). It is predicted that billions of connected devices will implement more new services and experiences in the future. Some examples of which include: 1. an industrial control system; 2. connected internet of things devices in an intelligent environment; 3. an ad hoc dynamic network. Such systems are commonly referred to as device clusters. In order to ensure proper operation of an internet of things system, it is critical to maintain its software integrity and protect it from attacks. In a group of devices, each device may have different functionality and security requirements, and thus a flexible and efficient method is needed to ensure the security of the overall system.
With the continuous development of the internet of things, the scale and complexity of equipment groups are also continuously increased. Therefore, there is a need to seek a more efficient, extensible and secure device group attestation method to accommodate the needs of future internet of things systems and ensure that device groups in the internet of things can reliably operate in complex environments. As the network scale expands, network attacks and data leakage events also frequently occur. Hackers can utilize the loopholes of the Internet of things equipment to carry out large-scale network attack to form a huge botnet, and threaten network security and social stability. In order to cope with these security challenges, effective security measures need to be taken in various fields, and protection and monitoring of the internet of things equipment are enhanced. The method comprises the steps of strengthening the security design and encryption mechanism of the equipment, periodically updating and maintaining the firmware and software of the equipment, establishing a security audit and monitoring system, and timely discovering and coping with potential security threats.
In recent years, researchers have devised a solution for group attestation, which is an emerging security technology that provides a powerful solution to these security threats. Group certification allows multiple devices to cooperatively and jointly generate certification information, improves the reliability and security of verification, and provides more reliable verification results. In addition, group attestation can also enhance trust and collaboration capabilities between devices, facilitating multi-device collaboration in a distributed system.
However, the conventional group proof method also has various problems: 1. conventional group attestation methods may utilize broadcast technology for inter-device communication, which may result in significant communication overhead, and information is readily available to adversaries, thereby reducing security of the system. 2. In the traditional group proving method, a spanning tree construction mode is utilized, only a simple verification result can be returned to prove the safety of the whole group, but the safety condition of each device cannot be specified, and the method is not beneficial to the maintenance and safety management of a network manager on the devices. 3. In the traditional group proving method, a spanning tree construction method is utilized, so that the dropped equipment cannot be well processed. Once this is encountered, all the security reports accumulated by all devices under the subtree will be invalidated, affecting the security assessment of the entire device group.
Disclosure of Invention
The invention aims to provide the node-based security verification method for the equipment group, which can still provide a reliable group verification report for a verifier under the condition of equipment disconnection and can adapt to the dynamic property of the embedded equipment of the Internet of things.
In order to achieve the above purpose, the technical scheme adopted by the invention is as follows: a device group security verification method based on node routing comprises the following steps:
(1) Initializing node equipment;
initializing each node device, including: generating an initial software configuration digest c, a software configuration digest certificate cert (c), a signature key pair (SK, PK), an identity certificate cert (PK) and a neighbor device list for each node device, wherein the neighbor device list is empty and is used for storing neighbor devices of the node device, and the neighbor devices are node devices which are directly communicated with the node device;
(2) Generating a communication diagram of the device group S;
(21) Selecting N node devices, and setting the connection relation between each node device and the rest node devices;
(22) Establishing communication connection among the node devices connected with each other, registering, adding the node devices connected with each other into a neighbor device list of the other party, and forming a communication diagram of a device group S by the communication connection of N node devices;
for two interconnected node devices, the registration process is: generating a communication key between the two, exchanging and verifying a software configuration abstract certificate of the other party;
(3) When the verifier needs to verify the security of the device group S, a communication identifier q is generated, and a node device for transmitting q is selected from the device group S and marked as an initial device D S ;
(4) From D S Firstly, constructing a spanning tree in a communication diagram by q, wherein the spanning tree comprises (41) - (44);
(41) Presetting a receiving time t 0 D is to S As the root node of the spanning tree, to D S Is broadcast q by a neighbor device;
(42) Neighbor device at t 0 Receiving communication identifier q, if received, triggering execution of spanning tree protocol, D S Wherein a neighbor device D k The method for executing the spanning tree protocol comprises the following steps:
(42-1)D k at t 0 Receiving a communication identifier q, recording node equipment sent by the communication identifier q in time sequence, marking the first node as a main father node, and marking the rest nodes as standby father nodes;
(42-2) the Master parent node will D k Recording as own child node;
(43) To the next level topology:
D k is A k ,D k To A k Broadcasting q by other neighbor devices except the main father node to trigger the corresponding node device to execute the spanning tree protocol;
(44) Step-by-step downward topology until leaf nodes are generated;
(5) Verifying the equipment group S step by step from the leaf node to the root node, specifically;
(51) Determining a father node for each child node, wherein the father node is one of a main father node or a standby father node of the child node;
(52) Starting from the leaf node, the child node sends self-signed security verification information to the parent node, and the parent node obtains a verification result after security verification;
(53) Generating a verification report by the father node after obtaining verification results of all child nodes, forming an information packet by the verification report and safety verification information of the father node, sending the information packet to the father node, wherein the father node sending the information packet is a subordinate father node, and the father node receiving the information packet is an superordinate father node;
(54) The upper parent node performs security verification on the security verification information of the lower parent node to obtain a verification result, and accumulates the verification report sent by the lower parent node upwards until the information packet Jing Gen node is sent to a verifier;
(55) The verifier performs security verification on the security verification information of the root node to obtain a verification result of the root node, and receives a verification report sent from the root node.
