CN117857061B - Wireless sensor network authentication method and system based on blockchain - Google Patents

Wireless sensor network authentication method and system based on blockchain Download PDF

Info

Publication number
CN117857061B
CN117857061B CN202410256740.5A CN202410256740A CN117857061B CN 117857061 B CN117857061 B CN 117857061B CN 202410256740 A CN202410256740 A CN 202410256740A CN 117857061 B CN117857061 B CN 117857061B
Authority
CN
China
Prior art keywords
value
key
user
gateway
registration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202410256740.5A
Other languages
Chinese (zh)
Other versions
CN117857061A (en
Inventor
莫家庆
申伟
林瑜华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhaoqing University
Original Assignee
Zhaoqing University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhaoqing University filed Critical Zhaoqing University
Priority to CN202410256740.5A priority Critical patent/CN117857061B/en
Publication of CN117857061A publication Critical patent/CN117857061A/en
Application granted granted Critical
Publication of CN117857061B publication Critical patent/CN117857061B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a wireless sensor network authentication method and system based on a blockchain, which belong to the technical field of information security, and the architecture of a gateway cluster, a registration center RA and a certificate issuing center CA which are provided with the blockchain is arranged to assist the registration and mutual authentication of a user and a wireless sensor, so that the decentralization, the power dispersion and the mutual restriction are realized, the problem that the user and the wireless sensor cannot be authenticated due to gateway invalidation when the gateway is excessively depended on a single gateway is prevented, the authentication process can be traced, and the judgment can be made under the condition of disputes; in addition, the method can also assist the user and the sensor to generate a shared session key based on Chebyshev chaotic mapping discrete logarithm problem, and solves the problem of poor flexibility of the gateway due to the adoption of a single key.

