ZigBee节点多因子身份认证方案研究

系统仿真学报 ›› 2015, Vol. 27 ›› Issue (4): 762-769.

• 仿真建模与仿真算法及数值仿真 • 上一篇下一篇

ZigBee节点多因子身份认证方案研究

周伟伟, 岳云天, 郁滨

信息工程大学, 郑州 450000

收稿日期:2014-06-04 修回日期:2014-10-24 发布日期:2020-08-20
作者简介:周伟伟(1990-),男,河南洛阳人,硕士生,研究方向为ZigBee、信息安全技术;岳云天(1968-),男,河南开封人,博士,副教授,硕导,研究方向为数字隐写、信息安全、通信技术;郁滨(1964-),男,河南郑州人,博士,教授,博导,研究方向为信息安全、无线网络安全技术、视觉密码等。

Research of Multi-factor Identity Authentication Scheme for ZigBee Network Nodes

Zhou Weiwei, Yue Yuntian, Yu Bin

Information Engineering University, Zhengzhou 450000, China

Received:2014-06-04 Revised:2014-10-24 Published:2020-08-20

摘要/Abstract

摘要： 针对ZigBee网络所面临的中间人攻击和假冒攻击,提出了一种ZigBee节点多因子身份认证方案,该方案引入以特定周期更新的新鲜因子,并将其与节点硬件信息绑定,调用单向杂凑函数生成硬件信息因子,由控制中心匹配节点上传的密钥信息因子、硬件信息因子和配置信息因子完成对节点的身份认证;同时,节点对接收到的消息进行签名验证,完成节点对控制中心的身份认证,从而实现节点间的双向身份认证,并对节点持有的对密钥实施更新,以防止非法节点入网对整个网络造成危害。BAN逻辑安全性分析及实验结果表明,该方案可有效抵御中间人、假冒等攻击,同时在计算开销和存储需求上有明显优势。

关键词: 节点身份认证, 多因子, 签名验证, 帧结构, 新鲜因子

Abstract: To solve the problem of the man-in-the-middle attack and impersonation attack in ZigBee networks, a scheme based on multi-factor identity authentication for ZigBee network nodes was proposed. The scheme bound the fresh factor updated in a particular cycle with hardware information via a one-way hash function to generate hardware information factor. On this basis, the scheme achieved the authentication mechanism for the nodes through the comparison among key factor, hardware information factor and configuration information factor received by control center. Meanwhile, the nodes completed control center authentication through the signature verification of the message received. Thus, the bidirectional authentication between nodes was achieved. The link key was updated to defense the illegal invasion of the nodes. The BAN-logic security analysis and experiment results show that the new scheme can not only resist the man-in-the-middle attack and impersonation attack effectively, but also has a distinct advantage over computing and storage.

Key words: identity authentication, multi-factor, signature verification, frame structure, fresh factor

中图分类号:

TP309.1

周伟伟, 岳云天, 郁滨. ZigBee节点多因子身份认证方案研究[J]. 系统仿真学报, 2015, 27(4): 762-769.

Zhou Weiwei, Yue Yuntian, Yu Bin. Research of Multi-factor Identity Authentication Scheme for ZigBee Network Nodes[J]. Journal of System Simulation, 2015, 27(4): 762-769.

参考文献

[1] Perrig A, Stankovic J, Wagner D.Security in wireless sensor networks[J]. Communications of the ACM.ISSN:(S1617-7975), 2004, 47(6): 53-57.
[2] Bankovic Z, Fraga D, José M, et al. Detecting and confining sybil attack in wireless sensor networks based on reputation systems coupled with self-organizing maps[C]// IFIP Advances in Information and Communication Technology. NanChang,China: Springer, 2010: 311-318.
[3] Roszainiza Rosli, Yusnani Mohd Yusoff, Habibah Hashim.Performance Analysis of ID-Based Authentication on Zigbee Transceiver[C]// 2012 IEEE Symposium on Wireless Technology and Applications, Bandung, Indonesia, 2012. USA: IEEE, 2012.
[4] S Weis.Security and Privacy in Radio Frequency Identification Device [D]. Cambridge, MA, USA: MIT, 2003.
[5] Weis S A, Sarma S E, Rivest R L.Security and Privacy Aspects of Low-cost Radio Frequency Identification System[C]// Proceedings of the 1st International Conference on Security in Pervasive Computing. Berlin, Germany: Springer-Verlag, 2004: 201-212.
[6] Watro R, Kong D, Cuti S, et al. TinyPK: Securing sensor networks with public technology[C]// Proceedings of the 2nd ACM Workshop on Security of Ad Hoc Networks and Sensor Networks. Washington DC, USA: ACM, 2004: 59-64.
[7] Eschenauer L, Gligor V D.A key-management scheme for distributed sensor networks[C]// Proceedings of the 9th ACM Conference on Computer and Communications Security, New York, USA. USA: ACM, 2002: 41-47.
[8] Zinaida Benenson, Nils Gedicke, Ossi Raivio.Realizing Robust User Authentication in Sensor Networks[C]// Workshop on Real World Wireless Sensor Networks (REALWSN). Italy: Springer,2005: 135-142.
[9] K Bauer, H Yunyoung Lee.A Distributed Authentication Scheme for a Wireless Sensing System[C]// Proceedings of the 2nd International Workshop on Networked Sensing Systems (INSS 2005). Japan: IEEE, 2005: 210-215.
[10] Wei Chen, Xiaoshuan Zhang, Dong Tian, Zetian Fu.An Identity-Based Authentication Protocol for Clustered ZigBee Network[C]// 6th International Conference on Intelligent Computing. Changsha, China: Springer, 2010: 503-510.
[11] 金晨辉, 郑浩然, 张少武, 等. 密码学[M]. 北京: 高等教育出版社, 2009, 11.

ZigBee节点多因子身份认证方案研究

Research of Multi-factor Identity Authentication Scheme for ZigBee Network Nodes

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 11

编辑推荐

Metrics

本文评价

[1]	史衍卿, 陈伟, 郁滨. ZigBee网络虫洞攻击检测方案设计[J]. 系统仿真学报, 2017, 29(4): 853-858.
[2]	黄金垒, 王衡军, 郁滨. 一种基于凝聚度的报警处理算法[J]. 系统仿真学报, 2017, 29(4): 859-864.
[3]	张星昊, 黄一才, 郁滨. 基于RSSI变化趋势的BLE密钥协商方案[J]. 系统仿真学报, 2017, 29(4): 873-879.
[4]	龚碧, 郁滨. 一种基于用户策略的多区域交互控制模型[J]. 系统仿真学报, 2017, 29(4): 880-885.
[5]	王启林, 黄一才, 郁滨. 一种低功耗蓝牙DoS攻击检测方案[J]. 系统仿真学报, 2016, 28(6): 1365-1371.
[6]	赵松银, 郁滨. USB安全连接方案设计与实现[J]. 系统仿真学报, 2016, 28(6): 1400-1405.
[7]	黄艺波, 黄一才, 郁滨. 基于哈希链的BLE密钥协商方案设计[J]. 系统仿真学报, 2016, 28(6): 1412-1419.
[8]	黄美根, 郁滨, 孔志印. ZigBee网络Sybil攻击检测方案设计[J]. 系统仿真学报, 2016, 28(6): 1452-1460.
[9]	张学思, 郁滨. 一种基于移动存储设备的多密级安全交互模型[J]. 系统仿真学报, 2015, 27(4): 755-761.
[10]	童宇, 蔡婧雯. 针对AES算法的两点联合能量分析攻击及仿真[J]. 系统仿真学报, 2021, 33(8): 1980-1988.
[11]	程羽乔, 付正欣, 郁滨. 基于理想存取结构划分的(2, n)异或视觉密码[J]. 系统仿真学报, 2020, 32(1): 20-26.