Preferably, the node devices are devices of the same class or heterogeneous devices, and each node device at least comprises a read-only memory, a memory protection unit and a clock with a write protection function.
Preferably, in step (1), for a node device:
an initial software configuration digest c, generated by a hash function for each node device according to the initial software configuration;
a software configuration digest certificate cert (c), a certificate that signs the initial software configuration digest c for the network administrator OP using its public key PKo;
in the signature key pair (SK, PK), SK is a private key of the node equipment, and PK is a public key of the node equipment;
the identity certificate cert (PK) is a certificate signed by the network manager OP using its public key PKo.
Preferably, the step (22) forms a communication map specifically;
(b1) Two node devices are selected from N node devices to form a device group S;
(b2) Selecting whether to connect and executing a registration protocol according to the connection relation of the two node devices;
if the two are connected, establishing communication connection between the two, executing a registration protocol, and mutually joining into a neighbor device list of the other party; otherwise, not executing the operation;
(b3) Adding S from one node device selected from N-2 node devices, selecting whether to connect and executing a registration protocol according to the connection relation between the node device and other node devices in the S;
(b4) And adding the rest node devices into the S in turn, and forming a communication diagram of the device group S by the communication connection relation of the N node devices.
Preferably, step (51) determines that the parent node is specifically;
(a1) Presetting a receiving time t 1 ;
(a2) The child node sends security verification information to the main parent node, if the main parent node receives the security verification information, the child node returns confirmation information, otherwise, the child node does not return;
(a3) Child node at t 1 Waiting for confirmation information in the duration, if the confirmation information is received, taking the main father node as the father node, otherwise, marking the main father node as an unvented node, and executing the step (a 4);
(a4) Traversing the standby father node, finding a child node, after sending the security verification information, returning the confirmation information and at t 1 And the standby parent node received by the child node in the duration is used as the parent node.
Preferably, in step (52), the sending, by the child node, security verification information signed by the child node to the parent node is specifically:
for a child node D j Its father node is D i ,D j To D i Transmitted security verification information M j Comprises D j Heartbeat message hb j Verification message u j Software ofConfiguring digest certificate cert (c) j ) Information category;
said heartbeat message hb j From ID j 、t j 、c j ' and cert (c) j ) A constitution in which ID j For D j Device ID, t of (a) j For D j To D i Time stamp for transmitting security verification information, c j ' configure digest for current software, is D j Generating through a hash function according to the current software configuration;
the verification message u j From hb j Through D j And D i Inter-communication key k ij Encrypting by using a MAC algorithm;
the information category includes a verification request;
D j for M j Is signed HB j = sign(SK j ; hb j , u j , MSGTYPE=req);
Wherein SK is j For D j Msgtype=req represents M j Is an authentication request.
Preferably, when the position of a node device changes or a node device is newly added, the communication connection of the original communication diagram is disconnected, and the communication diagram of the device group S is regenerated according to the step (2).
Noun interpretation:
1. group proof: english Swarm Attestation. The group attestation method allows a verifier to attest multiple attestations in parallel. Unlike traditional remote attestation, group attestation is not just an individual attestation, but rather a plurality of individuals participate together and cooperate to complete an attestation process. Group certificates may be used in a variety of scenarios, such as group authentication, group authorization, group decision, etc. In group attestation, each group member has its own identity and certificate, and through cooperation and coordination, the group members can jointly attest to the security and integrity of the device.
2. The verifier: english Verifier, abbreviated Ver. It is mainly responsible for verifying and auditing certificates and related information from other participants, ensuring validity and correctness of group certificates. The role of the verifier may be played by different entities, such as servers in the network, blockchain nodes, or other legitimate participants. The verifier typically has some computational and memory resources to execute the verification algorithm and store the relevant verification information.