Description

Wireless sensor network authentication method and system based on blockchain
Technical Field
The invention relates to the technical field of information security, in particular to a wireless sensor network authentication method and system based on a blockchain.
Background
With the continuous development of scientific technology, wireless sensor network technology is mature with the rapid development of electronic technology and communication technology. The wireless sensor has certain information sensing and processing capabilities, is miniaturized and low-power, and has wide application prospects in the fields of Internet of things, telemedicine, industrial manufacturing, transportation, environment monitoring, intelligent home and the like. In wireless sensor networks, because of the limited transmission distance of the sensors, the collected data needs to be transmitted to the user through a gateway or a base station. In other words, the user needs to initiate access to and receive data from the sensor through the gateway. Because the wireless sensor is in a broadcasting form, namely, the data transmission and the data reception are realized through an open channel, the data transmission between the user and the wireless sensor is at risk of interception and tampering by an attacker, and meanwhile, privacy information such as the identity of the user can be intercepted and further utilized by the attacker, such as tracking the user or impersonating the user to log in a system, and in addition, with the development of a mobile communication technology, the user uses mobile equipment such as a mobile phone or a tablet computer to access the remote sensor anytime and anywhere. Since the wireless signals received and transmitted by the mobile device when accessing the remote wireless sensor are also transmitted in an open wireless channel, which definitely faces a greater security risk for communication between the user and the wireless sensor, it is extremely important to employ an appropriate authentication mechanism to ensure identity legitimacy of the user and the sensor and to prevent illegal access.
Various authentication protocol schemes for wireless sensor networks have been proposed at present, which, although capable of securing communication between a user and a wireless sensor, and purportedly satisfying various security requirements, still have the following drawbacks:
(1) The related information of the user or the mobile device and the wireless sensor is mainly stored on the gateway, and the user and the sensor can realize mutual authentication and generate a session key by using the secret information with the assistance of the gateway. Once all or part of this information is compromised, the authentication process between the user and the wireless sensor is not secure and even session keys generated now and in the future can be easily obtained by an attacker. That is, such authentication protocols have become vulnerable to security due to the excessive reliance on a single gateway.
(2) In some wireless sensor network authentication schemes, although the gateway is equipped with a blockchain to ensure mutual authentication of the user and the sensor, the gateway is dominant in the whole authentication process, either lacks an authoritative entity or is too single, and more so, authority is not restricted to each other. Multiple attacks can be initiated if the information stored by the gateway is obtained by the privileged insider, and thus these schemes risk a privileged insider attack.
(3) In order to pursue operational efficiency, the session keys generated by the communication participants of most authentication protocols are currently mainly based on hash functions and are generated based on random numbers provided by the user and the sensor, respectively. The session key generation mode has two risks, namely, an attacker can infer two secret random numbers according to the information interacted among the eavesdropped user, gateway and sensor by combining some analysis methods such as side channel analysis, so that the session key is calculated, and the communication between the user and the sensor is free from secrets; secondly, for the key generated based on the hash function, an attacker can often guess the key by using a guessing attack method, so that an authentication protocol based on the pure hash function faces great risks.
(4) Traditional wireless authentication protocol communication participants often have difficulty in adjudicating when the identity of a user or a sensor is counterfeited and the like under the disputed condition, because the communication participants mainly store some secret parameters for assisting authentication in a gateway without an additional method for judging the authenticity of the identity of the communication participants.
(5) Only one key pair exists in a gateway of a wireless authentication protocol of a traditional base public key cryptosystem, if a private key in the gateway is revealed, the last defending line of the whole system is broken, and the whole system is not safe any more.
In summary, the prior art has the problems that the information storage is excessively dependent on a centralized platform such as a single gateway, is subject to attack by privileged insiders, only adopts a pure hash function for generating a session key to improve the operation efficiency, is difficult to judge when a dispute exists, and the like.
Disclosure of Invention
The present invention is directed to solving at least one of the technical problems existing in the related art. Therefore, the invention provides a wireless sensor network authentication method and system based on a blockchain.
The invention provides a wireless sensor network authentication method based on a blockchain, which comprises the following steps:
s1: setting a gateway cluster and customizing a blockchain for the gateway cluster;
s2: the registration center and the digital certificate issuing center respectively generate key pairs, each gateway in the gateway cluster is provided with a double key pair, and mobile equipment of a user generates the key pairs to finish system initialization;
S3: issuing a first digital certificate for a sensor node based on a registration center and a digital certificate issuing center, storing first transaction information at least comprising the digital certificate into a merck tree by the digital certificate issuing center, recording the first transaction information into a chain by the registration center through a gateway, and receiving feedback information of the first chain by a sensor and storing the feedback information into a memory to finish sensor registration;
S4: issuing a second digital certificate for the user based on the registration center and the digital certificate issuing center, storing second transaction information at least comprising the digital certificate into a merck tree by the digital certificate issuing center, recording the transaction information into a chain by the registration center through a gateway, and receiving a second chain feedback message by the user and storing the second chain feedback message into the mobile device so as to finish user registration;
S5: the gateway inquires transaction information based on the merck tree through intelligent contracts during sensor registration and user registration, and mutual authentication between a sensor end to be authenticated and a user end to be authenticated is carried out through the transaction information to obtain a session key.
According to the wireless sensor network authentication method based on the blockchain, the blockchain in the step S1 adopts a POW consensus mechanism.
According to the wireless sensor network authentication method based on the blockchain, the step S2 further comprises the following steps:
S21: the registration center generates a registration key pair, and the digital certificate issuing center generates an issuing key pair;
s22: the registration center broadcasts a public key of the registration key pair in a network, and the digital certificate issuing center broadcasts a public key of the issuing key pair in the network;
s23: setting a double key pair for a single gateway in the gateway cluster, wherein the double key pair comprises a first key pair and a second key pair;
s24: the mobile equipment of the user generates a key pair of the user and completes the system initialization.
According to the wireless sensor network authentication method based on the blockchain, the step S23 further comprises the following steps:
S231: a single gateway in a gateway cluster generates a first key pair, and the expression of the first key pair is:
Wherein, Is the firstThe public key of the first key pair corresponding to the gateway,Is the firstPrivate keys in the first key pair corresponding to the gateway;
S232: setting a main key in a second key pair, setting a large prime number and Chebyshev polynomial parameters, and calculating to obtain a public key in the second key pair through the Chebyshev polynomial parameters to obtain a second key pair, wherein the expression of the second key pair is as follows:
Wherein, Is the firstThe public key of the second key pair corresponding to the gateway,For chebyshev polynomial parameters,Is the firstThe master key in the second key pair corresponding to the gateway,Is as the parameter ofA kind of electronic deviceAn order chebyshev polynomial;
s233: and the gateways in the gateway cluster store the private key of the first key pair, the main key and the large prime number of the second key pair, and publish and broadcast the public key of the first key pair, the public key of the second key pair and the Chebyshev polynomial parameters.
According to the wireless sensor network authentication method based on the blockchain, the step S3 further comprises the following steps:
S31: the sensor node generates a self secret key pair, selects a first random number for encryption, and sends a registration message to a registration center after obtaining a first encryption value and a first digital signature, wherein the expression of the registration message is as follows:
Wherein, Is the firstThe public key of the individual sensor nodes,For the first encryption value to be the first encryption value,As a result of the first random number,A first digital signature obtained for calculation;
Wherein, Is the firstThe private key of the individual sensor node,For use ofGenerating a contextIs a digital signature of the (c) code,Is the firstIndividual sensor nodesIs provided with an identification of (a),As a public key of the registry,To use keysFor a pair ofAnd (3) withAsymmetric encryption is performed;
S32: after receiving the registration message, the registration center decrypts the first encryption value by using the private key of the registration center, and obtains a first digital signature through decryption of the public key of the sensor node for verification, if the verification is not passed, the session is terminated, and if the verification is passed, the step S33 is executed;
S33: the registration center calculates and obtains a specific identity value, a second digital signature and a second encryption value of the sensor node, and sends a conversion message to the digital certificate authority, wherein the expression of the conversion message is as follows:
Wherein, Is the firstThe specific identity value corresponding to each sensor node,For the second digital signature to be signed,Is the second encrypted value;
Wherein, As a private key of the registry,For use ofGenerating a contextIs a digital signature of the (c) code,A public key of a digital certificate authority,To use keysFor a pair ofThe asymmetric encryption is performed such that,As a function of the hash-up,Performing bit connection operation;
S34: after the digital certificate issuing center receives the conversion message, decrypting the second encryption value by using a private key of the digital certificate issuing center, obtaining a second digital signature through public key decryption of the registration center, verifying the second digital signature, terminating the session if the verification is not passed, and executing step S35 if the verification is passed;
S35: the digital certificate issuing center generates a digital certificate and sends the digital certificate to the registration center, wherein the expression of the digital certificate is as follows:
Wherein, Is the firstA digital certificate of the individual sensor node,For the time of issuance of the certificate,Is a certificate validity period;
S36: after receiving the digital certificate, the registration center packages transaction information and inserts the transaction information into a merck tree, and simultaneously records path information for storing the transaction information, and then the registration center sends a certificate reply message to the sensor node, wherein the expression of the certificate reply message is as follows:
Wherein, In order to be able to trade the time of the transaction,To preserve the firstPath information when transaction information of each sensor node is carried out;
S37: after receiving the certificate reply message and storing the certificate reply message in a sensor memory, the sensor node replies a registration completion message to the gateway, wherein the expression of the registration completion message is as follows:
Wherein, Registering function names for sensor nodes defined in a blockchain smart contract,For the third encryption value to be the same,Is the firstThe public key of the first key pair corresponding to the gateway,To use keysFor a pair ofAnd (3) withAsymmetric encryption is performed;
s38: after receiving the registration completion message, the gateway decrypts the third encrypted value through the private key in the first key pair to obtain the path information, activates the merck tree leaf node pointed by the intelligent contract to inquire the path information whether the specific identity value exists, if not, terminates the session, and if so, executes step S39;
s39: the gateway selects a second random number, encrypts the specific identity value, stores the second random number into a merck tree according to the path information, selects an accounting node through a consensus algorithm, links the transaction information, and sends a link-in completion message to a sensor node, wherein the link-in completion message has the expression:
Wherein, As a result of the first hash value being a first hash value,For the fourth encryption value,For the third digital signature to be a digital signature,As a result of the second random number,To use keysFor a pair ofAnd (3) withThe asymmetric encryption is performed such that,Is the firstThe public key of the second key pair corresponding to the gateway,For chebyshev polynomial parameters,For use ofGenerating a contextAnd (3) withIs a digital signature of (a);
After receiving the link completion message, the sensor node decrypts the fourth encrypted value by using the private key of the sensor node to obtain a first decrypted hash value corresponding to the first hash value, verifies that the first hash value is not equal to the first decrypted hash value, terminates the session, and stores the sensor node registration information into the sensor node memory if the first hash value is not equal to the first decrypted hash value, wherein the expression of the sensor node registration information is as follows:
according to the wireless sensor network authentication method based on the blockchain, all process information is transmitted in a secure channel in the sensor registration in the step S3 and the user registration in the step S4.
According to the wireless sensor network authentication method based on the blockchain, the step S5 further comprises the following steps:
S51: the user inputs a user identity and a first user password, a first identity value is obtained through calculation, whether the first identity value is equal to an identity value stored when the user registers or not is judged, if not, the user is refused to log in, if so, a login request message is sent to a gateway, and the expression of the login request message is as follows:
Wherein, As a value of the first parameter it is,As a value of the second parameter, a second parameter value,As a value of the third parameter,For a user authentication function name defined in the smart contract,Is a first timestamp;
Wherein, As a result of the third random number,Is as the parameter ofA kind of electronic deviceThe order chebyshev polynomials,Is the firstThe particular identity value to which the individual user corresponds,Is the firstThe specific identity value corresponding to each sensor node,For the second hash value of the first hash value,Is the firstThe path information corresponding to the individual users is provided,Is the firstPath information corresponding to the individual sensor nodes,Is as the parameter ofA kind of electronic deviceAn order chebyshev polynomial;
s52: the gateway receives the login request message, verifies whether the first timestamp is valid, starts an intelligent contract if the first timestamp is valid, sequentially verifies the second hash value and the third parameter value according to the received login request message, and sends a first authentication message to the sensor node after acquiring transaction information in the merck tree query if both the second hash value and the third parameter value pass the verification, wherein the expression of the first authentication message is as follows:
Wherein, For the corresponding value of the first parameter value in the received login request message,As a value of the fourth parameter,As a value of the fifth parameter,Is a second timestamp;
Wherein, As a result of the second random number,To use keysFor a pair ofThe asymmetric encryption is performed such that,For the first of the received login request messagesCorresponding values of the specific identity values corresponding to the sensor nodes;
S53: after the sensor node receives the first authentication message, checking the validity of the second timestamp, if the second timestamp is valid, decrypting the fourth parameter value through the private key of the sensor node and verifying the fifth parameter value, and if the second parameter value passes the verification, calculating a first session key and sending a second authentication message to the gateway node, wherein the expression of the second authentication message is as follows:
Wherein, As a value of the sixth parameter,As a value of the seventh parameter,As a value of the eighth parameter,Authentication function names for the sensors defined in the smart contracts,Is a third timestamp;
Wherein, For the fourth random number, the first random number,Is as the parameter ofA kind of electronic deviceThe order chebyshev polynomials,For the corresponding value of the second random number in the received first authentication message,For the corresponding value of the first parameter value corresponding value in the first authentication message,Is as the parameter ofA kind of electronic deviceThe order chebyshev polynomials,Calculated first for sensor endA first session key for the individual user;
S54: after receiving the second authentication message, the gateway node checks the validity of the third timestamp, if the third timestamp is valid, the seventh parameter value is verified, and if the seventh parameter value passes the verification, the third authentication message is sent to the user, and the expression of the third authentication message is:
Wherein, For the corresponding value of the sixth parameter value in the received second authentication message,For the corresponding value of the eighth parameter value in the received second authentication message,As a value of the ninth parameter it is,For the corresponding value of the third timestamp in the received second authentication message,Is a fourth timestamp;
Wherein, Is the firstInquiring corresponding values of specific identity values corresponding to the individual users;
S55: after receiving the third authentication message, the mobile device of the user checks the validity of the fourth timestamp, if the fourth timestamp is valid, the ninth parameter value is verified, if the verification is passed, the second session key is calculated and the corresponding value of the eighth parameter value is verified, if the verification is passed, the second session key is accepted as the session key of the sensor end to be authenticated and the user end to be authenticated, and the expression of the second session key is:
Wherein, A second session key with the sensor node calculated for the user side,For the corresponding value of the sixth parameter value in the received third authentication message,Is as the parameter ofA kind of electronic deviceAn order chebyshev polynomial.
According to the wireless sensor network authentication method based on the blockchain, the step S5 further comprises the following steps:
When the user needs to change the user password, a second user password is input, a second identity value is obtained through calculation, whether the second identity value is equal to the identity value stored in the registration of the user or not is judged, if not, the session is terminated, if so, a new password is received, and the identity value is recalculated to replace the original identity value.
The invention also provides a wireless sensor network authentication system based on the blockchain, which is used for executing the wireless sensor network authentication method based on the blockchain, and comprises the following steps:
The system comprises a registration center, a digital certificate issuing center, a gateway cluster comprising a plurality of gateway nodes and a blockchain configured according to the gateway cluster;
the system also comprises a user and a plurality of sensors, wherein the user uses the mobile device, and the sensors are wireless sensors;
The system formed by the registration center, the digital certificate issuing center, the gateway cluster and the blockchain can be used for registration and mutual authentication between a user and a sensor.
The invention provides a wireless sensor network authentication method and a system based on a blockchain, which provide an authentication protocol, a gateway cluster provided with the blockchain, a registration center RA and a certificate issuing center CA are arranged, decentralization and mutual restriction of rights are realized, transaction information is saved in the blockchain by using intelligent contracts in the registration and authentication processes to ensure traceability of the authentication process, the authentication process can be judged when the certificate containing RA and CA digital signatures is ensured to be in dispute, a session key is generated based on discrete mathematical problems by using a chaotic mapping public key technology to ensure that an attacker is difficult to guess, and each gateway in the gateway cluster is provided with double keys respectively for digital signatures and assisted authentication, so that the overall security of the system is improved.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
In order to more clearly illustrate the invention or the technical solutions of the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described, and it is obvious that the drawings in the description below are some embodiments of the invention, and other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of a wireless sensor network authentication method based on blockchain provided by the invention;
fig. 2 is a schematic diagram of a wireless sensor network authentication system based on blockchain.
Reference numerals:
100. A user; 200. a registry; 300. a digital certificate issuing center; 400. a gateway cluster; 500. a blockchain; 600. a sensor.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention. The following examples are illustrative of the invention but are not intended to limit the scope of the invention.
In the description of the embodiments of the present invention, it should be noted that the terms "center", "longitudinal", "lateral", "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", etc. indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, are merely for convenience in describing the embodiments of the present invention and simplifying the description, and do not indicate or imply that the apparatus or elements referred to must have a specific orientation, be configured and operated in a specific orientation, and thus should not be construed as limiting the embodiments of the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In describing embodiments of the present invention, it should be noted that, unless explicitly stated and limited otherwise, the terms "coupled," "coupled," and "connected" should be construed broadly, and may be either a fixed connection, a removable connection, or an integral connection, for example; can be mechanically or electrically connected; can be directly connected or indirectly connected through an intermediate medium. The specific meaning of the above terms in embodiments of the present invention will be understood in detail by those of ordinary skill in the art.
In embodiments of the invention, unless expressly specified and limited otherwise, a first feature "up" or "down" on a second feature may be that the first and second features are in direct contact, or that the first and second features are in indirect contact via an intervening medium. Moreover, a first feature being "above," "over" and "on" a second feature may be a first feature being directly above or obliquely above the second feature, or simply indicating that the first feature is level higher than the second feature. The first feature being "under", "below" and "beneath" the second feature may be the first feature being directly under or obliquely below the second feature, or simply indicating that the first feature is less level than the second feature.
In the description of the present specification, a description referring to terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the embodiments of the present invention. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, the different embodiments or examples described in this specification and the features of the different embodiments or examples may be combined and combined by those skilled in the art without contradiction.
Embodiments of the present invention are described below with reference to fig. 1 to 2.
The invention provides a wireless sensor network authentication method based on a blockchain, which comprises the following steps:
s1: setting a gateway cluster and customizing a blockchain for the gateway cluster;
Wherein, the blockchain in step S1 adopts a POW consensus mechanism.
S2: the registration center and the digital certificate issuing center respectively generate key pairs, each gateway in the gateway cluster is provided with a double key pair, and mobile equipment of a user generates the key pairs to finish system initialization;
wherein, step S2 further comprises:
S21: the registration center generates a registration key pair, and the digital certificate issuing center generates an issuing key pair;
s22: the registration center broadcasts a public key of the registration key pair in a network, and the digital certificate issuing center broadcasts a public key of the issuing key pair in the network;
s23: setting a double key pair for a single gateway in the gateway cluster, wherein the double key pair comprises a first key pair and a second key pair;
wherein, step S23 further comprises:
S231: a single gateway in a gateway cluster generates a first key pair, and the expression of the first key pair is:
Wherein, Is the firstThe public key of the first key pair corresponding to the gateway,Is the firstPrivate keys in the first key pair corresponding to the gateway;
S232: setting a main key in a second key pair, setting a large prime number and Chebyshev polynomial parameters, and calculating to obtain a public key in the second key pair through the Chebyshev polynomial parameters to obtain a second key pair, wherein the expression of the second key pair is as follows:
Wherein, Is the firstThe public key of the second key pair corresponding to the gateway,For chebyshev polynomial parameters,Is the firstThe master key in the second key pair corresponding to the gateway,Is as the parameter ofA kind of electronic deviceAn order chebyshev polynomial;
S233: gateways in a gateway cluster store a private key of the first key pair, a main key and a large prime number of the second key pair, and publish and broadcast a public key of the first key pair, a public key of the second key pair and Chebyshev polynomial parameters;
s24: the mobile equipment of the user generates a key pair of the user and completes the system initialization.
The detailed procedure of the system initialization phase of steps S1 to S2 is exemplified below.
(1A) And setting the GWN cluster, customizing a block chain, and adopting the POW as a consensus mechanism.
(1B) The CA and RA generate key pairs (Pub_CA, pri_CA) and (Pub_RA, pri_RA), respectively, while broadcasting their public keys Pub_CA and Pub_RA, respectively, within the network.
(1C) GWN j (representing the j-th gateway in the GWN cluster) sets two key pairs for registration and authentication, respectively. First a first key pair (pub_gj1, pri_gj1) is generated, and then a second key pair is generated by: setting a master key K Gj, a large prime number alpha, a Chebyshev polynomial parameter beta E (- ≡, ++ infinity), public key pub_gj2=t KGj is calculated). Finally, the private keys Pri_Gj1 and (K Gj, alpha) are kept secret, and the public keys pub_Gj1 and { pub_Gj2, beta } are published and broadcasted.
(1D) The mobile device of user U i generates its own key pair (pub_ui, pri_ui).
S3: issuing a first digital certificate for a sensor node based on a registration center and a digital certificate issuing center, storing first transaction information at least comprising the digital certificate into a merck tree by the digital certificate issuing center, recording the first transaction information into a chain by the registration center through a gateway, and receiving feedback information of the first chain by a sensor and storing the feedback information into a memory to finish sensor registration;
Wherein, step S3 further comprises:
S31: the sensor node generates a self secret key pair, selects a first random number for encryption, and sends a registration message to a registration center after obtaining a first encryption value and a first digital signature, wherein the expression of the registration message is as follows:
Wherein, Is the firstThe public key of the individual sensor nodes,For the first encryption value to be the first encryption value,As a result of the first random number,A first digital signature obtained for calculation;
Wherein, Is the firstThe private key of the individual sensor node,For use ofGenerating a contextIs a digital signature of the (c) code,Is the firstIndividual sensor nodesIs provided with an identification of (a),As a public key of the registry,To use keysFor a pair ofAnd (3) withAsymmetric encryption is performed;
S32: after receiving the registration message, the registration center decrypts the first encryption value by using the private key of the registration center, and obtains a first digital signature through decryption of the public key of the sensor node for verification, if the verification is not passed, the session is terminated, and if the verification is passed, the step S33 is executed;
S33: the registration center calculates and obtains a specific identity value, a second digital signature and a second encryption value of the sensor node, and sends a conversion message to the digital certificate authority, wherein the expression of the conversion message is as follows:
Wherein, Is the firstThe specific identity value corresponding to each sensor node,For the second digital signature to be signed,Is the second encrypted value;
Wherein, As a private key of the registry,For use ofGenerating a contextIs a digital signature of the (c) code,A public key of a digital certificate authority,To use keysFor a pair ofThe asymmetric encryption is performed such that,As a function of the hash-up,Performing bit connection operation;
S34: after the digital certificate issuing center receives the conversion message, decrypting the second encryption value by using a private key of the digital certificate issuing center, obtaining a second digital signature through public key decryption of the registration center, verifying the second digital signature, terminating the session if the verification is not passed, and executing step S35 if the verification is passed;
S35: the digital certificate issuing center generates a digital certificate and sends the digital certificate to the registration center, wherein the expression of the digital certificate is as follows:
Wherein, Is the firstA digital certificate of the individual sensor node,For the time of issuance of the certificate,Is a certificate validity period;
S36: after receiving the digital certificate, the registration center packages transaction information and inserts the transaction information into a merck tree, and simultaneously records path information for storing the transaction information, and then the registration center sends a certificate reply message to the sensor node, wherein the expression of the certificate reply message is as follows:
Wherein, In order to be able to trade the time of the transaction,To preserve the firstPath information when transaction information of each sensor node is carried out;
S37: after receiving the certificate reply message and storing the certificate reply message in a sensor memory, the sensor node replies a registration completion message to the gateway, wherein the expression of the registration completion message is as follows:
Wherein, Registering function names for sensor nodes defined in a blockchain smart contract,For the third encryption value to be the same,Is the firstThe public key of the first key pair corresponding to the gateway,To use keysFor a pair ofAnd (3) withAsymmetric encryption is performed;
s38: after receiving the registration completion message, the gateway decrypts the third encrypted value through the private key in the first key pair to obtain the path information, activates the merck tree leaf node pointed by the intelligent contract to inquire the path information whether the specific identity value exists, if not, terminates the session, and if so, executes step S39;
s39: the gateway selects a second random number, encrypts the specific identity value, stores the second random number into a merck tree according to the path information, selects an accounting node through a consensus algorithm, links the transaction information, and sends a link-in completion message to a sensor node, wherein the link-in completion message has the expression:
Wherein, As a result of the first hash value being a first hash value,For the fourth encryption value,For the third digital signature to be a digital signature,As a result of the second random number,To use keysFor a pair ofAnd (3) withThe asymmetric encryption is performed such that,Is the firstThe public key of the second key pair corresponding to the gateway,For chebyshev polynomial parameters,For use ofGenerating a contextAnd (3) withIs a digital signature of (a);
After receiving the link completion message, the sensor node decrypts the fourth encrypted value by using the private key of the sensor node to obtain a first decrypted hash value corresponding to the first hash value, verifies that the first hash value is not equal to the first decrypted hash value, terminates the session, and stores the sensor node registration information into the sensor node memory if the first hash value is not equal to the first decrypted hash value, wherein the expression of the sensor node registration information is as follows:
the detailed procedure of the sensor registration phase of step S3 is illustrated below.
(2A) The sensor node SN j generates its own key pair (pub_sn j,Pri_SNj), selects the random number N j, calculates S 1=SIGPri_SNj(Nj),A1=ASY_EPub_RA(SIDj,Nj), sends a message { pub_sn j,A1,Nj,S1 } to RA, where asy_e is an asymmetric encryption algorithm and subsequently occurring asy_d represents an asymmetric decryption algorithm.
(2B) Upon receipt of the message from SN j, RA invokes asy_d k () to decrypt a 1 with private key pri_ra (SID j,Nj) and verifies the digital signature S 1 with pub_sn j, if verification is not passed, terminating the session, otherwise computing PIDj=h(SIDj||Nj),S2=SIGPri_RA(Nj),A2=ASY_EPub_CA(Nj), then sends a message Trans j={Pub_SNj,PIDj,S2,A2 to CA, where PID j is used to verify the identity of the sensor in the specific case.
(2C) After receiving the message from the RA, the CA invokes asy_d k () to decrypt a 2 with the private key pri_ca to N j, then verifies the digital signature with pub_ra S 2, if the verification is not passed, terminates the session, otherwise generates a digital certificate Certj={Pub_SNj,PIDj,TIj,Tej,S2,SIGPri_CA(Nj)}, and then sends a message { Cert j }, where T Ij is the certificate issuance time and T ej is the certificate validity period, to the RA. The digital certificate Cert j already contains the digital signature information of the CA and RA, and can arbitrate the identity of the transactor in case of disputes.
