Research And Application Of Cross-domain Hierarchical Authentication Method For The Internet Of Thing

In 5G massive Machine Type of Communication(m MTC)large-scale Io T environment,there are massive heterogeneous Io T devices with hierarchical relationships,and due to different encryption parameters and different encryption systems used by heterogeneous Io T devices,it brings the problem of cross-domain hierarchical authentication among Io T devices.Solving the cross-domain hierarchical authentication problem among Io T devices can bring guarantee for secure communication among Io T devices and better promote the application of5 G technology in large-scale Io T.We take heterogeneous signature encryption and passable signature encryption as the entry point to study the problem of secure communication between Io T devices with different encryption parameters and different encryption regimes and the problem of privacy leakage and inefficient authentication caused by passable authentication of Io T devices with hierarchical relationship respectively,and finally,we provide an access control scheme that can realize cross-domain authentication for the above two cases.The details are as follows:(1)Firstly,it is proposed that a PKI-CLC heterogeneous signcryption based on standard encryption algorithm of SM2.The scheme is based on the SM2’s encryption and signature algorithm,and designs a PKI-CLC two-way secure communication scheme that can be implemented under different parameters,providing confidentiality and unforgeability for both sides of the communication,with internal security,no bilinear operations and no key escrow,which is more suitable for real large-scale Io T environment.(2)Secondly,we propose a passable signcryption scheme for directed graphs based on SM2.The scheme is based on the idea of signatures and transitive signatures,and designs a transitive signcryption based on SM2 algorithm,which provides authentication and protects the privacy of hierarchical relationships for the Io T devices in the directed acyclic graph while preserving the transferability and signatures.This improves the efficiency of signatures and reduces the memory overhead.(3)Finally,the correctness and security of the scheme are analysed and compared with other similar schemes Finally,based on the above research,considering the secure communication requirements of both hierarchical relationship structure and cross-domain Io T devices in the industrial Io T environment,we design an access control scheme that can realize cross-domain hierarchical authentication by combining heterogeneous signatures,transitive signatures and three-factor authentication,and authorize access after cross-domain authentication for PKI Io T users and CLC Io T devices to ensure the authenticity of user identity and communication.The authenticity of the identity and the security of communication are ensured.The formal and non-formal analysis of the scheme security shows that it can resist forgery attacks,stolen Io T device attacks,replay attacks and dictionary guessing attacks.The performance analysis shows that the scheme has the lowest computation overhead and communication overhead than the same security of Xu.