3. Network manager: english Network Operator, abbreviation OP: is a security entity that we assume, all devices in the group are initialized and deployed by it, mainly responsible for distributing keys and distributing security certificates. The network manager is in an absolutely secure environment, so that in this solution, the adversary's software attacks and physical attacks on him are not considered.
4. Group: english Swarm. Refers to a collection of multiple participants. These participants may be individuals, devices, nodes, or other entities that may cooperate and cooperate with each other. In the scheme, a network consisting of various heterogeneous embedded devices is specified.
5. Signature: english Signature. Refers to a digital signature attached to information or a document for verifying the integrity, authenticity and origin of the information or document. The signature is generated by the sender and appended to the information, and the receiver can verify the validity of the signature using the public key.
6. Hash function: english Hash function is an algorithm that converts input data (messages, files, etc.) into output values of fixed length. The output value of a hash function is often referred to as a hash value, digest, or hash value. The hash function maps the input data to a short, fixed-length binary string, which is ideally unique. The present invention requires the use of hash functions in both generating the initial software configuration digest c and the current software configuration digest.
7. Group node devices are a number of common devices in a network. The system is composed of a network of a plurality of nodes, each node device having its own independent and unique device number ID. Each node device needs to maintain a list of neighbor devices, e.g., node device D i Is A i The list records information of all neighbor devices of the node device. These devices may be heterogeneous, but they must have the lightest securityThe frame comprises a read-only memory ROM, a memory protection unit MPU and a clock with a write protection function. Furthermore, these devices may be geographically distributed over a wide area. The ROM, the MPU and the clocks with write protection function are used to indicate that each device needs to have these physical protection functions, such as a write protection clock, to prevent an intruder from modifying the later used time stamp.
Compared with the prior art, the invention has the advantages that:
(1) The method can effectively verify the integrity state of the group node equipment, ensure the validity of the identity of the node equipment and the correctness of the running software of the node equipment, and effectively prevent various malicious attacks of the adversary equipment on the node equipment.
(2) The invention constructs the spanning tree in the communication diagram, improves the spanning tree protocol, marks the father node and the son node, improves the broadcasting mode, greatly reduces the communication cost compared with the traditional broadcasting mode, and simultaneously effectively reduces the calculation performance requirement on the embedded equipment in the Internet of things.
(3) The invention provides a new equipment group proving method, which finally reports the safety states of all node equipment to a verifier by accumulating verification reports of each node from a child node to a father node, thereby providing more information for the maintenance of the equipment group and greatly reducing the management burden and maintenance cost of a network manager.
(4) The invention also adds a path finding method, records a main father node and a standby father node for each child node, and determines a new father node according to steps (a 1) - (a 4) in the case of the father node equipment dropping during verification.
Drawings
FIG. 1 is a flow chart of the present invention;
fig. 2 is a communication diagram of a device group S according to the present invention;
FIG. 3 is a flow chart of step (5) of the present invention.
Detailed Description
The invention will be further described with reference to the accompanying drawings.
Example 1: referring to fig. 1-3, a device group security verification method based on node routing includes the following steps:
(1) Initializing node equipment;
initializing each node device, including: generating an initial software configuration digest c, a software configuration digest certificate cert (c), a signature key pair (SK, PK), an identity certificate cert (PK) and a neighbor device list for each node device, wherein the neighbor device list is empty and is used for storing neighbor devices of the node device, and the neighbor devices are node devices which are directly communicated with the node device;
(2) Generating a communication diagram of the device group S;
(21) Selecting N node devices, and setting the connection relation between each node device and the rest node devices;
(22) Establishing communication connection among the node devices connected with each other, registering, adding the node devices connected with each other into a neighbor device list of the other party, and forming a communication diagram of a device group S by the communication connection of N node devices;
for two interconnected node devices, the registration process is: generating a communication key between the two, exchanging and verifying a software configuration abstract certificate of the other party;
(3) When the verifier needs to verify the security of the device group S, a communication identifier q is generated, and a node device for transmitting q is selected from the device group S and marked as an initial device D S ;
(4) From D S Firstly, constructing a spanning tree in a communication diagram by q, wherein the spanning tree comprises (41) - (44);
(41) Presetting a receiving time t 0 D is to S As the root node of the spanning tree, to D S Is broadcast q by a neighbor device;
(42) Neighbor device at t 0 Receiving communication identifier q, if received, triggering execution of spanning tree protocol, D S Wherein a neighbor device D k The method for executing the spanning tree protocol comprises the following steps:
(42-1)D k at t 0 Receiving a communication identifier q, recording node equipment sent by the communication identifier q in time sequence, marking the first node as a main father node, and marking the rest nodes as standby father nodes;
(42-2) the Master parent node will D k Recording as own child node;
(43) To the next level topology:
D k is A k ,D k To A k Broadcasting q by other neighbor devices except the main father node to trigger the corresponding node device to execute the spanning tree protocol;
(44) Step-by-step downward topology until leaf nodes are generated;
(5) Verifying the equipment group S step by step from the leaf node to the root node, specifically;
(51) Determining a father node for each child node, wherein the father node is one of a main father node or a standby father node of the child node;
(52) Starting from the leaf node, the child node sends self-signed security verification information to the parent node, and the parent node obtains a verification result after security verification;
(53) Generating a verification report by the father node after obtaining verification results of all child nodes, forming an information packet by the verification report and safety verification information of the father node, sending the information packet to the father node, wherein the father node sending the information packet is a subordinate father node, and the father node receiving the information packet is an superordinate father node;
(54) The upper parent node performs security verification on the security verification information of the lower parent node to obtain a verification result, and accumulates the verification report sent by the lower parent node upwards until the information packet Jing Gen node is sent to a verifier;
(55) The verifier performs security verification on the security verification information of the root node to obtain a verification result of the root node, and receives a verification report sent from the root node.
In the invention, the node devices are the same type devices or heterogeneous devices, and each node device at least comprises a read-only memory, a memory protection unit and a clock with a write protection function.
In step (1), for a node device:
an initial software configuration digest c, generated by a hash function for each node device according to the initial software configuration;
a software configuration digest certificate cert (c), a certificate that signs the initial software configuration digest c for the network administrator OP using its public key PKo;
in the signature key pair (SK, PK), SK is a private key of the node equipment, and PK is a public key of the node equipment;
the identity certificate cert (PK) is a certificate signed by the network manager OP using its public key PKo.
The step (22) forms a communication diagram specifically;
(b1) Two node devices are selected from N node devices to form a device group S;
(b2) Selecting whether to connect and executing a registration protocol according to the connection relation of the two node devices;
if the two are connected, establishing communication connection between the two, executing a registration protocol, and mutually joining into a neighbor device list of the other party; otherwise, not executing the operation;
(b3) Adding S from one node device selected from N-2 node devices, selecting whether to connect and executing a registration protocol according to the connection relation between the node device and other node devices in the S;
(b4) And adding the rest node devices into the S in turn, and forming a communication diagram of the device group S by the communication connection relation of the N node devices.
Step (51) determining that the parent node is specifically;
(a1) Presetting a receiving time t 1 ;
(a2) The child node sends security verification information to the main parent node, if the main parent node receives the security verification information, the child node returns confirmation information, otherwise, the child node does not return;
(a3) Child node at t 1 Waiting for confirmation information in the duration, if the confirmation information is received, taking the main father node as the father node, otherwise, marking the main father node as an unvented node, and executing the step (a 4);
(a4) Traversing the standby father node, finding a child node, after sending the security verification information, returning the confirmation information and at t 1 And the standby parent node received by the child node in the duration is used as the parent node.
In step (52), the child node sends the security verification information signed by itself to the parent node specifically:
for a child node D j Its father node is D i ,D j To D i Transmitted security verification information M j Comprises D j Heartbeat message hb j Verification message u j Software-configured digest certificate cert (c) j ) Information category;
said heartbeat message hb j From ID j 、t j 、c j ' and cert (c) j ) A constitution in which ID j For D j Device ID, t of (a) j For D j To D i Time stamp for transmitting security verification information, c j ' configure digest for current software, is D j Generating through a hash function according to the current software configuration;
the verification message u j From hb j Through D j And D i Inter-communication key k ij Encrypting by using a MAC algorithm;
the information category includes a verification request;
D j for M j Is signed HB j = sign(SK j ; hb j , u j , MSGTYPE=req);
Wherein SK is j For D j Msgtype=req represents M j Is an authentication request.
In addition, it should be noted that when a node device changes in position or a node device is newly added, the communication connection of the original communication diagram is disconnected, and the communication diagram of the device group S is regenerated in step (2).
Regarding the initialization of the node device in step (1): each node device of the invention is initialized by the network manager OP, and for the node device D i Network manager OP uses software configuration c i Software configuration digest certificate cert (c) initialized and signed by network manager OP i ) Verify to ensure c i Is D i Is provided. Each node device is initialized with the OP public key to later verify the software configuration digest certificates and identity certificates of the other node devices.
