计算机科学 ›› 2019, Vol. 46 ›› Issue (4): 151-157.doi: 10.11896/j.issn.1002-137X.2019.04.024
李森森, 黄一才, 郁滨
LI Sen-sen, HUANG Yi-cai, YU Bin
摘要: 针对现有蓝牙配对协议难以抵抗中间人攻击、复制攻击的问题,提出了一种从设备零秘密存储的蓝牙密钥协商方案。该方案利用物理不可克隆函数(Physical Unclonable Functions,PUF),在从设备不存储任何秘密参数的情况下,通过“三次握手”实现主设备与从设备的双向认证及链路密钥协商。理论分析和实验结果表明,该方案不仅具有较高的安全性,而且通信、计算和存储开销均较小。
中图分类号:
[1]RAZA S,MISRA P,HE Z,et al.Building the Internet of Things with Bluetooth smart[J].Ad Hoc Networks,2017,57:19-31. [2]Bluetooth SIG.Specification of the Bluetooth system:core pac- kage version 4.0[EB/OL].http://www.bluetooth.org,2009. [3]PHAN R C W,MINGARD P.Analyzing the secure simple pairing in Bluetooth v4.0[J].Wireless Personal Communications,2012,64(4):719-737. [4]BARNICKEL J,WANG J,MEYER U.Implementing an attack on bluetooth 2.1+ secure simple pairing in passkey entry mode[C]∥IEEE International Conference on Trust,Security and Privacy in Computing and Communications.Liverpool:IEEE Press,2012:17-24. [5]HAATAJA K,TOIVANEN P.Two practical man-in-the-middle attacks on bluetooth secure simple pairing and countermeasures[J].IEEE Transactions on Wireless Communications,2010,9(1):384-392. [6]PERREY H,UGUS O,WESTHOFF D.WiSec’2011 poster:security enhancement for bluetooth low energy with Merkle’s puzzle[J].ACM SIGMOBILE Mobile Computing and Communications Review,2011,15(3):45-46. [7]HUANG Y B,HUANG Y C,YU B.Design of BLE Key Agree- ment Scheme Based on Hash Chain[J].Journal of System Simulation,2016,28(6):1412-1418.(in Chinese) 黄艺波,黄一才,郁滨.基于哈希链的BLE密钥协商方案设计[J].系统仿真学报,2016,28(6):1412-1418. [8]SKOROBOGATOV S.Flash memory ‘bumping’ attacks[C]∥ Cryptographic Hardware and Embedded Systems,CHES 2010.2010:158-172. [9]MARCHAND C,BOSSUET L,MUREDDU U,et al.Implementation and characterization of a physical unclonable function for IoT:a case study with the TERO-PUF[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2017,37(1):97-109. [10]ZHANG X H,HUANG Y C,YU B.BLE Key Agreement Scheme Based on RSSI Variation Trend[J].Journal of System Simulation,2017,29(4):873-879.(in Chinese) 张星昊,黄一才,郁滨.基于RSSI变化趋势的BLE密钥协商方案[J].系统仿真学报,2017,29(4):873-879. [11]PAPPU R,RECHT B,TAYLOR J,et al.Physical one-way functions[J].Science,2002,297(5589):2026-2030. [12]ZHANG Z N,GUO Y B.Survery of physical unclonable function[J].Journal of Computer Applications,2012,32(11):3115-3120.(in Chinese) 张紫楠,郭渊博.物理不可克隆函数综述[J].计算机应用,2012,32(11):3115-3120. [13]NGUYEN P H,SAHOO D P.An Efficient and Scalable Mode- ling Attack on Lightweight Secure Physically Unclonable Function[J].IACR Cryptology ePrint Archive,2016,2016:428. [14]AMAN M N,CHUA K C,SIKDAR B.Position Paper:Physical Unclonable Functions for IoT Security[C]∥Proceedings of the 2nd ACM International Workshop on IoT Privacy,Trust,and Security.Xi’an,China,2016:10-13. [15]MUTTI S,BACIS E,and PARABOSCHI S.Sesqlite:Security enhanced sqlite:Mandatory access control for android databases[C]∥Proceedings of the 31st Annual Computer Security Applications Conference.Los Angeles,USA,2015:411-420. [16]王亚弟,束妮娜,韩继红,等.密码协议形式化分析[M].北京:机械工业出版设,2006:126-139. [17]DIALLO A S,AL-KHATEEB W F M,OLANREWAJU R F,et al.A Secure Authentication Scheme for Bluetooth Connection[C]∥International Conference on Computer and Communication Engineering.IEEE Press,2015:60-63. [18]LALIS J T,GERARDO B D,BYUN Y.Securing Bluetooth Communication with Hybrid Pairing Protocol[J].International Journal of Security & Its Applications,2014,8(4):219-228. |
[1] | 蹇奇芮, 陈泽茂, 武晓康. 面向无人机通信的认证和密钥协商协议 Authentication and Key Agreement Protocol for UAV Communication 计算机科学, 2022, 49(8): 306-313. https://doi.org/10.11896/jsjkx.220200098 |
[2] | 梁珍珍, 徐明. 基于海洋水声信道的密钥协商方案 Key Agreement Scheme Based on Ocean Acoustic Channel 计算机科学, 2022, 49(6): 356-362. https://doi.org/10.11896/jsjkx.210400097 |
[3] | 倪亮, 王念平, 谷威力, 张茜, 刘伎昭, 单芳芳. 基于格的抗量子认证密钥协商协议研究综述 Research on Lattice-based Quantum-resistant Authenticated Key Agreement Protocols:A Survey 计算机科学, 2020, 47(9): 293-303. https://doi.org/10.11896/jsjkx.200400138 |
[4] | 程庆丰, 李钰汀, 李兴华, 姜奇. 面向边缘计算环境的密码技术研究综述 Research on Application of Cryptography Technology for Edge Computing Environment 计算机科学, 2020, 47(11): 10-18. https://doi.org/10.11896/jsjkx.200500003 |
[5] | 秦艳琳, 吴晓平, 胡卫. 多重PKG环境中高效的身份基认证密钥协商协议 Efficient Identity-based Authenticated Key Agreement Protocol with Multiple Private Key Generators 计算机科学, 2020, 47(11): 68-72. https://doi.org/10.11896/jsjkx.191000008 |
[6] | 张向阳,孙子文. 自动纠错CRO PUF密钥生成方案 Automatic Error Correction CRO PUF Key Generation Scheme 计算机科学, 2020, 47(1): 302-308. https://doi.org/10.11896/jsjkx.181202390 |
[7] | 沈鸿, 刘军发, 陈益强, 蒋鑫龙, 黄正宇. 基于多模融合的半监督场景识别方法 Semi-supervised Scene Recognition Method Based on Multi-mode Fusion 计算机科学, 2019, 46(12): 306-312. https://doi.org/10.11896/jsjkx.191200500C |
[8] | 杜浩瑞, 陈建华, 戚明平, 彭聪, 范青. 一个前向安全的基于RSA的多服务器的认证协议 Forward-secure RSA-based Multi-server Authentication Protocol 计算机科学, 2019, 46(11A): 409-413. |
[9] | 王松伟, 陈建华. 基于智能卡的扩展混沌映射异步认证密钥协商协议 Chaotic Mapping Asynchronous Authentication Key Agreement Scheme with Smart-cards 计算机科学, 2019, 46(1): 175-181. https://doi.org/10.11896/j.issn.1002-137X.2019.01.027 |
[10] | 谢艳容, 马文平, 罗维. 一种新的信息服务实体跨域认证模型 New Cross-domain Authentication Model for Information Services Entity 计算机科学, 2018, 45(9): 177-182. https://doi.org/10.11896/j.issn.1002-137X.2018.09.029 |
[11] | 霍士伟,杨文静,李景智,申金山. 一种新的基于身份的Ad hoc认证和密钥协商方案 New Identity-based Authentication and Key Agreement Scheme in Ad hoc Networks 计算机科学, 2018, 45(6A): 380-382. |
[12] | 魏振宇,芦翔,史庭俊. 基于PKI体系的跨域密钥协商协议 Cross-domain PKI-based Key Agreement Protocol 计算机科学, 2017, 44(1): 155-158. https://doi.org/10.11896/j.issn.1002-137X.2017.01.030 |
[13] | 宋亚鹏,陈昕. EGAKA:一种面向LTE-A机器类型通信的高效组认证与密钥协商协议 EGAKA:An Efficient Group Authentication and Key Agreement Protocol for MTC in LTE-A Network 计算机科学, 2016, 43(Z6): 342-347. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.082 |
[14] | 赵作人,刘廷龙. RFID技术在Android系统上的应用实现 RFID Technology Realization in Android System 计算机科学, 2016, 43(Z6): 518-522. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.123 |
[15] | 王杰华,刘会平,邵浩然,夏海燕. 一种新颖的基于Hash函数的无线双向安全认证方案 Novel Two-way Security Authentication Wireless Scheme Based on Hash Function 计算机科学, 2016, 43(11): 205-209. https://doi.org/10.11896/j.issn.1002-137X.2016.11.040 |
|