(2D) After receiving the message sent from the CA, the RA packages the transaction information from the Trans j、Certj、Tj, inserts the transaction information into the merck tree as a leaf node, and records the Path information from the root node of the merck tree to the leaf node in the q_path j, so as to speed up the query in the subsequent query, where T j is the transaction time, and finally the RA sends a certificate reply message { Cert j,Tj,Q_Pathj } to the SN j.
(2E) SN j, upon receiving the message from RA, stores (Cert j,Tj,Q_Pathj,Nj) in memory, calculates a 3=ASY_EPub_Gj1(Q_Pathj,Nj), and then sends a message { PID j,SNFreg,Pub_SNj,A3}.SNFreg is the sensor node registration function name defined in blockchain smart contract TC to GWN j.
(2F) After receiving the message sent from SN j, GWN j calls asy_d k () to decrypt a 3 with private key pri_gj1 to obtain q_path j, activates smart contract TC, calls its SNF reg function, queries whether PID j is present in the transaction information according to the leaf node indicated by q_path j, if not, terminates the session, otherwise selects random number R j, and calculates V j=h(PIDj||Rj), stores R j in the leaf node indicated by q_path j, selects a billing node by consensus algorithm to record transaction information into a chain, then calculates a 4=ASY_EPub_SNj(Vj,(Pub_Gj2,β)),A5=SIGPri_Gj1(PIDj,Nj), and finally sends { a 4,A5,Vj } to SN j.
(2G) After receiving the message sent from the GWN j, the SN j calls asy_d k () to decrypt a 4 with the private key pri_sn j to obtain V j 'and (pub_gj2, β), determines whether V j' and the received V j are equal, if not, terminates the session, otherwise, stores (V j,A5, (pub_gj2, β)) in the memory.
S4: issuing a second digital certificate for the user based on the registration center and the digital certificate issuing center, storing second transaction information at least comprising the digital certificate into a merck tree by the digital certificate issuing center, recording the transaction information into a chain by the registration center through a gateway, and receiving a second chain feedback message by the user and storing the second chain feedback message into the mobile device so as to finish user registration;
In the sensor registration in step S3 and the user registration in step S4, all process information is transmitted in the secure channel.
Further, this stage, that is, the step S4 stage is a user registration stage, and a detailed procedure of the user registration stage is illustrated below.
(3A) User U i inputs ID i and PW i, selects random number N i, computes B 1=ASY_EPub_RA(IDi,Ni),B2=SIGPri_Ui(Ni), and then sends message pub_ui, B 1,B2 to RA.
(3B) Upon receipt of the message from U i, RA invokes asy_d k () to decrypt B 1 with private key pri_ra (ID i,Ni), and verifies digital signature B 2 with pub_ui, and if verification is not passed, terminates the session, otherwise the computation UIDi=h(IDi||Ni),B3=SIGPri_RA(Ni),B4=ASY_EPub_CA(Ni), then sends a message Trans i={Pub_Ui,UIDj,B3,B4 to CA, where UID i is used to verify the identity of the user in the specific case.
(3C) After receiving the message from the RA, the CA invokes asy_d k () to decrypt B 4 with the private key pri_ca to N i, then verifies the digital signature B 3 with pub_ra, if verification is not passed, terminates the session, otherwise generates the digital certificate Cert i={Pub_Ui,UIDi,TIi,Tei,B3,SIGPri_CA(Ni), and then sends the message Cert i to the RA, where T Ii is the certificate issuance time and T ei is the certificate validity period. The digital certificate Cert i already contains signature information of the CA and RA, and can be arbitrated by the identity of the transactor in case of disputes.
(3D) After receiving the message sent from the CA, the RA packages the transaction information of the Trans i、Certi、Ti, inserts the transaction information into the merck tree as a leaf node, and records the Path information from the root node of the merck tree to the leaf node in the q_path i, so as to speed up the query speed in the subsequent query, where T j is the transaction time. The RA sends a certificate reply message Cert i,Ti,Q_Pathi to U i.
(3E) After receiving the message from RA, U i stores (Cert i,Ti,Q_Pathi,Ni) in the mobile device, calculates B 5=ASY_EPub_Gj1(Q_Pathi), and then sends a message { UID i,UFreg,Pub_Ui,B5}.UFreg is the user registration function name defined in blockchain smart contract TC to GWN j.
(3F) After receiving the message from U i, GWN j calls asy_d k () to decrypt B 5 with private key pri_gj1 to obtain q_path i, activates smart contract TC, calls its UF reg function, queries whether UID i is present in the transaction information according to the leaf node indicated by q_path i, if not, terminates the session, otherwise selects random number R i, and calculates V i=h(UIDi||Ri), stores R i in the leaf node indicated by q_path i, selects the billing node by the consensus algorithm to record the transaction information into a chain, then calculates B 6=ASY_EPub_SNj(Vi,(Pub_Gj2,β)),B7=SIGPri_Gj1(UIDi,Ni), and finally sends { B 6,B7,Vi,PIDj,Q_Pathj } to U i.
(3G) After the U i receives the message from the GWN j, it invokes asy_d k () to decrypt B 6 with the private key pri_ui to obtain V i ', determines whether V i' and the received V i are equal, if not, terminates the session, otherwise calculates RPW i=ASY_EPub_Ui(PWi||Ni), and stores (V i,RPWi,B7,PIDj,Q_Pathj, (pub_gj2, β)) in the mobile device.
S5: the gateway inquires transaction information based on the merck tree through intelligent contracts during sensor registration and user registration, and mutual authentication between a sensor end to be authenticated and a user end to be authenticated is carried out through the transaction information to obtain a session key.
Wherein, step S5 further comprises:
S51: the user inputs a user identity and a first user password, a first identity value is obtained through calculation, whether the first identity value is equal to an identity value stored when the user registers or not is judged, if not, the user is refused to log in, if so, a login request message is sent to a gateway, and the expression of the login request message is as follows:
Wherein, As a value of the first parameter it is,As a value of the second parameter, a second parameter value,As a value of the third parameter,For a user authentication function name defined in the smart contract,Is a first timestamp;
Wherein, As a result of the third random number,Is as the parameter ofA kind of electronic deviceThe order chebyshev polynomials,Is the firstThe particular identity value to which the individual user corresponds,Is the firstThe specific identity value corresponding to each sensor node,For the second hash value of the first hash value,Is the firstThe path information corresponding to the individual users is provided,Is the firstPath information corresponding to the individual sensor nodes,Is as the parameter ofA kind of electronic deviceAn order chebyshev polynomial;
s52: the gateway receives the login request message, verifies whether the first timestamp is valid, starts an intelligent contract if the first timestamp is valid, sequentially verifies the second hash value and the third parameter value according to the received login request message, and sends a first authentication message to the sensor node after acquiring transaction information in the merck tree query if both the second hash value and the third parameter value pass the verification, wherein the expression of the first authentication message is as follows:
Wherein, For the corresponding value of the first parameter value in the received login request message,As a value of the fourth parameter,As a value of the fifth parameter,Is a second timestamp;
Wherein, As a result of the second random number,To use keysFor a pair ofThe asymmetric encryption is performed such that,For the first of the received login request messagesCorresponding values of the specific identity values corresponding to the sensor nodes;
S53: after the sensor node receives the first authentication message, checking the validity of the second timestamp, if the second timestamp is valid, decrypting the fourth parameter value through the private key of the sensor node and verifying the fifth parameter value, and if the second parameter value passes the verification, calculating a first session key and sending a second authentication message to the gateway node, wherein the expression of the second authentication message is as follows:
Wherein, As a value of the sixth parameter,As a value of the seventh parameter,As a value of the eighth parameter,Authentication function names for the sensors defined in the smart contracts,Is a third timestamp;
Wherein, For the fourth random number, the first random number,Is as the parameter ofA kind of electronic deviceThe order chebyshev polynomials,For the corresponding value of the second random number in the received first authentication message,For the corresponding value of the first parameter value corresponding value in the first authentication message,Is as the parameter ofA kind of electronic deviceThe order chebyshev polynomials,Calculated first for sensor endA first session key for the individual user;
S54: after receiving the second authentication message, the gateway node checks the validity of the third timestamp, if the third timestamp is valid, the seventh parameter value is verified, and if the seventh parameter value passes the verification, the third authentication message is sent to the user, and the expression of the third authentication message is:
Wherein, For the corresponding value of the sixth parameter value in the received second authentication message,For the corresponding value of the eighth parameter value in the received second authentication message,As a value of the ninth parameter it is,For the corresponding value of the third timestamp in the received second authentication message,Is a fourth timestamp;
Wherein, Is the firstInquiring corresponding values of specific identity values corresponding to the individual users;
S55: after receiving the third authentication message, the mobile device of the user checks the validity of the fourth timestamp, if the fourth timestamp is valid, the ninth parameter value is verified, if the verification is passed, the second session key is calculated and the corresponding value of the eighth parameter value is verified, if the verification is passed, the second session key is accepted as the session key of the sensor end to be authenticated and the user end to be authenticated, and the expression of the second session key is:
Wherein, A second session key with the sensor node calculated for the user side,For the corresponding value of the sixth parameter value in the received third authentication message,Is as the parameter ofA kind of electronic deviceAn order chebyshev polynomial.
The detailed procedure of the authentication phase in step S5 is exemplified below.
(4A) User U i inputs ID i and PW i, the mobile device calculates RPW i=ASY_EPub_Ui(PWi||Ni), determines whether RPW i and stored RPW i are equal, if not, denies user login, otherwise selects random number a1 and timestamp TS 1, calculates W1=Ta1(β),M1=(UIDi||PIDj||Vi||TS1||Q_Pathi||Q_Pathj)⊕Ta1(Pub_Gj2),V1=h(UIDi||Vi||W1||TS1), and then sends login request message { W 1,M1,V1,UFauth,TS1 } to GWN j. Where UF auth is the user authentication function name defined in the smart contract TC.
(4B) After the GWN j receives the message { W 1',M1',V1',UFauth',TS1 ' } sent by U i (note: received W 1 is not necessarily equal to transmitted W 1, so received W 1 is denoted by W 1 ', meaning of the next other symbols is similar to this expression), the validity of TS 1 ' is checked first, if TS 1 ' is invalid, the session is terminated, otherwise the GWN j starts TC, invokes UF auth ' function, by calculating M 1'⊕TKGj(W1 '), (UID i',PIDj',Vi',TS1'',Q_Pathi',Q_Pathj') was obtained. TC finds R i in the merck tree's leaf node transaction information according to UID i ' and Q_Path i ', and determines whether equation V i'=h(UIDi'||Ri) is true, if not, the session is terminated, otherwise, whether equation V 1'=h(UIDi'||Vi'||W1'||TS1 ″ is true, if not, the session is terminated, otherwise, the transaction information is queried in the merck tree according to PID j ' and Q_Path j ', and R j and a selection timestamp TS 2 are taken out, the calculation M2=ASY_EPub_SNj(Rj),V2=h(Rj||PIDj'||W1'||TS2), sends a message { W 1',V2,M2,TS2 } to the SN j.
(4C) After receiving the message { W 1'',V2',M2',TS2 '} sent by GWN j, SN j checks the validity of TS 2', if TS 2 'is invalid, then terminate the session, otherwise decrypt M 2 with private key Pri_SN j to obtain R j', determine whether V 2 'is equal to h (R j'||PIDj||W1'||TS2'), if not, terminate the session, otherwise select random number a2 and select timestamp TS 3, calculate session key SKSU=h(Ta2(W1'')||PIDj),W2=Ta2(β),V3=h(Rj'||W2||TS3),V4=h(W2||SKSU||W1''||TS3),, and finally send message { W 2,V3,V4,SNFauth,TS3 } to GWN j. Where SK SU is the session key calculated by the sensor end with U i and SNF auth is the sensor authentication function name defined in the smart contract TC.
(4D) After the GWN j receives the message { W 2',V3',V4',SNFauth',TS3 ' } sent by the SN j, checking the validity of TS 3 ', if TS 3 is invalid, terminating the session, otherwise activating TC and calling its SNF auth ' function, judging whether V 3 ' is equal to h (R j||W2'||TS3 '), if not, terminating the session, otherwise selecting a timestamp TS 4 and calculating V 5=h(UIDi'||W2'||TS4), and sending { W 2',V4',V5,TS3',TS4 } to U i.
(4E) After receiving the message { W 2'',V4'',V5',TS3'',TS4 '}, the mobile device of U i first checks the validity of TS 4', if TS 4 'is invalid, terminates the session, otherwise determines whether V 5'=h(UIDi||W2''||TS4' is true, terminates the session if it is not true, otherwise calculates SK US=(Ta1(W2'')||PIDj), and determines whether equation V 4'=h(W2''||SKUS||W1||TS3 ") is true, if it is not true, terminates the session, otherwise accepts SK US as the session key of U i and SN j. Wherein SK US is a session key calculated by the user with SN j.
Wherein, step S5 further comprises:
When the user needs to change the user password, a second user password is input, a second identity value is obtained through calculation, whether the second identity value is equal to the identity value stored in the registration of the user or not is judged, if not, the session is terminated, if so, a new password is received, and the identity value is recalculated to replace the original identity value.
The detailed procedure of the user password change phase is illustrated below.
(5A) The user enters the password PW i ', the mobile calculates RPW i'=ASY_EPub_Ui(PWi'||Ni), and determines if RPW i' is equal to RPW i stored on the mobile, and if not, terminates the session.
(5B) The user enters a new password PW i new, the mobile device calculates RPW i new=ASY_EPub_Ui(PWi new||Ni), and replaces RPW i with RPW i new.
The invention also provides a wireless sensor network authentication system based on the blockchain, which is used for executing the wireless sensor network authentication method based on the blockchain, and comprises the following steps:
A registry 200, a digital certificate authority 300, a gateway cluster 400 comprising a plurality of gateway nodes, and a blockchain 500 configured in accordance with the gateway cluster 400;
the mobile device also comprises a user 100 and a plurality of sensors 600, wherein the user 100 uses the mobile device, and the sensors 600 are wireless sensors;
The architecture based on the registry 200, the digital certificate authority 300, the gateway cluster 400, and the blockchain 500 allows for registration and mutual authentication between the user 100 and the sensor 600.
The advantageous effects that can be shown by the above-described embodiments of the present invention are described in detail below.
The system structure of the invention adopts three semi-authoritative entities of a GWN cluster, a registration center RA and a certificate issuing center CA, and issues a digital certificate jointly issued by the RA and the CA and a digital signature issued by the GWN j for users and sensors during registration, thereby realizing decentralization and rights dispersion, preventing single point invalidation caused by overrelying on a single gateway, and preventing secret information of the users and the sensors stored on the single gateway from being acquired by privileged insiders to cause authentication failure or the security problem of fake communication participants.
The certificate of the user and the sensor in the invention is not issued by CA alone, but issued by CA and RA jointly, meanwhile, the gateway GWN j issues digital signature for the registrant, when the identity needs to be authenticated under dispute, the authentication result needs to be presented by CA, RA and GWN j, and the authentication result is not judged by a single semi-authoritative entity, so that the possible fraud problem is avoided.
The registration process and the authentication process of the invention record transaction information into the leaves of the merck tree through intelligent contracts, and then select the update blockchain of the billing person according to a consensus mechanism, thereby realizing non-repudiation and traceability. In particular, both RA and GWN j need to record transaction information separately onto the corresponding leaf nodes of the merck tree during registration. The blockchain would normally need to be updated each time it is recorded to a leaf node, i.e., the same registration process of the present invention would need to update the blockchain twice in a conventional manner. The invention is designed to update the blockchain uniformly after GWN j modifies the merck leaf child node through the intelligent contract, namely, two updates are combined into one, so that a great amount of operation cost for updating the blockchain is reduced.
The gateway in the invention adopts the double key pair, one pair of keys is used for providing digital signature when the user and the sensor register and verifying the digital signature when the dispute exists, and the other pair of keys is used for assisting the mutual authentication of the user and the sensor and generating the session key, so that the huge risk of revealing the time private key by only using a single key is avoided, and the overall security of the system is improved.
The session key generated by the user and the wireless sensor is based on the chebyshev chaotic mapping public key cryptosystem, parameters W 1 and W 2 for generating the session key are transmitted on an open channel, and an attacker cannot calculate or guess the session key h (T a2(Ta1(β))||PIDj) from W 1(=(Ta1 (beta)) and W 2(=(Ta2 (beta)) due to discrete logarithm problems, unlike the method for generating the key based on a pure hash function, the method is easy to guess and attack. In addition, in public key cryptography, under the condition that the encryption strength of a public key cryptosystem based on chebyshev chaotic mapping is the same as that of a public key cryptosystem based on a common elliptic curve, the operation cost is only 1/3 of that of the public key cryptosystem based on the common elliptic curve, so that the operation cost of the authentication process is higher than that of a scheme based on a pure hash function, but the scheme is greatly superior to that of a technical scheme adopting the elliptic curve public key system, namely the operation cost is reduced while the safety is ensured.
The invention provides good safety attribute, for example, a user adds a time stamp TS 1,GWNj into a login message sent by GWN j, when verifying V 1, TS 1 is used as an embedded parameter to participate in verification, and replay attack can be prevented; generating a session key through three uncorrelated parameters of W 1、W2、PIDj, transmitting through a public channel, wherein PID j is hidden in M 1 for transmission, and an attacker cannot calculate parameters a1 or a2 from eavesdropped W 1 or W 2, cannot acquire PID j, and cannot calculate the session key in the form of h (T a2(W1)||PIDj), h (T a1(W2)||PIDj) or h (T a1(Ta2(β))||PIDj) due to discrete logarithm; because the user password is not stored on the GWN j and an attacker is extremely difficult to obtain the double-key pair of the GWN j at the same time, the invention can prevent the attack of privileged internal people; when the sensor node is registered, the information finally stored in the memory of the sensor node is only relevant to the node and is irrelevant to other nodes, namely if an attacker captures the node, the information of other nodes cannot be obtained according to the information of the node, so that the invention can defend the node capturing attack; three communication entities in the invention mutually verify that GWN j verifies the legitimacy of a user U i through V 1, a sensor SN j verifies the legitimacy of GWN j through V 2, GWN j verifies the legitimacy of SN j through V 3, a user U i verifies the legitimacy of GWN j through V 5, a user U i verifies the legitimacy of SN j through V 4, the attacker cannot deceive the receiver in a way of generating the verification, so the invention can defend man-in-the-middle attacks; if an attacker obtains the private key (K Gj, alpha) of the GWN j, the session key h (T a1(Ta2(β))||PIDj) generated before and after the user and the sensor cannot be calculated, so that the invention can provide forward security and backward security; in the authentication process of the user, the identities of the user and the sensor are not transmitted in a plaintext mode, and the login request message { W 1,M1,V1,UFauth,TS1 } of the user is different every time, although an attacker can recognize that the login request message is sent by the same user from UF auth, whether the login request message is sent by the same user or not cannot be distinguished, so that anonymity and untraceability can be realized.
The invention makes an arbitration in case of disputes, for example, to determine whether a user, who issued certificates Cert i and B 7 to GWN j、RA、CA,GWNj authenticated B 7 with its public key pub_gj1, B 3 in certificate Cert i in authentication with its public key pub_ra, CA authenticated digital signature SIG Pri_CA(Ni in certificate Cert i with its public key pub_ca), both results contain N i, and GWN j queries in the merck tree whether UID i in certificate Cert i is present, and if True is the result, it can be determined that the user is a registered legitimate user based on the combined result.
In the authentication stage of the invention, the GWN j calls UF auth function of the intelligent contract TC according to the login request message of the user, calls SNF auth function of the intelligent contract TC according to the response message, records information such as transaction process and transaction time of the intelligent contract in the blockchain, and can inquire the information to trace the authentication process when necessary.
The wireless network authentication method and system based on the blockchain provided by the invention are described in detail below.
The invention sets the gateway cluster with block chain, the registration center RA and the system structure of the certificate authority CA to assist the registration and mutual authentication of the user and the wireless sensor, realizes decentralization and rights dispersion and mutual restriction, and prevents the problem that the user and the wireless sensor cannot be verified due to gateway invalidation when the prior art excessively depends on a single gateway.
In the invention, for each gateway of the gateway cluster, the GWN j, the RA and the CA have key pairs, and the user and sensor registration process acquires the certificate jointly issued by the CA and the RA and the digital signature of the gateway to provide security assistance for the mobile equipment and the verification process of the user, so that the judgment can be made under the dispute condition.
In the method, the gateway starts the intelligent contract to store the transaction information into the Merker tree of the blockchain in the mutual authentication process of the user and the sensor, and the authentication process is traceable.
The gateway node of the method adopts a double-key pair technology, can provide digital signatures for the registration of users and sensors, help to decide under the dispute condition, and can also assist the users and the sensors to generate a shared session key based on Chebyshev chaotic mapping discrete logarithm difficult problem, thereby solving the problem of poor flexibility of adopting single-key pair.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims (7)

1. The wireless sensor network authentication method based on the blockchain is characterized by comprising the following steps of:
s1: setting a gateway cluster and customizing a blockchain for the gateway cluster;
s2: the registration center and the digital certificate issuing center respectively generate key pairs, each gateway in the gateway cluster is provided with a double key pair, and mobile equipment of a user generates the key pairs to finish system initialization;
wherein, step S2 further comprises:
S21: the registration center generates a registration key pair, and the digital certificate issuing center generates an issuing key pair;
s22: the registration center broadcasts a public key of the registration key pair in a network, and the digital certificate issuing center broadcasts a public key of the issuing key pair in the network;
s23: setting a double key pair for a single gateway in the gateway cluster, wherein the double key pair comprises a first key pair and a second key pair;
wherein, step S23 further comprises:
S231: a single gateway in a gateway cluster generates a first key pair, and the expression of the first key pair is:
Wherein, For/>Public key in first key pair corresponding to each gateway,/>For/>Private keys in the first key pair corresponding to the gateway;
S232: setting a main key in a second key pair, setting a large prime number and Chebyshev polynomial parameters, and calculating to obtain a public key in the second key pair through the Chebyshev polynomial parameters to obtain a second key pair, wherein the expression of the second key pair is as follows:
Wherein, For/>Public key in second key pair corresponding to each gateway,/>For chebyshev polynomial parameters,For/>Main key in second key pair corresponding to each gateway,/>Is a parameter/>/>An order chebyshev polynomial;
S233: gateways in a gateway cluster store a private key of the first key pair, a main key and a large prime number of the second key pair, and publish and broadcast a public key of the first key pair, a public key of the second key pair and Chebyshev polynomial parameters;
s24: the mobile equipment of the user generates a key pair of the user and completes the system initialization;
S3: issuing a first digital certificate for a sensor node based on a registration center and a digital certificate issuing center, storing first transaction information at least comprising the digital certificate into a merck tree by the digital certificate issuing center, recording the first transaction information into a chain by the registration center through a gateway, and receiving feedback information of the first chain by a sensor and storing the feedback information into a memory to finish sensor registration;
S4: issuing a second digital certificate for the user based on the registration center and the digital certificate issuing center, storing second transaction information at least comprising the digital certificate into a merck tree by the digital certificate issuing center, recording the transaction information into a chain by the registration center through a gateway, and receiving a second chain feedback message by the user and storing the second chain feedback message into the mobile device so as to finish user registration;
S5: the gateway inquires transaction information based on the merck tree through intelligent contracts during sensor registration and user registration, and mutual authentication between a sensor end to be authenticated and a user end to be authenticated is carried out through the transaction information to obtain a session key.
2. The wireless sensor network authentication method based on blockchain as in claim 1, wherein the blockchain in step S1 employs a POW consensus mechanism.
3. The wireless sensor network authentication method based on blockchain as in claim 1, wherein step S3 further comprises:
S31: the sensor node generates a self secret key pair, selects a first random number for encryption, and sends a registration message to a registration center after obtaining a first encryption value and a first digital signature, wherein the expression of the registration message is as follows:
Wherein, For/>Public key of individual sensor node,/>For the first encryption value,/>Is the first random number,/>A first digital signature obtained for calculation;
Wherein, For/>Private key of individual sensor node,/>For use/>Generating a relation to/>Digital signature of/>For/>Individual sensor node/>Is/are > ofAs a public key of the registry,To use the key/>Pair/>And/>Asymmetric encryption is performed;
S32: after receiving the registration message, the registration center decrypts the first encryption value by using the private key of the registration center, and obtains a first digital signature through decryption of the public key of the sensor node for verification, if the verification is not passed, the session is terminated, and if the verification is passed, the step S33 is executed;
S33: the registration center calculates and obtains a specific identity value, a second digital signature and a second encryption value of the sensor node, and sends a conversion message to the digital certificate authority, wherein the expression of the conversion message is as follows:
Wherein, For/>Specific identity value corresponding to each sensor node,/>For the second digital signature,/>Is the second encrypted value;
Wherein, For registry private key,/>For use/>Generating a relation to/>Is a digital signature of the (c) code,Public key of digital certificate authority,/>To use the key/>Pair/>Asymmetric encryption performed,/>As a hash function,/>Performing bit connection operation;
S34: after the digital certificate issuing center receives the conversion message, decrypting the second encryption value by using a private key of the digital certificate issuing center, obtaining a second digital signature through public key decryption of the registration center, verifying the second digital signature, terminating the session if the verification is not passed, and executing step S35 if the verification is passed;
S35: the digital certificate issuing center generates a digital certificate and sends the digital certificate to the registration center, wherein the expression of the digital certificate is as follows:
Wherein, For/>Digital certificate of individual sensor node,/>Time for certificate issuance,/>Is a certificate validity period;
S36: after receiving the digital certificate, the registration center packages transaction information and inserts the transaction information into a merck tree, and simultaneously records path information for storing the transaction information, and then the registration center sends a certificate reply message to the sensor node, wherein the expression of the certificate reply message is as follows:
Wherein, For trade time,/>To preserve/>Path information when transaction information of each sensor node is carried out;
S37: after receiving the certificate reply message and storing the certificate reply message in a sensor memory, the sensor node replies a registration completion message to the gateway, wherein the expression of the registration completion message is as follows:
Wherein, Registering function names for sensor nodes defined in blockchain smartcontracts,/>For the third encryption value,/>For/>Public key in first key pair corresponding to each gateway,/>To use the key/>Pair/>And/>Asymmetric encryption is performed;
s38: after receiving the registration completion message, the gateway decrypts the third encrypted value through the private key in the first key pair to obtain the path information, activates the merck tree leaf node pointed by the intelligent contract to inquire the path information whether the specific identity value exists, if not, terminates the session, and if so, executes step S39;
s39: the gateway selects a second random number, encrypts the specific identity value, stores the second random number into a merck tree according to the path information, selects an accounting node through a consensus algorithm, links the transaction information, and sends a link-in completion message to a sensor node, wherein the link-in completion message has the expression:
Wherein, For the first hash value,/>For the fourth encryption value,/>For the third digital signature,/>As a result of the second random number,To use the key/>Pair/>And/>Asymmetric encryption performed,/>For/>Public key in second key pair corresponding to each gateway,/>For chebyshev polynomial parameters,For use/>Generating a relation to/>And/>Is a digital signature of (a);
After receiving the link completion message, the sensor node decrypts the fourth encrypted value by using the private key of the sensor node to obtain a first decrypted hash value corresponding to the first hash value, verifies that the first hash value is not equal to the first decrypted hash value, terminates the session, and stores the sensor node registration information into the sensor node memory if the first hash value is not equal to the first decrypted hash value, wherein the expression of the sensor node registration information is as follows:
4. the blockchain-based wireless sensor network authentication method of claim 1, wherein all process information is transmitted in a secure channel during the sensor registration in step S3 and the user registration in step S4.
5. The wireless sensor network authentication method based on blockchain as in claim 1, wherein step S5 further comprises:
S51: the user inputs a user identity and a first user password, a first identity value is obtained through calculation, whether the first identity value is equal to an identity value stored when the user registers or not is judged, if not, the user is refused to log in, if so, a login request message is sent to a gateway, and the expression of the login request message is as follows:
Wherein, Is the first parameter value,/>Is the second parameter value,/>Is the third parameter value,/>Authentication function name for user defined in smart contracts,/>Is a first timestamp;
Wherein, Is a third random number,/>Is a parameter/>/>Order chebyshev polynomials,/>For/>Specific identity value corresponding to each user,/>For/>Specific identity value corresponding to each sensor node,/>For the second hash value of the first hash value,For/>Path information corresponding to individual users,/>For/>Path information corresponding to the individual sensor nodes,Is a parameter/>/>An order chebyshev polynomial;
s52: the gateway receives the login request message, verifies whether the first timestamp is valid, starts an intelligent contract if the first timestamp is valid, sequentially verifies the second hash value and the third parameter value according to the received login request message, and sends a first authentication message to the sensor node after acquiring transaction information in the merck tree query if both the second hash value and the third parameter value pass the verification, wherein the expression of the first authentication message is as follows:
Wherein, For the corresponding value of the first parameter value in the received login request message,/>Is the fourth parameter value,/>Is the fifth parameter value,/>Is a second timestamp;
Wherein, Is the second random number,/>To use the key/>Pair/>Asymmetric encryption performed,/>For the/>, in the received login request messageCorresponding values of the specific identity values corresponding to the sensor nodes;
S53: after the sensor node receives the first authentication message, checking the validity of the second timestamp, if the second timestamp is valid, decrypting the fourth parameter value through the private key of the sensor node and verifying the fifth parameter value, and if the second parameter value passes the verification, calculating a first session key and sending a second authentication message to the gateway node, wherein the expression of the second authentication message is as follows:
Wherein, Is the sixth parameter value,/>Is the seventh parameter value,/>Is the eighth parameter value,/>Authenticating function names for sensors defined in smart contracts,/>Is a third timestamp;
Wherein, Is the fourth random number,/>For parameter/>For/>Is a Chebyshev polynomial of order (v)/>For the corresponding value of the second random number in the received first authentication message,/>For the corresponding value of the first parameter value in the first authentication message,/>Is a parameter/>/>Order chebyshev polynomials,/>Calculated for sensor endA first session key for the individual user;
S54: after receiving the second authentication message, the gateway node checks the validity of the third timestamp, if the third timestamp is valid, the seventh parameter value is verified, and if the seventh parameter value passes the verification, the third authentication message is sent to the user, and the expression of the third authentication message is:
Wherein, For the corresponding value of the sixth parameter value in the received second authentication message,/>For the corresponding value of the eighth parameter value in the received second authentication message,/>Is the ninth parameter value,/>For the corresponding value of the third timestamp in the received second authentication message,/>Is a fourth timestamp;
Wherein, For/>Inquiring corresponding values of specific identity values corresponding to the individual users;
S55: after receiving the third authentication message, the mobile device of the user checks the validity of the fourth timestamp, if the fourth timestamp is valid, the ninth parameter value is verified, if the verification is passed, the second session key is calculated and the corresponding value of the eighth parameter value is verified, if the verification is passed, the second session key is accepted as the session key of the sensor end to be authenticated and the user end to be authenticated, and the expression of the second session key is:
Wherein, Second session key calculated for user side and sensor node,/>For the corresponding value of the sixth parameter value in the received third authentication message,/>Is a parameter/>/>An order chebyshev polynomial.
6. The wireless sensor network authentication method based on blockchain as in claim 1, wherein step S5 further comprises:
When the user needs to change the user password, a second user password is input, a second identity value is obtained through calculation, whether the second identity value is equal to the identity value stored in the registration of the user or not is judged, if not, the session is terminated, if so, a new password is received, and the identity value is recalculated to replace the original identity value.
7. A blockchain-based wireless sensor network authentication system for performing a blockchain-based wireless sensor network authentication method as in any of claims 1-6, comprising:
The system comprises a registration center, a digital certificate issuing center, a gateway cluster comprising a plurality of gateway nodes and a blockchain configured according to the gateway cluster;
The system also comprises a user and a plurality of sensors, wherein the user uses the mobile device, and the sensors are wireless sensors; the system formed by the registration center, the digital certificate issuing center, the gateway cluster and the blockchain can be used for registration and mutual authentication between a user and a sensor.
CN202410256740.5A 2024-03-07 2024-03-07 Wireless sensor network authentication method and system based on blockchain Active CN117857061B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410256740.5A CN117857061B (en) 2024-03-07 2024-03-07 Wireless sensor network authentication method and system based on blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410256740.5A CN117857061B (en) 2024-03-07 2024-03-07 Wireless sensor network authentication method and system based on blockchain

Publications (2)

Publication Number Publication Date
CN117857061A CN117857061A (en) 2024-04-09
CN117857061B true CN117857061B (en) 2024-05-28

Family

ID=90548302

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410256740.5A Active CN117857061B (en) 2024-03-07 2024-03-07 Wireless sensor network authentication method and system based on blockchain

Country Status (1)

Country Link
CN (1) CN117857061B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106657124A (en) * 2017-01-03 2017-05-10 宜春学院 Pseudonym-based anonymous authentication and key negotiation optimization method and optimized authentication analysis method for Internet of Things
CN111159750A (en) * 2020-04-07 2020-05-15 南京邮电大学 Automobile maintenance data storage method based on alliance chain
CN112446046A (en) * 2020-11-23 2021-03-05 海南火链科技有限公司 Data management method and device based on intelligent contract
CN112529518A (en) * 2020-11-17 2021-03-19 北京思路创新科技有限公司 Enterprise data management method based on daily activity level detection and management system
CN114900316A (en) * 2022-05-05 2022-08-12 深圳市合创智能信息有限公司 Block chain-based rapid identity authentication method and system for Internet of things equipment
CN114928835A (en) * 2022-03-29 2022-08-19 山东大学 Dynamic wireless sensor network construction method based on block chain and secret key management
CN116192437A (en) * 2022-12-09 2023-05-30 贵州电网有限责任公司 Block chain and Signal protocol-based distribution network operation security access method and system
CN116249999A (en) * 2020-09-29 2023-06-09 国际商业机器公司 Consensus service for blockchain networks

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106657124A (en) * 2017-01-03 2017-05-10 宜春学院 Pseudonym-based anonymous authentication and key negotiation optimization method and optimized authentication analysis method for Internet of Things
CN111159750A (en) * 2020-04-07 2020-05-15 南京邮电大学 Automobile maintenance data storage method based on alliance chain
CN116249999A (en) * 2020-09-29 2023-06-09 国际商业机器公司 Consensus service for blockchain networks
CN112529518A (en) * 2020-11-17 2021-03-19 北京思路创新科技有限公司 Enterprise data management method based on daily activity level detection and management system
CN112446046A (en) * 2020-11-23 2021-03-05 海南火链科技有限公司 Data management method and device based on intelligent contract
CN114928835A (en) * 2022-03-29 2022-08-19 山东大学 Dynamic wireless sensor network construction method based on block chain and secret key management
CN114900316A (en) * 2022-05-05 2022-08-12 深圳市合创智能信息有限公司 Block chain-based rapid identity authentication method and system for Internet of things equipment
CN116192437A (en) * 2022-12-09 2023-05-30 贵州电网有限责任公司 Block chain and Signal protocol-based distribution network operation security access method and system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"基于区块链及Signal的物联网安全通信技术研究";林璐;《中国优秀硕士学位论文全文数据库》;20230115(第1期);第13-25页 *
基于区块链的分布式物联网设备身份认证机制研究;谭琛;陈美娟;Amuah Ebenezer Ackah;;物联网学报;20200518(第02期);全文 *

Also Published As

Publication number Publication date
CN117857061A (en) 2024-04-09

Similar Documents

Publication Publication Date Title
US7269730B2 (en) Method and apparatus for providing peer authentication for an internet key exchange
US7246236B2 (en) Method and apparatus for providing peer authentication for a transport layer session
JP4634612B2 (en) Improved subscriber authentication protocol
US8276209B2 (en) Proximity check server
US20050086465A1 (en) System and method for protecting network management frames
CN111756529B (en) Quantum session key distribution method and system
Zhang et al. Efficient and privacy-preserving blockchain-based multifactor device authentication protocol for cross-domain IIoT
Almuhaideb et al. A lightweight and secure anonymity preserving protocol for WBAN
CN113242554B (en) Mobile terminal authentication method and system based on certificate-free signature
CN114710275B (en) Cross-domain authentication and key negotiation method based on blockchain in Internet of things environment
Claeys et al. Securing complex IoT platforms with token based access control and authenticated key establishment
Xi et al. ZAMA: A ZKP-based anonymous mutual authentication scheme for the IoV
CN114398602B (en) Internet of things terminal identity authentication method based on edge calculation
CN113824570A (en) Block chain-based security terminal authentication method and system
CN111654481B (en) Identity authentication method, identity authentication device and storage medium
CN111756528A (en) Quantum session key distribution method and device and communication architecture
CN114726583B (en) Trusted hardware cross-chain transaction privacy protection system and method based on blockchain distributed identification
Yang et al. A trust and privacy preserving handover authentication protocol for wireless networks
CN107231353B (en) Binary tree-based batch authentication method in smart power grid
CN110752934B (en) Method for network identity interactive authentication under topological structure
Nyangaresi et al. Anonymity preserving lightweight authentication protocol for resource-limited wireless sensor networks
CN117857061B (en) Wireless sensor network authentication method and system based on blockchain
CN115865520A (en) Authentication and access control method with privacy protection in mobile cloud service environment
Hwang et al. A Key management for wireless communications
Porambage et al. Public key based protocols–ec crypto

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant