当前位置:
X-MOL 学术
›
Secur. Commun. Netw.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
An Improved Blockchain-Based Authentication Protocol for IoT Network Management
Security and Communication Networks ( IF 1.968 ) Pub Date : 2020-10-28 , DOI: 10.1155/2020/8836214 Mostafa Yavari 1 , Masoumeh Safkhani 1 , Saru Kumari 2 , Sachin Kumar 3 , Chien-Ming Chen 4
Security and Communication Networks ( IF 1.968 ) Pub Date : 2020-10-28 , DOI: 10.1155/2020/8836214 Mostafa Yavari 1 , Masoumeh Safkhani 1 , Saru Kumari 2 , Sachin Kumar 3 , Chien-Ming Chen 4
Affiliation
Communication security between IoT devices is a major concern in this area, and the blockchain has raised hopes that this concern will be addressed. In the blockchain concept, the majority or even all network nodes check the validity and accuracy of exchanged data before accepting and recording them, whether this data is related to financial transactions or measurements of a sensor or an authentication message. In evaluating the validity of an exchanged data, nodes must reach a consensus in order to perform a special action, in which case the opportunity to enter and record transactions and unreliable interactions with the system is significantly reduced. Recently, in order to share and access management of IoT devices information with distributed attitude a new authentication protocol based on blockchain is proposed and it is claimed that this protocol satisfies user privacy preserving and security. However, in this paper, we show that this protocol has security vulnerabilities against secret disclosure, replay, traceability, and reuse attacks with the success probability of 1 and constant complexity of also 1. We also proposed an improved blockchain-based authentication protocol (IBCbAP) that has security properties such as secure access management and anonymity. We implemented IBCbAP using JavaScript programming language and Ethereum local blockchain. We also proved IBCbAP’s security both informally and formally through the Scyther tool. Our comparisons showed that IBCbAP could provide suitable security along with reasonable cost.
中文翻译:
用于物联网网络管理的基于区块链的改进身份验证协议
物联网设备之间的通信安全是该领域的主要关注点,而区块链提出了希望可以解决这一关注点。在区块链概念中,大多数或什至所有网络节点在接受和记录交换的数据之前都会检查其有效性和准确性,无论该数据与金融交易,传感器或认证消息的度量有关。在评估交换数据的有效性时,节点必须达成共识才能执行特殊操作,在这种情况下,输入和记录交易的机会以及与系统的不可靠交互将大大减少。最近,为了以分布式态度共享和访问物联网设备信息,提出了一种新的基于区块链的认证协议,该协议满足了用户隐私保护和安全性要求。但是,在本文中,我们表明该协议具有针对秘密披露,重播,可追溯性和安全性的安全漏洞。重用攻击,成功概率为1,复杂度也为1。我们还提出了一种改进的基于区块链的身份验证协议(IBCbAP),该协议具有安全属性,例如安全访问管理和匿名性。我们使用JavaScript编程语言和以太坊本地区块链实现了IBCbAP。我们还通过Scyther工具非正式地和正式地证明了IBCbAP的安全性。我们的比较表明,IBCbAP可以提供适当的安全性以及合理的成本。
更新日期:2020-10-30
中文翻译:
用于物联网网络管理的基于区块链的改进身份验证协议
物联网设备之间的通信安全是该领域的主要关注点,而区块链提出了希望可以解决这一关注点。在区块链概念中,大多数或什至所有网络节点在接受和记录交换的数据之前都会检查其有效性和准确性,无论该数据与金融交易,传感器或认证消息的度量有关。在评估交换数据的有效性时,节点必须达成共识才能执行特殊操作,在这种情况下,输入和记录交易的机会以及与系统的不可靠交互将大大减少。最近,为了以分布式态度共享和访问物联网设备信息,提出了一种新的基于区块链的认证协议,该协议满足了用户隐私保护和安全性要求。但是,在本文中,我们表明该协议具有针对秘密披露,重播,可追溯性和安全性的安全漏洞。重用攻击,成功概率为1,复杂度也为1。我们还提出了一种改进的基于区块链的身份验证协议(IBCbAP),该协议具有安全属性,例如安全访问管理和匿名性。我们使用JavaScript编程语言和以太坊本地区块链实现了IBCbAP。我们还通过Scyther工具非正式地和正式地证明了IBCbAP的安全性。我们的比较表明,IBCbAP可以提供适当的安全性以及合理的成本。
京公网安备 11010802027423号