Regarding the neighbor device list: each node device has a neighbor list with an initial state of null. In step (22), the node devices are joined to the neighbor device list of the other party only after the communication connection is established between the node devices connected to each other and registered. The addition method is that, assume D i Broadcasting a collection information, and after receiving the collection information, replying a feedback information, D i After receiving the feedback information, the node equipment is added into a neighbor equipment list A i Is a kind of medium.
Registration with respect to step (22): in the present invention, when a device node device initially joins the device group S or changes its location, the newly joined node device will execute a registration protocol with all new neighbor devices. Suppose that an access node device D in device group S j The network manager accesses the new node device D again i In step (21), the two are in communication connection, D i For new access equipment, D j Is an accessed device.
D j 、D i During registration, D i And D j Generates a shared communication key k therebetween ij And represents a key set formed by communication authentication keys established by all neighbor devices accessed subsequently as K i . The establishment of the communication key may use D-based i Private key SK of (1) i 、D j Private key SK of (1) j 、D i Is certificate cert (PK) i )、D j Is identity certificate cert (P)K j ) Is accomplished using a key pre-allocation technique. After the two-device communication key is constructed, the two parties establish a use k ij An encryption channel is formed to exchange the subsequent safety information data, D j Will accept D i Sent software configuration digest certificate cert (c) i ) Come to learn D i Initial software configuration digest c of (2) i At the same time, the software configuration digest certificate cert (c j ) Transmitting D i Newly added node device D i Will and follow all accessed devices such as D k All of the above operations are performed, if the certificate verification is successful, D will be k Initial software configuration digest c of (2) k The method is stored so as to facilitate the follow-up verification of the proving report of the neighbor device; if the authentication fails, the device is not accepted as a new neighbor.
Regarding spanning tree protocol: in the spanning tree protocol designed by the invention, the maximum limit is not set for the number of the child nodes, because the limit for the number of the child nodes can cause that some devices can not be correctly added into the spanning tree under the condition of huge number of node devices.
Regarding the step-by-step verification of the device group S in the step (5), in the verification process, the child node sends its own security verification information to the parent node. For each subordinate father node, after the security verification of each corresponding child node is completed, the corresponding child node and the security verification information are sent to the superior father node for security verification, before each verification report is sent, the node checks whether the superior father node can pass, the superior father node returns a message to the subordinate father node after receiving the information, tells the subordinate father node that the verification information is received, and finally accumulates the verification report to the root node. During the verification process, the non-passable nodes are recorded in the non-passable node list and recorded together in the verification report.
Determining a parent node in step (51): each of the spanning trees is constructed from top to bottomThe child nodes all have own main father nodes, but when the verifier verifies, the node equipment can not communicate with the child nodes due to attack, disconnection and the like, and step (51) is adopted to reselect the father nodes from the standby father nodes, so that automatic path finding is realized. During selection, a standby father node can be selected first to see whether t is available 1 And if the confirmation information returned by the standby father node is received in the duration, the standby father node is directly used as the father node, and if the confirmation information is not received, a standby father node is selected again, and the judgment is reconfirmed according to the method.
In summary, the method of the present invention aims to ensure the security of group devices by collecting verification information of each node device by constructing a spanning tree in a communication graph, and accumulating verification reports from bottom to top from child nodes to verifiers. When the node equipment returns the verification report, if the situation that the father node equipment cannot communicate is met, a path-finding protocol is started, a standby node is found to resend the verification report, the expansibility and the safety of the group proving method can be effectively enhanced, and the group equipment can return more effective verification information, so that the management burden of a network manager is reduced, and meanwhile, the reliability and the safety of the whole system are also improved.
Example 2: referring to fig. 1-3, we present a specific method for verifying security of a device group based on node routing. In the present embodiment, a total of 8 device nodes, D1 to D8, respectively, are assumed.
(1) D1 to D8 are first initialized separately.
(2) Generating a communication map of the device group S, comprising steps (21) - (22).
(21) Selecting 8 node devices from D1 to D8, and setting the connection relation between each node device and the rest node devices; in fig. 2, we set that D1 is directly connected to D2, D3, D2 is connected to D1, D3, D4, D5, D3 is connected to D1, D2, D4 is connected to D6, and as shown in fig. 2, the connection modes are all preset.
(22) And establishing communication connection between the interconnected node devices, registering, and adding the interconnected node devices into a neighbor device list of the other party.
For D1, communication connection with D2 and D3 is required to be established and registered, and D2 and D3 are added into a neighbor device list of the device;
for D2, communication connection with D1, D3, D4 and D5 needs to be established and registered, and D1, D3, D4 and D5 are added into a neighbor device list of the device; and the communication diagram of the device group S is formed by processing the communication network up to D8 and finally forming a communication network by 8 nodes.
(3) When the verifier needs to verify the security of the device group S, a communication identifier q is generated, and a node device for transmitting q is selected from the device group S and marked as an initial device D S In this embodiment, D1 is selected as the initial device, and for convenience of description, D1 is directly used to denote the initial device D S 。
(4) Starting from D1, constructing a spanning tree in the communication diagram by q, and marking a father node and a standby father node in the construction process.
(5) The device group S is verified step by step from the leaf node to the root node, we take a leaf node D7 as an example, in fig. 2, D7 is a leaf node, its main father nodes are D4, and the standby father nodes are D6 and D8, including (51) - (54).
(51) For the leaf node D7, the parent node is determined, assuming that the leaf node D7 sends security verification information to D4, D4 can receive and return confirmation information, D4 at t 1 If the confirmation information is received in the duration, D4 is the father node, otherwise, the father node is selected from the standby nodes D6 and D8;
(52) Starting from D7, sending self-signed security verification information to D4, and obtaining a verification result after the D4 performs security verification;
(53) In fig. 2, all the child nodes D4 are D6 and D7, and after obtaining the verification results of all the child nodes, a verification report is generated, and the verification report and the security verification information of the child nodes form an information packet and are sent to the parent node D2 of the child nodes;
(54) And D2, carrying out security verification on the security verification information of the D4 to obtain a verification result, and accumulating the verification report sent by the D4 upwards until the information packet is sent to a verifier through the D1.
(55) And the verifier receives the information packet sent by the D1, and can obtain verification results of all the node devices accumulated upwards only by carrying out security verification on the D1 and acquiring the verification report accumulated to the D1.
The foregoing description of the preferred embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, and alternatives falling within the spirit and principles of the invention.
Claims (7)
1. The equipment group security verification method based on node path finding is characterized by comprising the following steps:
(1) Initializing node equipment;
initializing each node device, including: generating an initial software configuration digest c, a software configuration digest certificate cert (c), a signature key pair (SK, PK), an identity certificate cert (PK) and a neighbor device list for each node device, wherein the neighbor device list is empty and is used for storing neighbor devices of the node device, and the neighbor devices are node devices which are directly communicated with the node device;
(2) Generating a communication diagram of the device group S;
(21) Selecting N node devices, and setting the connection relation between each node device and the rest node devices;
(22) Establishing communication connection among the node devices connected with each other, registering, adding the node devices connected with each other into a neighbor device list of the other party, and forming a communication diagram of a device group S by the communication connection of N node devices;
for two interconnected node devices, the registration process is: generating a communication key between the two, exchanging and verifying a software configuration abstract certificate of the other party;
(3) When the verifier needs to verify the security of the device group S, a communication identifier q is generated, and a node device for transmitting q is selected from the device group S and marked as an initial device D S ;
(4) From D S Firstly, constructing a spanning tree in a communication diagram by q, wherein the spanning tree comprises (41) - (44);
(41) Presetting a receiving time t 0 D is to S As the root node of the spanning tree, to D S Is broadcast q by a neighbor device;
(42) Neighbor device at t 0 Receiving communication identifier q, if received, triggering execution of spanning tree protocol, D S Wherein a neighbor device D k The method for executing the spanning tree protocol comprises the following steps:
(42-1)D k at t 0 Receiving a communication identifier q, recording node equipment sent by the communication identifier q in time sequence, marking the first node as a main father node, and marking the rest nodes as standby father nodes;
(42-2) the Master parent node will D k Recording as own child node;
(43) To the next level topology:
D k is A k ,D k To A k Broadcasting q by other neighbor devices except the main father node to trigger the corresponding node device to execute the spanning tree protocol;
(44) Step-by-step downward topology until leaf nodes are generated;
(5) Verifying the equipment group S step by step from the leaf node to the root node, specifically;
(51) Determining a father node for each child node, wherein the father node is one of a main father node or a standby father node of the child node;
(52) Starting from the leaf node, the child node sends self-signed security verification information to the parent node, and the parent node obtains a verification result after security verification;
(53) Generating a verification report by the father node after obtaining verification results of all child nodes, forming an information packet by the verification report and safety verification information of the father node, sending the information packet to the father node, wherein the father node sending the information packet is a subordinate father node, and the father node receiving the information packet is an superordinate father node;
(54) The upper parent node performs security verification on the security verification information of the lower parent node to obtain a verification result, and accumulates the verification report sent by the lower parent node upwards until the information packet Jing Gen node is sent to a verifier;
(55) The verifier performs security verification on the security verification information of the root node to obtain a verification result of the root node, and receives a verification report sent from the root node.
2. The node-routing-based device group security verification method according to claim 1, wherein the node devices are devices of the same class or heterogeneous devices, each node device including at least a read-only memory, a memory protection unit, and a clock having a write protection function.
3. The node-routing-based device group security verification method of claim 1, wherein in step (1), for a node device:
an initial software configuration digest c, generated by a hash function for each node device according to the initial software configuration;
a software configuration digest certificate cert (c), a certificate that signs the initial software configuration digest c for the network administrator OP using its public key PKo;
in the signature key pair (SK, PK), SK is a private key of the node equipment, and PK is a public key of the node equipment;
the identity certificate cert (PK) is a certificate signed by the network manager OP using its public key PKo.
4. The node-based device group security verification method according to claim 1, wherein the step (22) forms a communication map specifically;
(b1) Two node devices are selected from N node devices to form a device group S;
(b2) Selecting whether to connect and executing a registration protocol according to the connection relation of the two node devices;
if the two are connected, establishing communication connection between the two, executing a registration protocol, and mutually joining into a neighbor device list of the other party; otherwise, not executing the operation;
(b3) Adding S from one node device selected from N-2 node devices, selecting whether to connect and executing a registration protocol according to the connection relation between the node device and other node devices in the S;
(b4) And adding the rest node devices into the S in turn, and forming a communication diagram of the device group S by the communication connection relation of the N node devices.
5. The node-based device group security verification method of claim 1, wherein step (51) determines that the parent node is in particular;
(a1) Presetting a receiving time t 1 ;
(a2) The child node sends security verification information to the main parent node, if the main parent node receives the security verification information, the child node returns confirmation information, otherwise, the child node does not return;
(a3) Child node at t 1 Waiting for confirmation information in the duration, if the confirmation information is received, taking the main father node as the father node, otherwise, marking the main father node as an unvented node, and executing the step (a 4);
(a4) Traversing the standby father node, finding a child node, after sending the security verification information, returning the confirmation information and at t 1 And the standby parent node received by the child node in the duration is used as the parent node.
6. The node-routing-based device group security verification method according to claim 1, wherein in step (52), the sending, by the child node, the self-signed security verification information to the parent node is specifically:
for a child node D j Its father node is D i ,D j To D i Transmitted security verification information M j Comprises D j Heartbeat message hb j Verification message u j Software-configured digest certificate cert (c) j ) Information category;
said heartbeat message hb j From ID j 、t j 、c j ' and cert (c) j ) A constitution in which ID j For D j Device ID, t of (a) j For D j To D i Time stamp for transmitting security verification information, c j ' configure digest for current software, is D j Generating through a hash function according to the current software configuration;
the verification message u j From hb j Through D j And D i Inter-communication key k ij Encrypting by using a MAC algorithm;
the information category includes a verification request;
D j for M j Is signed HB j = sign(SK j ; hb j , u j , MSGTYPE=req);
Wherein SK is j For D j Msgtype=req represents M j Is an authentication request.
7. The node-routing-based device group security verification method of claim 1, wherein when a node device changes in location or a node device is newly added, the communication connection of the original communication map is disconnected, and the communication map of the device group S is regenerated according to step (2).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311353330.4A CN117097488B (en) | 2023-10-19 | 2023-10-19 | Equipment group security verification method based on node path finding |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311353330.4A CN117097488B (en) | 2023-10-19 | 2023-10-19 | Equipment group security verification method based on node path finding |
Publications (2)
Publication Number | Publication Date |
---|---|
CN117097488A true CN117097488A (en) | 2023-11-21 |
CN117097488B CN117097488B (en) | 2023-12-19 |
Family
ID=88775507
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311353330.4A Active CN117097488B (en) | 2023-10-19 | 2023-10-19 | Equipment group security verification method based on node path finding |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117097488B (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120237033A1 (en) * | 2011-03-16 | 2012-09-20 | Yasuyuki Tanaka | Node, a root node, and a computer readable medium |
CN103501484A (en) * | 2004-08-16 | 2014-01-08 | 高通股份有限公司 | Methods and apparatus for managing group membership for group communications |
CN110022312A (en) * | 2019-03-20 | 2019-07-16 | 杭州职业技术学院 | One kind being used for the prolongable lightweight method of proof of internet of things equipment |
US20190319801A1 (en) * | 2019-06-28 | 2019-10-17 | Intel Corporation | Efficient post-quantum anonymous attestation with signature-based join protocol and unlimited signatures |
CN114168703A (en) * | 2021-11-17 | 2022-03-11 | 南方电网科学研究院有限责任公司 | Group encrypted data retrieval method |
CN114244499A (en) * | 2020-09-09 | 2022-03-25 | 如般量子科技有限公司 | Group communication method and system based on tree structure symmetric key pool |
CN115001723A (en) * | 2021-02-20 | 2022-09-02 | 南京如般量子科技有限公司 | Group communication method and system based on tree structure and asymmetric key pool |
-
2023
- 2023-10-19 CN CN202311353330.4A patent/CN117097488B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103501484A (en) * | 2004-08-16 | 2014-01-08 | 高通股份有限公司 | Methods and apparatus for managing group membership for group communications |
US20120237033A1 (en) * | 2011-03-16 | 2012-09-20 | Yasuyuki Tanaka | Node, a root node, and a computer readable medium |
CN110022312A (en) * | 2019-03-20 | 2019-07-16 | 杭州职业技术学院 | One kind being used for the prolongable lightweight method of proof of internet of things equipment |
US20190319801A1 (en) * | 2019-06-28 | 2019-10-17 | Intel Corporation | Efficient post-quantum anonymous attestation with signature-based join protocol and unlimited signatures |
CN114244499A (en) * | 2020-09-09 | 2022-03-25 | 如般量子科技有限公司 | Group communication method and system based on tree structure symmetric key pool |
CN115001723A (en) * | 2021-02-20 | 2022-09-02 | 南京如般量子科技有限公司 | Group communication method and system based on tree structure and asymmetric key pool |
CN114168703A (en) * | 2021-11-17 | 2022-03-11 | 南方电网科学研究院有限责任公司 | Group encrypted data retrieval method |
Non-Patent Citations (2)
Title |
---|
RANG ZHOU等: "File-Centric Multi-Key Aggregate Keyword Searchable Encryption for Industrial Internet of Things", 《 IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS 》 * |
孙青等: "面向船联网的群组认证密钥协商协议设计", 《硕士电子期刊》 * |
Also Published As
Publication number | Publication date |
---|---|
CN117097488B (en) | 2023-12-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113194469B (en) | 5G unmanned aerial vehicle cross-domain identity authentication method, system and terminal based on block chain | |
CN111010376B (en) | Master-slave chain-based Internet of things authentication system and method | |
JP6406681B2 (en) | System and method for pre-association service discovery | |
EP2859700B1 (en) | Using neighbor discovery to create trust information for other applications | |
CN112039872A (en) | Cross-domain anonymous authentication method and system based on block chain | |
CN101326763B (en) | System and method for authentication of SP Ethernet aggregation networks | |
US20150149767A1 (en) | Method and system for authenticating the nodes of a network | |
US20190014531A1 (en) | Network Access Permission Management Method and Related Device | |
Xu et al. | BE-RAN: Blockchain-enabled open RAN with decentralized identity management and privacy-preserving communication | |
US11362837B2 (en) | Generating trustable RPL messages having root-signed rank values | |
CN112910861A (en) | Group authentication and segmented authentication-based authentication method for terminal equipment of power internet of things | |
He et al. | ROAchain: Securing route origin authorization with blockchain for inter-domain routing | |
Abduljabbar et al. | MAC-Based Symmetric Key Protocol for Secure Traffic Forwarding in Drones | |
CN113572765A (en) | Lightweight identity authentication key negotiation method for resource-limited terminal | |
KR100892616B1 (en) | Method For Joining New Device In Wireless Sensor Network | |
Wacker et al. | A new approach for establishing pairwise keys for securing wireless sensor networks | |
Weimerskirch et al. | Identity certified authentication for ad-hoc networks | |
CN117097488B (en) | Equipment group security verification method based on node path finding | |
Songshen et al. | Hash-Based Signature for Flexibility Authentication of IoT Devices | |
JP2023506463A (en) | Encrypted communication device and encrypted communication method | |
Martignon et al. | DSA‐Mesh: a distributed security architecture for wireless mesh networks | |
CN117201042B (en) | Automatic equipment verification method based on node information credibility metering | |
CN116389032B (en) | SDN architecture-based power information transmission link identity verification method | |
CN114726604B (en) | Multi-factor identity authentication method based on edge calculation and SDN under everything interconnection | |
Verma et al. | Progressive authentication in ad hoc networks |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |