[go: up one dir, main page]

CN118540167A - IPK-based MQTT protocol identity authentication method and data transmission method - Google Patents

IPK-based MQTT protocol identity authentication method and data transmission method Download PDF

Info

Publication number
CN118540167A
CN118540167A CN202411010799.2A CN202411010799A CN118540167A CN 118540167 A CN118540167 A CN 118540167A CN 202411010799 A CN202411010799 A CN 202411010799A CN 118540167 A CN118540167 A CN 118540167A
Authority
CN
China
Prior art keywords
key
server
client
public key
public
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202411010799.2A
Other languages
Chinese (zh)
Other versions
CN118540167B (en
Inventor
查雅行
吴志刚
王楹
郝茂鑫
王世昀
刘宇慧
王艺鑫
张玉敏
黄萱
李世纪
纪家祺
李永
薛皓阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Communications Information Technology Group Co ltd
Original Assignee
China Communications Information Technology Group Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Communications Information Technology Group Co ltd filed Critical China Communications Information Technology Group Co ltd
Priority to CN202411010799.2A priority Critical patent/CN118540167B/en
Publication of CN118540167A publication Critical patent/CN118540167A/en
Application granted granted Critical
Publication of CN118540167B publication Critical patent/CN118540167B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种基于IPK的MQTT协议的身份认证方法和数据传输方法,其中,身份认证方法包括,客户端、MQTT Broker服务端和密钥管理中心进行初始化,客户端与服务端建立连接,服务端向密钥管理中心发送服务端公钥、客户端公钥和设备ID以申请密钥,客户端与服务端基于密钥管理中心进行密钥分发从而进行双向身份验证。身份验证方法采用HMAC验证或者是数字签名的方式保证数据传输的完整性和真实性。本发明提出的一种基于IPK的MQTT协议的身份认证方法和数据传输方法,通过标识公钥技术,保持MQTT协议轻量化特点的同时解决MQTT协议的认证与加密问题,提出了一个完整的终端设备的安全接入方案,防止了设备接入时和数据传输时可能出现的攻击。

The present invention discloses an identity authentication method and a data transmission method of the MQTT protocol based on IPK, wherein the identity authentication method includes initialization of a client, an MQTT Broker server and a key management center, the client establishing a connection with the server, the server sending a server public key, a client public key and a device ID to the key management center to apply for a key, and the client and the server performing key distribution based on the key management center to perform two-way identity authentication. The identity authentication method uses HMAC verification or a digital signature to ensure the integrity and authenticity of data transmission. The present invention proposes an identity authentication method and a data transmission method of the MQTT protocol based on IPK, which solves the authentication and encryption problems of the MQTT protocol while maintaining the lightweight characteristics of the MQTT protocol through identification public key technology, and proposes a complete terminal device security access solution to prevent attacks that may occur during device access and data transmission.

Description

一种基于IPK的MQTT协议的身份认证方法和数据传输方法An identity authentication method and data transmission method of MQTT protocol based on IPK

技术领域Technical Field

本发明涉及信息安全技术领域,具体的涉及一种基于IPK的MQTT协议的身份认证方法和数据传输方法。The present invention relates to the field of information security technology, and in particular to an identity authentication method and a data transmission method of an MQTT protocol based on IPK.

背景技术Background Art

基于代理的发布/订阅模式的消息传输协议。它位于TCP/IP协议栈的应用层,以其轻量、简洁、开放以及易于实现的特性而备受瞩目。在物联网(IoT)领域,尤其是在那些对功耗和网络带宽有严格限制的场景中,MQTT以其卓越的适用性而脱颖而出,成为物联网通信协议中备受青睐的一员。MQTT采用的发布-订阅模式的优点在于实现了发布者与订阅者之间空间与时间的解耦,这也使得MQTT允许一个传感器发布的数据触发多个订阅者的一系列动作。A message transmission protocol based on the publish/subscribe model of the proxy. It is located in the application layer of the TCP/IP protocol stack and has attracted much attention for its lightweight, simple, open and easy-to-implement features. In the field of Internet of Things (IoT), especially in scenarios with strict restrictions on power consumption and network bandwidth, MQTT stands out for its excellent applicability and has become a popular member of the IoT communication protocol. The advantage of the publish-subscribe model adopted by MQTT is that it realizes the spatial and temporal decoupling between publishers and subscribers, which also allows MQTT to allow data published by a sensor to trigger a series of actions of multiple subscribers.

传统的MQTT协议存在两大主要安全问题:1)该协议在默认情况下并不对数据进行加密处理,这意味着在网络传输过程中,敏感信息可能会被未经授权的攻击者轻易截获和窃取。2)MQTT协议缺乏高效且安全的身份认证机制,仅仅依赖传统的账号密码方式进行身份验证,这使得系统容易受到中间人攻击,攻击者可能伪装成合法用户,窃取并篡改通信内容,对系统的安全性和数据的完整性构成严重威胁。因此,在使用MQTT协议时,必须采取额外的安全措施来加强数据传输的保密性和身份验证的可靠性。The traditional MQTT protocol has two major security issues: 1) The protocol does not encrypt data by default, which means that sensitive information may be easily intercepted and stolen by unauthorized attackers during network transmission. 2) The MQTT protocol lacks an efficient and secure identity authentication mechanism and relies solely on traditional account and password authentication, which makes the system vulnerable to man-in-the-middle attacks. Attackers may disguise themselves as legitimate users, steal and tamper with communication content, posing a serious threat to system security and data integrity. Therefore, when using the MQTT protocol, additional security measures must be taken to strengthen the confidentiality of data transmission and the reliability of identity authentication.

为了提升 MQTT 协议的安全性,众多研究者致力于从MQTT协议出发设计安全算法,然而,在这一过程中存在一些问题。例如:1)结构化信息标准促进组织提出可以使用SSL/TLS 来解决 MQTT 协议的安全问题。然而,这种解决方案虽然提供了安全保护机制,但其中涉及到的数字证书管理与验证等带来了大量的计算与通信开销。 2)谷正川等人在论文《基于代理重加密的消息队列遥测传输协议端到端安全解决方案》提出了一种基于代理重加密技术实现MQTT数据安全传输解决方案,其基于代理重加密技术实现了会话密钥的安全分发,解决了对MQTT Broker的信任问题。但终端公私钥由可信中心产生,线下的密钥分发会增加成本,而线上的密钥分发则存在安全问题。3)Mektoubi在论文《New approach forsecuring communication over MQTT protocol A comparaison between RSA andElliptic Curve》提出了一种基于主题的加密方案。为客户端与主题生成主题证书,实现主题证书以及主题私钥的分发,实现消息的安全传输。但使用证书来实现信息的安全传输,存在开销大的问题。In order to improve the security of the MQTT protocol, many researchers are committed to designing security algorithms based on the MQTT protocol. However, there are some problems in this process. For example: 1) The Organization for the Promotion of Structured Information Standards proposed that SSL/TLS can be used to solve the security issues of the MQTT protocol. However, although this solution provides a security protection mechanism, the digital certificate management and verification involved in it bring a lot of computing and communication overhead. 2) Gu Zhengchuan et al. proposed a solution for MQTT data security transmission based on proxy re-encryption technology in the paper "End-to-end security solution for message queue telemetry transmission protocol based on proxy re-encryption". It realizes the secure distribution of session keys based on proxy re-encryption technology and solves the trust problem of MQTT Broker. However, the public and private keys of the terminal are generated by the trusted center, and offline key distribution will increase the cost, while online key distribution has security issues. 3) Mektoubi proposed a subject-based encryption scheme in the paper "New approach forsecuring communication over MQTT protocol A comparaison between RSA andElliptic Curve". Generate subject certificates for the client and the subject, realize the distribution of subject certificates and subject private keys, and realize the secure transmission of messages. However, using certificates to achieve secure information transmission has the problem of high overhead.

因此如何在保持MQTT协议轻量化特点的同时解决MQTT协议的认证与加密问题就显得尤为重要。Therefore, it is particularly important to solve the authentication and encryption problems of the MQTT protocol while maintaining the lightweight characteristics of the MQTT protocol.

发明内容Summary of the invention

本发明为了克服以上技术的不足,提供了一种基于IPK的MQTT协议身份认证方法及数据传输方法,通过标识公钥技术,提出了终端设备的安全接入方案,降低了认证开销,防止了设备接入时可能出现的中间人攻击。In order to overcome the shortcomings of the above technologies, the present invention provides an MQTT protocol identity authentication method and a data transmission method based on IPK. By identifying public key technology, a secure access solution for terminal devices is proposed, which reduces authentication overhead and prevents man-in-the-middle attacks that may occur when devices are accessed.

本发明克服其技术问题所采用的技术方案是:本发明的第一个方面提出了一种基于IPK的MQTT协议的身份认证方法,应用于至少包括客户端、服务端和密钥管理中心的MQTT架构系统,所述服务端与密钥管理中心通过专用网络连接,身份认证方法包括,The technical solution adopted by the present invention to overcome the technical problems is as follows: the first aspect of the present invention proposes an identity authentication method based on the MQTT protocol of IPK, which is applied to an MQTT architecture system including at least a client, a server and a key management center, wherein the server is connected to the key management center via a dedicated network, and the identity authentication method includes:

客户端、服务端和密钥管理中心进行初始化:The client, server, and key management center are initialized:

密钥管理中心初始化至少包括基于第一密码算法生成公开参数,并构建私钥矩阵和公开的公钥矩阵,客户端和服务端初始化至少包括服务端获取客户端的标识参数,并将其注册至服务端并关联设备ID;The key management center initialization at least includes generating public parameters based on the first cryptographic algorithm and constructing a private key matrix and a public public key matrix. The client and server initialization at least includes the server obtaining the identification parameters of the client, registering them with the server and associating them with the device ID.

客户端与服务端建立连接:The client establishes a connection with the server:

所述客户端基于生成的第一随机数和标识参数计算得到对称密钥,基于公开参数和公钥矩阵计算得到服务端公钥,以及生成客户端公私钥对,并将对称密钥和服务端公钥加密的第一密文发送至服务端,服务端基于服务端私钥对第一密文解密,并基于解密结果对客户端进行身份验证从而建立客户端与服务端的连接,以及基于解密结果计算得到客户端公钥,并将服务端公钥、客户端公钥和设备ID发送至密钥管理中心;The client calculates a symmetric key based on the generated first random number and identification parameters, calculates a server public key based on the public parameters and the public key matrix, generates a client public-private key pair, and sends a first ciphertext encrypted by the symmetric key and the server public key to the server, the server decrypts the first ciphertext based on the server private key, authenticates the client based on the decryption result, thereby establishing a connection between the client and the server, and calculates a client public key based on the decryption result, and sends the server public key, the client public key and the device ID to the key management center;

客户端与服务端基于密钥管理中心进行双向身份验证:密钥管理中心基于服务端公钥、客户端公钥、设备ID、私钥矩阵和密钥管理中心私钥计算生成中心密钥和第一客户端公钥,并将中心密钥和第一客户端公钥发送至服务端,服务端基于客户端公钥对中心密钥和生成的会话密钥加密后并基于服务端私钥签名发送第二密文至客户端;客户端基于服务端公钥验签并解密第二密文获得中心密钥和会话密钥,基于中心密钥和客户端私钥计算得到中心私钥,并将通过中心私钥和服务端公钥加密身份信息,以及将其加入连接数据包发送至服务端;服务端基于第一客户端公钥和服务端私钥解密加密连接数据包得到身份信息,并在身份验证后返回连接数据包至客户端,从而完成客户端和服务端的双向安全认证。The client and the server perform two-way identity authentication based on the key management center: the key management center calculates and generates a central key and a first client public key based on the server public key, the client public key, the device ID, the private key matrix and the key management center private key, and sends the central key and the first client public key to the server. The server encrypts the central key and the generated session key based on the client public key and sends the second ciphertext to the client based on the server private key signature; the client verifies the signature based on the server public key and decrypts the second ciphertext to obtain the central key and the session key, calculates the central private key based on the central key and the client private key, encrypts the identity information with the central private key and the server public key, and adds it to the connection data packet and sends it to the server; the server decrypts the encrypted connection data packet based on the first client public key and the server private key to obtain the identity information, and returns the connection data packet to the client after identity authentication, thereby completing the two-way security authentication of the client and the server.

进一步的,所述服务端和客户端初始化,具体包括:所述服务端获取客户端标识参数;Furthermore, the server and client initialization specifically includes: the server obtaining a client identification parameter;

服务端注册客户端的参数包括标识参数和设备ID,其中,所述设备ID关联客户端的设备参数;建立与密钥管理中心的专用网络连接。The parameters for registering the client on the server side include identification parameters and device ID, wherein the device ID is associated with the device parameters of the client; and a dedicated network connection is established with the key management center.

进一步的,所述将对称密钥和服务端公钥加密的第一密文发送至服务端,具体包括:客户端采用对称密钥加密客户端公钥生成中间加密密文;基于服务端公钥加密中间加密密文、设备ID和第一随机数从而得到第一密文;客户端将第一密文发送至服务端。Furthermore, the first ciphertext encrypted by the symmetric key and the server public key is sent to the server, which specifically includes: the client uses the symmetric key to encrypt the client public key to generate an intermediate encrypted ciphertext; encrypts the intermediate encrypted ciphertext, the device ID and the first random number based on the server public key to obtain the first ciphertext; the client sends the first ciphertext to the server.

进一步的,所述基于解密结果对客户端进行身份验证从而建立客户端与服务端的连接,具体包括:基于解密第一密文得到设备ID,并在服务端中查找设备ID是否注册本地,若在服务端中查找到设备ID,则基于第一随机数和标识参数计算得到对称密钥,基于计算得到的对称密钥作为解密密钥获得客户端公钥,以及保存客户端公钥,并将服务端公钥、客户端公钥和设备ID发送至密钥管理中心;若服务端中查找不到设备ID,则服务端不与设备建立连接。Furthermore, the method of authenticating the client based on the decryption result to establish a connection between the client and the server specifically includes: obtaining the device ID based on decrypting the first ciphertext, and searching the server to see whether the device ID is registered locally; if the device ID is found in the server, calculating a symmetric key based on the first random number and the identification parameter, obtaining the client public key based on the calculated symmetric key as the decryption key, saving the client public key, and sending the server public key, the client public key and the device ID to the key management center; if the device ID cannot be found in the server, the server does not establish a connection with the device.

进一步的,所述密钥管理中心基于服务端公钥、客户端公钥、设备ID、私钥矩阵和密钥管理中心私钥计算生成中心密钥和第一客户端公钥,具体包括:密钥管理中心基于客户端公钥和服务端公钥计算得到伴随公钥;基于伴随公钥和设备ID计算得到映射序列;基于映射序列、私钥矩阵和密钥管理中心私钥计算生成中心密钥;基于伴随公钥、标识参数和公钥矩阵计算得到第一客户端公钥。Furthermore, the key management center generates a central key and a first client public key based on the server public key, the client public key, the device ID, the private key matrix and the key management center private key, specifically including: the key management center calculates an accompanying public key based on the client public key and the server public key; calculates a mapping sequence based on the accompanying public key and the device ID; generates a central key based on the mapping sequence, the private key matrix and the key management center private key; and calculates a first client public key based on the accompanying public key, identification parameters and the public key matrix.

通过标识参数中的设备ID或其他参数计算得到第一客户端公钥IPK即标识公钥。The first client public key IPK, ie, the identification public key, is calculated through the device ID or other parameters in the identification parameter.

进一步的,所述密钥管理中心初始化至少包括基于第一密码算法生成公开参数,并构建私钥矩阵和公开的公钥矩阵,具体包括:密钥管理中心采用SM2算法的椭圆曲线生成公开参数,并通过SM2算法参数生成私钥矩阵;基于私钥矩阵得到公钥矩阵。Furthermore, the initialization of the key management center at least includes generating public parameters based on the first cryptographic algorithm, and constructing a private key matrix and a public public key matrix, specifically including: the key management center uses the elliptic curve of the SM2 algorithm to generate public parameters, and generates a private key matrix through the SM2 algorithm parameters; and obtains a public key matrix based on the private key matrix.

进一步的,所述客户端基于生成的第一随机数和标识参数计算得到对称密钥,具体包括:所述客户端生成第一随机数,并将第一随机数和标识参数作为SM3的KDF算法的输入,生成对称密钥。Furthermore, the client calculates a symmetric key based on the generated first random number and identification parameters, specifically including: the client generates a first random number, and uses the first random number and identification parameters as inputs of the KDF algorithm of SM3 to generate a symmetric key.

进一步的,所述客户端基于SM2算法生成公私钥对。Furthermore, the client generates a public-private key pair based on the SM2 algorithm.

本发明的第二个方面还提出了一种基于IPK的MQTT协议的数据传输方法,应用于至少包括客户端、服务端和密钥管理中心的物联网系统,通过上述的一种基于IPK的MQTT协议的身份认证方法实现了客户端和服务端的身份双向安全认证,其中,所述客户端包括订阅端和发布端;所述订阅端生成订阅端密钥,所述发布端生成发布端密钥;订阅端订阅前或发布端发布前分别向服务端发送订阅端生成的订阅端密钥和发布端生成的发布端密钥,以及发送主题信息;服务端保存收到的订阅端密钥和发布端密钥,并根据收到的主题信息查询主题或创建主题,以及基于主题ID向密钥管理中心申请数据传输会话密钥;密钥管理中心生成随机密钥回传至服务端作为数据传输会话密钥;服务端基于服务端私钥对数据传输会话密钥进行签名并使用第一客户端公钥加密后发送至客户端;发布端基于服务端公钥验签并基于客户端私钥解密得到数据传输会话密钥,以及,基于数据传输会话密钥对发布数据包加密生成发布密文以及基于发布端密钥计算HMAC值后发送至服务端,服务端基于收到的发布消息验证HMAC,并基于订阅端密钥计算HMAC值后转发至订阅端;订阅端收到数据包后验证HMAC,并基于数据传输会话密钥进行解密,得到订阅数据信息。The second aspect of the present invention also proposes a data transmission method of the MQTT protocol based on IPK, which is applied to an Internet of Things system that includes at least a client, a server and a key management center. The above-mentioned identity authentication method based on the MQTT protocol of IPK is used to realize the bidirectional security authentication of the identity of the client and the server, wherein the client includes a subscriber and a publisher; the subscriber generates a subscriber key, and the publisher generates a publisher key; before the subscriber subscribes or before the publisher publishes, the subscriber key generated by the subscriber and the publisher key generated by the publisher are sent to the server respectively, and the topic information is sent; the server saves the received subscriber key and publisher key, and queries or creates a topic according to the received topic information, and sends the topic information to the server based on the topic ID. The key management center applies for a data transmission session key; the key management center generates a random key and transmits it back to the server as the data transmission session key; the server signs the data transmission session key based on the server private key and encrypts it with the first client public key and sends it to the client; the publisher verifies the signature based on the server public key and decrypts it based on the client private key to obtain the data transmission session key, and encrypts the published data packet based on the data transmission session key to generate a published ciphertext and calculates the HMAC value based on the publisher key and sends it to the server, the server verifies the HMAC based on the received publication message, calculates the HMAC value based on the subscriber key and forwards it to the subscriber; the subscriber verifies the HMAC after receiving the data packet, and decrypts it based on the data transmission session key to obtain the subscription data information.

采用HMAC的方式来保证数据传输的完整性与真实性。The HMAC method is used to ensure the integrity and authenticity of data transmission.

本发明的第三个方面还提出了一种基于IPK的MQTT协议的数据传输方法,应用于至少包括客户端、服务端和密钥管理中心的物联网系统,通过上述一种基于IPK的MQTT协议的身份认证方法实现了客户端和服务端的身份双向安全认证,其中,所述客户端包括订阅端和发布端;订阅端订阅前或发布端发布前向服务端发送主题信息;服务端根据收到的主题信息查询主题或创建主题,并基于主题ID向密钥管理中心申请会话密钥;密钥管理中心生成随机密钥回传至服务端作为数据传输会话密钥;服务端基于服务端私钥对数据传输会话密钥签名并使用第一客户端公钥加密后发送会话密钥数据包至客户端;客户端基于服务端公钥对接收的数据传输会话密钥数据包验签,并基于客户端私钥对会话密钥数据包解密得到数据传输会话密钥;发布端基于会话密钥对数据加密并采用中心私钥对发布数据进行签名后发送至服务端,服务端将接收到的发布数据验签后转发至订阅端;订阅对应主题ID的订阅端收到数据包后基于服务端公钥验签,以及基于会话密钥,并基于会话密钥进行解密,得到订阅数据信息。The third aspect of the present invention further proposes a data transmission method of the MQTT protocol based on IPK, which is applied to an Internet of Things system including at least a client, a server and a key management center. The identity authentication method of the MQTT protocol based on IPK is used to realize the bidirectional security authentication of the client and the server, wherein the client includes a subscriber and a publisher; the subscriber sends topic information to the server before subscribing or the publisher sends topic information to the server before publishing; the server queries the topic or creates a topic based on the received topic information, and applies for a session key from the key management center based on the topic ID; the key management center generates a random key and transmits it back to the server as a data transmission session key; The server signs the data transmission session key based on the server private key and encrypts it with the first client public key before sending the session key data packet to the client; the client verifies the signature of the received data transmission session key data packet based on the server public key, and decrypts the session key data packet based on the client private key to obtain the data transmission session key; the publisher encrypts the data based on the session key and signs the published data with the central private key before sending it to the server, and the server verifies the signature of the received published data and forwards it to the subscriber; after receiving the data packet, the subscriber who subscribes to the corresponding topic ID verifies the signature based on the server public key and based on the session key, and decrypts it based on the session key to obtain the subscription data information.

采用数字签名的方式来保证数据传输的完整性与真实性。Digital signatures are used to ensure the integrity and authenticity of data transmission.

本发明的有益效果是:The beneficial effects of the present invention are:

1、提出了终端设备的身份认证方法,防止了可能出现的中间人攻击和假冒攻击;1. Proposed a terminal device identity authentication method to prevent possible man-in-the-middle attacks and counterfeit attacks;

2、通过基于IPK的MQTT无证书双向认证方案,保证客户端与MQTT Broker之间是可信任的,同时降低认证开销;2. Through the IPK-based MQTT certificate-free two-way authentication solution, the client and MQTT Broker are guaranteed to be trustworthy while reducing the authentication overhead;

3、根据终端算力不同分别采用基于HMAC或数字签名的方式来保证数据的完整性与真实性;3. Depending on the computing power of the terminal, HMAC or digital signature based methods are used to ensure the integrity and authenticity of the data;

4、在密钥分发及数据传输过程中数据均以密文形式传输,只有订阅同一主题的客户端才能拥有密钥并解密获得明文信息;4. During the key distribution and data transmission process, data is transmitted in ciphertext form. Only clients subscribing to the same topic can possess the key and decrypt to obtain plaintext information;

5、采用基于主题的密钥分发,降低了设备的计算量,并且没有破坏发布者与订阅者之间空间与时间的解耦;5. The use of topic-based key distribution reduces the amount of computing power on the device without destroying the spatial and temporal decoupling between publishers and subscribers;

6、在身份安全认证阶段,攻击者无法假冒客户端连接MQTT Broker ,MQTT Broker中仅配置了客户端的身份信息而无攻击者信息,即使攻击者伪造客户端信息,但由于客户端发布的CONNECT数据包中包含有用户名和密码信息,攻击者依然无法连接至MQTTBroker;6. During the identity security authentication phase, attackers cannot impersonate clients to connect to MQTT Broker. MQTT Broker only configures the client's identity information but not the attacker's information. Even if the attacker forges the client's information, the CONNECT data packet issued by the client contains the username and password information, so the attacker still cannot connect to MQTT Broker.

7、在身份安全认证阶段,攻击者也无法假冒MQTT Broker连接客户端,客户端申请连接至MQTT Broker时就采用客户端公钥对信息进行加密,攻击者无法获得客户端公钥,从而无法与客户端进行后续交互;7. During the identity security authentication stage, attackers cannot impersonate MQTT Broker to connect to the client. When the client applies to connect to MQTT Broker, the client public key is used to encrypt the information. The attacker cannot obtain the client public key and thus cannot interact with the client in the future.

8、在数据传输阶段,提供了HMAC与私钥签名两种方式均可以保证数据的真实性,攻击者无法冒充客户端发送信息。8. During the data transmission stage, HMAC and private key signature are provided to ensure the authenticity of the data, and attackers cannot impersonate the client to send information.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

图1为本发明实施例所应用的MQTT架构系统;FIG1 is an MQTT architecture system used in an embodiment of the present invention;

图2为本发明实施例的一种基于IPK的MQTT协议的身份认证方法的流程图;FIG2 is a flow chart of an identity authentication method based on the IPK MQTT protocol according to an embodiment of the present invention;

图3为本发明实施例的通过验证HMAC实现的基于IPK的MQTT协议的数据传输方法的流程图;3 is a flow chart of a data transmission method of the MQTT protocol based on IPK implemented by verifying HMAC according to an embodiment of the present invention;

图4为本发明实施例的通过数字签名认证实现的基于IPK的MQTT协议的数据传输方法的流程图。FIG4 is a flow chart of a data transmission method of the MQTT protocol based on IPK implemented by digital signature authentication in an embodiment of the present invention.

具体实施方式DETAILED DESCRIPTION

首先对本发明中提到的一些缩略语及关键术语进行说明。First, some abbreviations and key terms mentioned in the present invention are explained.

MQTT:应用于物联网应用的轻量级消息传递协议,MQTT 允许设备与设备、服务器或云服务通信,实时交换数据;MQTT: A lightweight messaging protocol for IoT applications. MQTT allows devices to communicate with other devices, servers, or cloud services to exchange data in real time.

MQTT Broker :MQTT 架构的核心,负责协调 MQTT 客户端(发布者和订阅者)之间的通信,作为服务器,它接收发布者发送的消息,并根据订阅者订阅的主题将消息转发给订阅者。它管理客户端连接、处理订阅和退订,并保证按照指定的服务质量(QoS)级别发送消息。MQTT Broker: The core of the MQTT architecture, responsible for coordinating communications between MQTT clients (publishers and subscribers). As a server, it receives messages sent by publishers and forwards messages to subscribers based on the topics they subscribe to. It manages client connections, handles subscriptions and unsubscriptions, and ensures that messages are sent at the specified Quality of Service (QoS) level.

IPK:一种非对称的公钥密码体系,作为一种安全自证体系,实现了标识与密钥的关联,解决了公钥体制下的公钥分发和公钥真实性证明的问题。IPK具有无需第三方参与认证、低功耗、对网络带宽要求低、与CA体系兼容等优点,对于物联网安全接入与安全防御更加灵活、有效。IPK: An asymmetric public key cryptography system, as a security self-certification system, realizes the association between identification and key, and solves the problems of public key distribution and public key authenticity proof under the public key system. IPK has the advantages of no need for third-party participation in authentication, low power consumption, low network bandwidth requirements, and compatibility with the CA system. It is more flexible and effective for IoT security access and security defense.

HMAC:Hash-based Message Authentication Code,密钥相关的哈希运算消息认证码的缩写,一种基于Hash函数和密钥进行消息认证的方法。HMAC: Hash-based Message Authentication Code, the abbreviation of key-related hash operation message authentication code, a method of message authentication based on hash function and key.

为了便于本领域人员更好的理解本发明,下面结合附图和具体实施例对本发明做进一步详细说明,下述仅是示例性的不限定本发明的保护范围。In order to facilitate those skilled in the art to better understand the present invention, the present invention is further described in detail below in conjunction with the accompanying drawings and specific embodiments. The following is only exemplary and does not limit the protection scope of the present invention.

如图1所示,本发明实施例所应用的MQTT架构示意图,MQTT架构包括客户端,服务端MQTT Broker和密钥管理中心KMC,服务端与密钥管理中心通过专用网络VPN连接。实现本发明一种基于IPK的MQTT协议的身份认证方法的流程示意图如图2所示,主要包括如下几个步骤:分别对每个步骤进行详细示例说明如下。As shown in Figure 1, the schematic diagram of the MQTT architecture used in the embodiment of the present invention, the MQTT architecture includes a client, a server MQTT Broker and a key management center KMC, and the server is connected to the key management center through a private network VPN. The flowchart of the identity authentication method of the MQTT protocol based on IPK of the present invention is shown in Figure 2, which mainly includes the following steps: Each step is described in detail as follows.

S1,客户端、服务端和密钥管理中心进行初始化。S1, the client, server and key management center are initialized.

服务端MQTT Broker获取要注册的设备的标识参数IDS,标识参数IDS可以为CMIITID、ICCID、IMSI、设备名称、设备MAC等中的任一种或多种,为唯一参数。注册客户端时,服务端除了注册标识参数,还有设备ID,其中设备ID与设备的标识参数或其他设备参数相关联,为服务端规定的,每个客户端具备唯一的ID号。The server-side MQTT Broker obtains the identification parameter IDS of the device to be registered. The identification parameter IDS can be any one or more of CMIITID, ICCID, IMSI, device name, device MAC, etc., which is a unique parameter. When registering a client, the server registers the device ID in addition to the identification parameter. The device ID is associated with the device's identification parameter or other device parameters and is specified by the server. Each client has a unique ID number.

密钥管理中心的初始化过程构建私钥矩阵和公钥矩阵。The initialization process of the key management center builds the private key matrix and the public key matrix.

在本发明的一个实施中,密钥管理中心KMC选择SM2算法的椭圆曲线,计算椭圆曲线的阶N并找一个比较大的因子n,然后根据n找出一个合适的基准点G,并选择SM2算法中的参数并公开。In one implementation of the present invention, the key management center KMC selects the elliptic curve of the SM2 algorithm, calculates the order N of the elliptic curve and finds a relatively large factor n, then finds a suitable reference point G based on n, and selects parameters in the SM2 algorithm and makes them public.

密钥管理中心利用选择的参数生成32个私钥组成的私钥矩阵并衍生出对应的32个公钥组成的公钥矩阵(R=r•G),私钥矩阵密钥管理中心KMC保存,公钥矩阵对外公开。The key management center uses the selected parameters to generate a private key matrix consisting of 32 private keys and derives a corresponding public key matrix consisting of 32 public keys (R=r•G). The private key matrix is saved by the key management center KMC, and the public key matrix is open to the public.

需要说明的是,根据对外公开的公钥矩阵可以计算得到算法中的参数,再去根据参数加密。It should be noted that the parameters in the algorithm can be calculated based on the public key matrix that is open to the public, and then encryption can be performed based on the parameters.

S2,客户端与服务端建立连接。S2, the client establishes a connection with the server.

S21,客户端基于生成的第一随机数和标识参数计算得到对称密钥。S21, the client calculates a symmetric key based on the generated first random number and the identification parameter.

在本发明的一个实施例中,客户端生成随机数S,并以标识参数IDS和生成的随机数S为输入,使用基于SM3的KDF算法生成16字节的对称密钥K1,如公式(1)所示。In one embodiment of the present invention, the client generates a random number S, and uses the identification parameter IDS and the generated random number S as input to generate a 16-byte symmetric key K1 using a KDF algorithm based on SM3, as shown in formula (1).

K1 = KDF(IDS, S) (1)K1 = KDF(IDS, S) (1)

S22,客户端获取公开参数和公钥矩阵,计算得到服务端私钥r2和服务端公钥R2。S22, the client obtains the public parameters and the public key matrix, and calculates the server private key r2 and the server public key R2.

S23,客户端基于SM2算法生成公私钥对(R1,r1),并将客户端公钥R1对外公开,客户端私钥r1保存。采用对称密钥K1加密客户端公钥R1生成中间加密密文P1,客户端再将中间加密密文P1、设备ID、随机数S采用服务端公钥R2加密生成第一密文P2,如公式(2)所示。S23, the client generates a public-private key pair (R1, r1) based on the SM2 algorithm, and makes the client public key R1 public, and saves the client private key r1. The client public key R1 is encrypted with the symmetric key K1 to generate the intermediate encrypted ciphertext P1. The client then encrypts the intermediate encrypted ciphertext P1, the device ID, and the random number S with the server public key R2 to generate the first ciphertext P2, as shown in formula (2).

P2 = Enc(R2,(Enc_K1(R1), ID, S)) (2)P2 = Enc(R2, (Enc_K1(R1), ID, S)) (2)

S24,客户端将第一密文P2发送给服务端MQTT Broker。S24, the client sends the first ciphertext P2 to the server MQTT Broker.

S25,MQTT Broker使用服务端私钥r2解密第一密文P2,并根据解密后得到的设备ID在服务端的本地身份列表中进行查找。S25, MQTT Broker uses the server private key r2 to decrypt the first ciphertext P2, and searches the local identity list of the server according to the device ID obtained after decryption.

如果服务端在本地身份列表中查找到对应的设备ID,则根据随机数S和对应设备ID的标识参数IDS计算对应设备的对称密钥K1,将对称密钥K1作为解密密钥获得客户端公钥R1,并保存客户端公钥R1。服务端将服务端公钥R2、客户端公钥R1和设备ID信息发送至密钥管理中心。If the server finds the corresponding device ID in the local identity list, it calculates the symmetric key K1 of the corresponding device based on the random number S and the identification parameter IDS of the corresponding device ID, uses the symmetric key K1 as the decryption key to obtain the client public key R1, and saves the client public key R1. The server sends the server public key R2, the client public key R1 and the device ID information to the key management center.

若设备ID不存在则身份鉴权失败,服务端不与该客户端建立连接。If the device ID does not exist, the identity authentication fails and the server does not establish a connection with the client.

S3,客户端与服务端基于密钥管理中心进行双向身份验证。S3, the client and the server perform two-way authentication based on the key management center.

S31,密钥管理中心基于服务端公钥、客户端公钥、设备ID、私钥矩阵和密钥管理中心私钥计算生成中心密钥和第一客户端公钥;S31, the key management center calculates and generates a central key and a first client public key based on the server public key, the client public key, the device ID, the private key matrix and the key management center private key;

密钥管理中心通过客户端公钥R1和服务端公钥R2计算得到伴随公钥R,R=R1+R2。The key management center calculates the accompanying public key R through the client public key R1 and the server public key R2, R=R1+R2.

通过伴随公钥R和设备ID计算获得映射序列;The mapping sequence is obtained by calculating the accompanying public key R and the device ID;

并基于映射序列、私钥矩阵和密钥管理中心私钥计算生成中心密钥isk';And based on the mapping sequence, the private key matrix and the private key of the key management center, a central key isk' is calculated and generated;

密钥管理中心KMC基于伴随公钥R、设备ID和公钥矩阵计算得到第一客户端公钥IPK;The key management center KMC calculates the first client public key IPK based on the accompanying public key R, the device ID and the public key matrix;

密钥管理中心KMC将中心密钥isk'、第一客户端公钥IPK发送至服务端。The key management center KMC sends the central key isk' and the first client public key IPK to the server.

S32,服务端根据利用客户端公钥R1对中心密钥isk'和会话密钥K2加密,并根据服务端私钥签名后将第二密文发送至客户端。S32, the server encrypts the central key isk' and the session key K2 using the client public key R1, signs the second ciphertext with the server private key and sends it to the client.

其中,会话密钥为服务端随机生成的会话密钥K2。The session key is the session key K2 randomly generated by the server.

S33,客户端基于服务端公钥验签并解密第二密文获得中心密钥和会话密钥,基于中心密钥和客户端私钥计算得到中心私钥,并将通过中心私钥和服务端公钥加密身份信息,以及将其加入连接数据包发送至服务端。S33, the client verifies the signature based on the server public key and decrypts the second ciphertext to obtain the central key and session key, calculates the central private key based on the central key and the client private key, encrypts the identity information using the central private key and the server public key, and adds it to the connection data packet and sends it to the server.

客户端使用服务端公钥验签,用客户端私钥r1解密,解密后获得的中心密钥isk'和第一客户端公钥IPK。基于中心密钥isk'和客户端私钥r1计算得到中心私钥isk。The client uses the server public key to verify the signature and uses the client private key r1 to decrypt the central key isk' and the first client public key IPK. The central private key isk is calculated based on the central key isk' and the client private key r1.

客户端通过中心私钥isk和服务端公钥R2分别加密用户名和密码,并将用户名和密码对应的密文,将其加入CONNECT连接数据包发送至服务端MQTT Broker。The client encrypts the username and password using the central private key isk and the server public key R2 respectively, and adds the ciphertext corresponding to the username and password to the CONNECT connection data packet and sends it to the server MQTT Broker.

S34,服务端基于第一客户端公钥IPK和服务端私钥解密连接数据包得到身份信息,并在身份验证后返回连接数据包至客户端,从而完成客户端和服务端的双向安全认证。S34, the server decrypts the connection data packet based on the first client public key IPK and the server private key to obtain identity information, and returns the connection data packet to the client after identity authentication, thereby completing two-way security authentication between the client and the server.

服务端收到CONNECT数据包后用第一客户端公钥IPK和服务端私钥解密得到用户名和密码,身份验证后返回CONNECT数据包到客户端,从而完成了客户端和服务端的双向安全认证。After receiving the CONNECT data packet, the server uses the first client public key IPK and the server private key to decrypt and obtain the username and password. After identity authentication, the CONNECT data packet is returned to the client, thus completing the two-way security authentication between the client and the server.

在本发明的另一个实施例中,还提出了一种基于IPK的MQTT协议的数据传输方法,在客户端和服务端实现了身份安全认证的基础上,进行数据传输。其中客户端分为订阅端和发布端,基于MQTT协议基于主题进行密钥分发,降低设备的计算量。In another embodiment of the present invention, a data transmission method based on the MQTT protocol of IPK is also proposed, and data transmission is performed on the basis of identity security authentication implemented on the client and the server. The client is divided into a subscriber and a publisher, and key distribution is performed based on the MQTT protocol based on the topic, thereby reducing the computing amount of the device.

在实际应用中可根据终端算力的不同选择采用HMAC验证或者是数字签名的方式保证数据传输的完整性和真实性。In practical applications, HMAC verification or digital signature can be used to ensure the integrity and authenticity of data transmission according to the different computing power of the terminal.

在本发明的一个实施例中,采用HMAC验证客户端与服务端进行数据传输的完整性和真实性,流程图如图3所示,具体包括以下步骤:In one embodiment of the present invention, HMAC is used to verify the integrity and authenticity of data transmission between the client and the server. The flow chart is shown in FIG3 , which specifically includes the following steps:

S41,订阅端生成用于进行HMAC计算的订阅端密钥KEY_S,发布端生成用于进行HMAC计算的发布端密钥KEY_P。S41, the subscriber generates a subscriber key KEY_S for HMAC calculation, and the publisher generates a publisher key KEY_P for HMAC calculation.

S42,订阅端和发布端分别向服务端发送主题信息,并分别将订阅端密钥KEY_和发布端密钥KEY_P发送至服务端。S42, the subscriber and publisher send topic information to the server respectively, and send the subscriber key KEY_ and publisher key KEY_P to the server respectively.

S43,服务端MQTT Broker保存收到的订阅端密钥和发布端密钥,并根据收到的主题信息查询主题或创建主题,以及基于主题ID向密钥管理中心申请数据传输会话密钥。S43, the server-side MQTT Broker saves the received subscriber key and publisher key, queries or creates a topic according to the received topic information, and applies for a data transmission session key from the key management center based on the topic ID.

服务端MQTT Broker根据收到的主题信息查询本地主题是否存在,若主题不存在,则服务端MQTT Broker创建该主题。The server-side MQTT Broker queries whether the local topic exists based on the received topic information. If the topic does not exist, the server-side MQTT Broker creates the topic.

S44,服务端MQTT Broker基于该主题ID向密钥管理中心申请数据传输会话密钥Key。S44, the server-side MQTT Broker applies for a data transmission session key Key from the key management center based on the topic ID.

S45,密钥管理中心生成随机密钥作为数据传输会话密钥Key并回传服务端MQTTBroker。S45, the key management center generates a random key as the data transmission session key Key and returns it to the server-side MQTT Broker.

S46,服务端MQTT Broker用服务端私钥对数据传输会话密钥Key进行签名并使用第一客户端公钥IPK加密后发送数据传输会话密钥Key数据包至对应的客户端。S46, the server-side MQTT Broker signs the data transmission session key Key with the server-side private key and encrypts it with the first client public key IPK and then sends the data transmission session key Key data packet to the corresponding client.

S47,发布端收到数据传输会话密钥Key数据包后用服务端公钥验签,并基于客户端私钥解密后得到数据传输会话密钥Key,发布端通过数据传输会话密钥Key对发布数据包加密生成发布密文以及基于发布端密钥计算HMAC值后发送至服务端。S47, after receiving the data transmission session key Key data packet, the publisher verifies the signature with the server public key, and obtains the data transmission session key Key after decryption based on the client private key. The publisher encrypts the publishing data packet with the data transmission session key Key to generate the publishing ciphertext, and calculates the HMAC value based on the publisher key and sends it to the server.

S48,服务端MQTT Broker收到信息后验证HMAC,并基于订阅秘钥KEY_S重新计算HMAC后将信息转发到订阅端。S48, after receiving the information, the server-side MQTT Broker verifies the HMAC, recalculates the HMAC based on the subscription key KEY_S, and then forwards the information to the subscriber.

S49,订阅端在收到数据包后验证HMAC,并基于数据传输会话密钥进行解密,得到订阅数据信息。S49, after receiving the data packet, the subscriber verifies the HMAC and decrypts it based on the data transmission session key to obtain the subscription data information.

在本发明的另一个实施例中,还提出了一种基于IPK的MQTT协议的数据传输方法,采用数字签名验证保证数据传输的完整性和真实性。流程示意图如图4所示。包括以下步骤。In another embodiment of the present invention, a data transmission method based on the MQTT protocol of IPK is also proposed, which uses digital signature verification to ensure the integrity and authenticity of data transmission. The flow chart is shown in Figure 4. It includes the following steps.

S51,订阅端订阅前或发布端发布向服务端发送主题信息;S51, the subscriber sends topic information to the server before subscribing or the publisher publishes;

S52,服务端根据收到的主题信息查询主题或创建主题,并基于主题ID向密钥管理中心申请会话密钥。S52, the server queries the topic or creates a topic according to the received topic information, and applies for a session key from the key management center based on the topic ID.

服务端MQTT Broker根据收到的主题信息查询本地主题是否存在,若主题不存在,则服务端MQTT Broker创建该主题。The server-side MQTT Broker queries whether the local topic exists based on the received topic information. If the topic does not exist, the server-side MQTT Broker creates the topic.

S53,密钥管理中心生成随机密钥回传至服务端作为数据传输会话密钥。S53: The key management center generates a random key and transmits it back to the server as a data transmission session key.

S54,服务端基于服务端私钥对数据传输会话密钥签名并使用第一客户端公钥IPK加密后发送会话密钥数据包至客户端;S54, the server signs the data transmission session key based on the server private key, encrypts it with the first client public key IPK, and then sends the session key data packet to the client;

S54,客户端基于服务端公钥对接收的会话密钥数据包验签,并基于客户端私钥对会话密钥数据包解密得到数据传输会话密钥;S54, the client verifies the signature of the received session key data packet based on the server public key, and decrypts the session key data packet based on the client private key to obtain the data transmission session key;

S55,发布端基于会话密钥对数据加密并采用中心私钥对发布数据进行签名后发送至服务端,服务端将收到的发布数据验签后转发至订阅端;S55, the publisher encrypts the data based on the session key and signs the published data with the central private key and sends it to the server. The server verifies the signature of the received published data and forwards it to the subscriber.

S56,订阅对应主题ID的订阅端收到数据包后基于服务端公钥验签,以及基于数据传输会话密钥进行解密,得到订阅数据信息。S56, after receiving the data packet, the subscriber who subscribes to the corresponding topic ID verifies the signature based on the server public key and decrypts it based on the data transmission session key to obtain the subscription data information.

在密钥分发及数据传输过程中数据均以密文形式传输,只有订阅同一主题的客户端才能拥有密钥并解密获得明文信息。During the key distribution and data transmission process, data is transmitted in ciphertext form. Only clients subscribed to the same topic can possess the key and decrypt to obtain plaintext information.

通过本发明提出的一种基于IPK的MQTT协议的身份认证方法和数据传输方法,在客户端和服务端的身份认证阶段和数据传输阶段,防止了假冒攻击和中间人攻击。By adopting an identity authentication method and a data transmission method of the MQTT protocol based on IPK proposed by the present invention, fake attacks and man-in-the-middle attacks are prevented in the identity authentication stage and the data transmission stage of the client and the server.

需要说明的是:其他实施例中并不一定按照本说明书示出和描述的顺序来执行相应方法的步骤。在一些其他实施例中,其方法所包括的步骤可以比本说明书所描述的更多或更少。此外,本说明书中所描述的单个步骤,在其他实施例中可能被分解为多个步骤进行描述;而本说明书中所描述的多个步骤,在其他实施例中也可能被合并为单个步骤进行描述。It should be noted that: in other embodiments, the steps of the corresponding method are not necessarily performed in the order shown and described in this specification. In some other embodiments, the steps included in the method may be more or less than those described in this specification. In addition, a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may be combined into a single step for description in other embodiments.

Claims (10)

1.一种基于IPK的MQTT协议的身份认证方法,其特征在于,应用于至少包括客户端,服务端和密钥管理中心的MQTT架构系统,所述服务端与密钥管理中心通过专用网络连接,身份认证方法包括,1. An identity authentication method based on the MQTT protocol of IPK, characterized in that it is applied to an MQTT architecture system including at least a client, a server and a key management center, wherein the server and the key management center are connected via a dedicated network, and the identity authentication method includes: 客户端、服务端和密钥管理中心进行初始化:The client, server, and key management center are initialized: 密钥管理中心初始化至少包括基于第一密码算法生成公开参数,并构建私钥矩阵和公开的公钥矩阵,客户端和服务端初始化至少包括服务端获取客户端的标识参数,并将其注册至服务端并关联设备ID;The key management center initialization at least includes generating public parameters based on the first cryptographic algorithm and constructing a private key matrix and a public public key matrix. The client and server initialization at least includes the server obtaining the identification parameters of the client, registering them with the server and associating them with the device ID. 客户端与服务端建立连接:The client establishes a connection with the server: 所述客户端基于生成的第一随机数和标识参数计算得到对称密钥,基于公开参数和公钥矩阵计算得到服务端公钥,以及生成客户端公私钥对,并将对称密钥和服务端公钥加密的第一密文发送至服务端,The client calculates a symmetric key based on the generated first random number and the identification parameter, calculates a server public key based on the public parameter and the public key matrix, generates a client public-private key pair, and sends the first ciphertext encrypted by the symmetric key and the server public key to the server, 服务端基于服务端私钥对第一密文解密,并基于解密结果对客户端进行身份验证从而建立客户端与服务端的连接,以及基于解密结果计算得到客户端公钥,并将服务端公钥、客户端公钥和设备ID发送至密钥管理中心;The server decrypts the first ciphertext based on the server private key, authenticates the client based on the decryption result, thereby establishing a connection between the client and the server, calculates the client public key based on the decryption result, and sends the server public key, the client public key and the device ID to the key management center; 客户端与服务端基于密钥管理中心进行双向身份验证:The client and server perform two-way authentication based on the key management center: 密钥管理中心基于服务端公钥、客户端公钥、设备ID、私钥矩阵和密钥管理中心私钥计算生成中心密钥和第一客户端公钥,并将中心密钥和第一客户端公钥发送至服务端,The key management center calculates and generates a central key and a first client public key based on the server public key, the client public key, the device ID, the private key matrix and the key management center private key, and sends the central key and the first client public key to the server. 服务端基于客户端公钥对中心密钥和生成的会话密钥加密后并基于服务端私钥签名发送第二密文至客户端;The server encrypts the central key and the generated session key based on the client public key and sends the second ciphertext to the client based on the server private key signature; 客户端基于服务端公钥验签并解密第二密文获得中心密钥和会话密钥,基于中心密钥和客户端私钥计算得到中心私钥,并将通过中心私钥和服务端公钥加密身份信息,以及将其加入连接数据包发送至服务端;The client verifies the signature based on the server public key and decrypts the second ciphertext to obtain the central key and session key, calculates the central private key based on the central key and the client private key, encrypts the identity information with the central private key and the server public key, and adds it to the connection data packet and sends it to the server; 服务端基于第一客户端公钥和服务端私钥解密加密连接数据包得到身份信息,并在身份验证后返回连接数据包至客户端,从而完成客户端和服务端的双向安全认证。The server decrypts the encrypted connection data packet based on the first client public key and the server private key to obtain the identity information, and returns the connection data packet to the client after identity verification, thereby completing the two-way security authentication between the client and the server. 2.根据权利要求1所述的一种基于IPK的MQTT协议的身份认证方法,其特征在于,所述服务端和客户端初始化,具体包括:2. According to an identity authentication method based on the MQTT protocol of IPK according to claim 1, it is characterized in that the server and the client are initialized, specifically comprising: 所述服务端获取客户端标识参数;The server obtains the client identification parameter; 服务端注册客户端的参数包括标识参数和设备ID,其中,所述设备ID关联客户端的设备参数;The parameters for registering the client on the server include identification parameters and device ID, wherein the device ID is associated with the device parameters of the client; 建立与密钥管理中心的专用网络连接。Establish a dedicated network connection to the key management center. 3.根据权利要求2所述的一种基于IPK的MQTT协议的身份认证方法,其特征在于,所述将对称密钥和服务端公钥加密的第一密文发送至服务端,具体包括:3. According to the identity authentication method of the MQTT protocol based on IPK in claim 2, it is characterized in that the first ciphertext encrypted by the symmetric key and the server public key is sent to the server, specifically comprising: 客户端采用对称密钥加密客户端公钥生成中间加密密文;The client uses a symmetric key to encrypt the client public key to generate an intermediate encrypted ciphertext; 基于服务端公钥加密中间加密密文、设备ID和第一随机数从而得到第一密文;Encrypting the intermediate encrypted ciphertext, the device ID, and the first random number based on the server public key to obtain a first ciphertext; 客户端将第一密文发送至服务端。The client sends the first ciphertext to the server. 4.根据权利要求3所述的一种基于IPK的MQTT协议的身份认证方法,其特征在于,4. The identity authentication method of the MQTT protocol based on IPK according to claim 3, characterized in that: 所述基于解密结果对客户端进行身份验证从而建立客户端与服务端的连接,具体包括:The authentication of the client based on the decryption result to establish a connection between the client and the server specifically includes: 基于解密第一密文得到设备ID,并在服务端中查找设备ID是否注册本地,The device ID is obtained by decrypting the first ciphertext, and the server searches for the device ID to see if it is registered locally. 若在服务端中查找到设备ID,则基于第一随机数和标识参数计算得到对称密钥,基于计算得到的对称密钥作为解密密钥获得客户端公钥,以及保存客户端公钥,并将服务端公钥、客户端公钥和设备ID发送至密钥管理中心;If the device ID is found in the server, a symmetric key is calculated based on the first random number and the identification parameter, a client public key is obtained based on the calculated symmetric key as a decryption key, the client public key is saved, and the server public key, the client public key and the device ID are sent to the key management center; 若服务端中查找不到设备ID,则服务端不与设备建立连接。If the device ID cannot be found in the server, the server will not establish a connection with the device. 5.根据权利要求4所述的一种基于IPK的MQTT协议的身份认证方法,其特征在于,所述密钥管理中心基于服务端公钥、客户端公钥、设备ID、私钥矩阵和密钥管理中心私钥计算生成中心密钥和第一客户端公钥,具体包括:5. According to an identity authentication method of the MQTT protocol based on IPK according to claim 4, it is characterized in that the key management center calculates and generates a central key and a first client public key based on the server public key, the client public key, the device ID, the private key matrix and the key management center private key, specifically comprising: 密钥管理中心基于客户端公钥和服务端公钥计算得到伴随公钥;The key management center calculates the accompanying public key based on the client public key and the server public key; 基于伴随公钥和设备ID计算得到映射序列;A mapping sequence is calculated based on the accompanying public key and the device ID; 基于映射序列、私钥矩阵和密钥管理中心私钥计算生成中心密钥;Generate a central key based on the mapping sequence, the private key matrix and the private key of the key management center; 基于伴随公钥、设备ID和公钥矩阵计算得到第一客户端公钥。The first client public key is calculated based on the companion public key, the device ID and the public key matrix. 6.根据权利要求1所述的一种基于IPK的MQTT协议的身份认证方法,其特征在于,所述密钥管理中心初始化至少包括基于第一密码算法生成公开参数,并构建私钥矩阵和公开的公钥矩阵,具体包括:6. The identity authentication method of the MQTT protocol based on IPK according to claim 1, characterized in that the initialization of the key management center at least includes generating public parameters based on the first cryptographic algorithm, and constructing a private key matrix and a public public key matrix, specifically including: 密钥管理中心采用SM2算法的椭圆曲线生成公开参数,并通过SM2算法参数生成私钥矩阵;The key management center uses the elliptic curve of the SM2 algorithm to generate public parameters, and generates the private key matrix through the SM2 algorithm parameters; 基于私钥矩阵得到公钥矩阵。The public key matrix is obtained based on the private key matrix. 7.根据权利要求1所述的一种基于IPK的MQTT协议的身份认证方法,其特征在于,所述客户端基于生成的第一随机数和标识参数计算得到对称密钥,具体包括:7. The identity authentication method of the MQTT protocol based on IPK according to claim 1 is characterized in that the client calculates the symmetric key based on the generated first random number and the identification parameter, specifically comprising: 所述客户端生成第一随机数,并将第一随机数和标识参数作为SM3的KDF算法的输入,生成对称密钥。The client generates a first random number, and uses the first random number and an identification parameter as inputs to the KDF algorithm of SM3 to generate a symmetric key. 8.根据权利要求1所述的一种基于IPK的MQTT协议的身份认证方法,其特征在于,所述客户端基于SM2算法生成公私钥对。8. The identity authentication method of the MQTT protocol based on IPK according to claim 1 is characterized in that the client generates a public-private key pair based on the SM2 algorithm. 9.一种基于IPK的MQTT协议的数据传输方法,其特征在于,应用于至少包括客户端、服务端和密钥管理中心的物联网系统,通过权利要求1-8任一项所述的一种基于IPK的MQTT协议的身份认证方法实现了客户端和服务端的身份双向安全认证,其中,所述客户端包括订阅端和发布端;9. A data transmission method of the MQTT protocol based on IPK, characterized in that it is applied to an Internet of Things system including at least a client, a server and a key management center, and realizes a two-way security authentication of the identity of the client and the server through an identity authentication method of the MQTT protocol based on IPK according to any one of claims 1 to 8, wherein the client includes a subscriber and a publisher; 所述订阅端生成订阅端密钥,所述发布端生成发布端密钥;The subscriber generates a subscriber key, and the publisher generates a publisher key; 订阅端订阅前或发布端发布前分别向服务端发送订阅端生成的订阅端密钥和发布端生成的发布端密钥,以及发送主题信息;Before the subscriber subscribes or the publisher publishes, the subscriber key generated by the subscriber and the publisher key generated by the publisher are sent to the server, as well as the topic information; 服务端保存收到的订阅端密钥和发布端密钥,并根据收到的主题信息查询主题或创建主题,以及基于主题ID向密钥管理中心申请数据传输会话密钥;The server saves the received subscriber key and publisher key, queries or creates topics based on the received topic information, and applies to the key management center for a data transmission session key based on the topic ID; 密钥管理中心生成随机密钥回传至服务端作为数据传输会话密钥;The key management center generates a random key and sends it back to the server as the data transmission session key; 服务端基于服务端私钥对数据传输会话密钥进行签名并使用第一客户端公钥加密后发送至客户端;The server signs the data transmission session key based on the server private key and encrypts it with the first client public key before sending it to the client; 发布端基于服务端公钥验签并基于客户端私钥解密得到数据传输会话密钥,以及,基于数据传输会话密钥对发布数据包加密生成发布密文以及基于发布端密钥计算HMAC值后发送至服务端,The publisher verifies the signature based on the server public key and decrypts it based on the client private key to obtain the data transmission session key. In addition, the publisher encrypts the published data packet based on the data transmission session key to generate the published ciphertext and calculates the HMAC value based on the publisher key and sends it to the server. 服务端基于收到的发布消息验证HMAC,并基于订阅端密钥计算HMAC值后转发至订阅端;The server verifies the HMAC based on the received published message, calculates the HMAC value based on the subscriber's key, and forwards it to the subscriber; 订阅端收到数据包后验证HMAC,并基于数据传输会话密钥进行解密,得到订阅数据信息。After receiving the data packet, the subscriber verifies the HMAC and decrypts it based on the data transmission session key to obtain the subscription data information. 10.一种基于IPK的MQTT协议的数据传输方法,其特征在于,应用于至少包括客户端、服务端和密钥管理中心的物联网系统,通过权利要求1-8任一项所述的一种基于IPK的MQTT协议的身份认证方法实现了客户端和服务端的身份双向安全认证,其中,所述客户端包括订阅端和发布端;10. A data transmission method of the MQTT protocol based on IPK, characterized in that it is applied to an Internet of Things system including at least a client, a server and a key management center, and realizes a two-way security authentication of the identity of the client and the server through an identity authentication method of the MQTT protocol based on IPK according to any one of claims 1 to 8, wherein the client includes a subscriber and a publisher; 订阅端订阅前或发布端发布前向服务端发送主题信息;The subscriber sends topic information to the server before subscribing or the publisher sends topic information to the server before publishing; 服务端根据收到的主题信息查询主题或创建主题,并基于主题ID向密钥管理中心申请会话密钥;The server queries or creates a topic based on the received topic information, and applies for a session key from the key management center based on the topic ID; 密钥管理中心生成随机密钥回传至服务端作为数据传输会话密钥;The key management center generates a random key and sends it back to the server as the data transmission session key; 服务端基于服务端私钥对数据传输会话密钥签名并使用第一客户端公钥加密后发送会话密钥数据包至客户端;The server signs the data transmission session key based on the server private key and encrypts it with the first client public key before sending the session key data packet to the client; 客户端基于服务端公钥对接收的数据传输会话密钥数据包验签,并基于客户端私钥对会话密钥数据包解密得到数据传输会话密钥;The client verifies the signature of the received data transmission session key data packet based on the server public key, and decrypts the session key data packet based on the client private key to obtain the data transmission session key; 发布端基于会话密钥对数据加密并采用中心私钥对发布数据进行签名后发送至服务端,服务端将接收到的发布数据验签后转发至订阅端;The publisher encrypts the data based on the session key and signs the published data with the central private key before sending it to the server. The server verifies the signature of the received published data and forwards it to the subscriber. 订阅对应主题ID的订阅端收到数据包后基于服务端公钥验签,以及基于会话密钥,并基于会话密钥进行解密,得到订阅数据信息。After receiving the data packet, the subscriber who subscribes to the corresponding topic ID verifies the signature based on the server public key and the session key, and decrypts it based on the session key to obtain the subscription data information.
CN202411010799.2A 2024-07-26 2024-07-26 An identity authentication method and data transmission method of MQTT protocol based on IPK Active CN118540167B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411010799.2A CN118540167B (en) 2024-07-26 2024-07-26 An identity authentication method and data transmission method of MQTT protocol based on IPK

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411010799.2A CN118540167B (en) 2024-07-26 2024-07-26 An identity authentication method and data transmission method of MQTT protocol based on IPK

Publications (2)

Publication Number Publication Date
CN118540167A true CN118540167A (en) 2024-08-23
CN118540167B CN118540167B (en) 2024-10-29

Family

ID=92394408

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411010799.2A Active CN118540167B (en) 2024-07-26 2024-07-26 An identity authentication method and data transmission method of MQTT protocol based on IPK

Country Status (1)

Country Link
CN (1) CN118540167B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119232499A (en) * 2024-12-02 2024-12-31 中国交通信息科技集团有限公司 A secure communication method and system based on the MQTT protocol of the national secret password module
CN119520067A (en) * 2024-11-14 2025-02-25 华北电力大学 Multi-factor identity authentication method for access control of distribution network data assets
CN119652554A (en) * 2024-11-05 2025-03-18 中电信量子科技有限公司 A signaling service system and a communication method based on the signaling service system
CN120856474A (en) * 2025-09-22 2025-10-28 天翼视联科技股份有限公司 Access authentication method and system based on message queue telemetry transport protocol

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111970699A (en) * 2020-08-11 2020-11-20 牛毅 Terminal WIFI login authentication method and system based on IPK
WO2022246997A1 (en) * 2021-05-26 2022-12-01 腾讯云计算(北京)有限责任公司 Service processing method and apparatus, server, and storage medium
CN115776390A (en) * 2022-11-04 2023-03-10 哈尔滨工程大学 MQTT protocol identity authentication and data encryption method based on state password
CN117176340A (en) * 2023-09-05 2023-12-05 之江实验室 A communication method based on MQTT protocol and resistant to quantum attacks

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111970699A (en) * 2020-08-11 2020-11-20 牛毅 Terminal WIFI login authentication method and system based on IPK
WO2022246997A1 (en) * 2021-05-26 2022-12-01 腾讯云计算(北京)有限责任公司 Service processing method and apparatus, server, and storage medium
CN115776390A (en) * 2022-11-04 2023-03-10 哈尔滨工程大学 MQTT protocol identity authentication and data encryption method based on state password
CN117176340A (en) * 2023-09-05 2023-12-05 之江实验室 A communication method based on MQTT protocol and resistant to quantum attacks

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119652554A (en) * 2024-11-05 2025-03-18 中电信量子科技有限公司 A signaling service system and a communication method based on the signaling service system
CN119520067A (en) * 2024-11-14 2025-02-25 华北电力大学 Multi-factor identity authentication method for access control of distribution network data assets
CN119232499A (en) * 2024-12-02 2024-12-31 中国交通信息科技集团有限公司 A secure communication method and system based on the MQTT protocol of the national secret password module
CN120856474A (en) * 2025-09-22 2025-10-28 天翼视联科技股份有限公司 Access authentication method and system based on message queue telemetry transport protocol

Also Published As

Publication number Publication date
CN118540167B (en) 2024-10-29

Similar Documents

Publication Publication Date Title
CN111371730B (en) Lightweight authentication method supporting anonymous access of heterogeneous terminal in edge computing scene
Xi et al. ZAMA: A ZKP-based anonymous mutual authentication scheme for the IoV
Li et al. iTLS: Lightweight transport-layer security protocol for IoT with minimal latency and perfect forward secrecy
CN118540167B (en) An identity authentication method and data transmission method of MQTT protocol based on IPK
US8510558B2 (en) Identity based authenticated key agreement protocol
Chen et al. Efficient certificateless online/offline signcryption scheme for edge IoT devices
KR101730757B1 (en) Method and system for accessing device by a user
CN101902476B (en) Method for authenticating identity of mobile peer-to-peer user
CN115766119B (en) Communication method, device, communication system and storage medium
CN110999202A (en) Computer-implemented system and method for highly secure, high-speed encryption and transmission of data
WO2006091396A2 (en) Payload layer security for file transfer
CN110784305B (en) Single sign-on authentication method based on inadvertent pseudo-random function and signcryption
CN115333743A (en) Fine-grained secure communication method for MQTT protocol
CN117155717B (en) Authentication method based on identification password, and cross-network and cross-domain data exchange method and system
CN115776390B (en) MQTT protocol identity authentication and data encryption method based on national secret
Yeh et al. Password authenticated key exchange protocols among diverse network domains
Dugardin et al. A new fair identity based encryption scheme
CN100596066C (en) A Method of Entity Authentication Based on H323 System
Sonth et al. A Survey on Methodologies and Algorithms for Mutual Authentication in IoT Devices
Chang et al. SSOV: A Single Sign-on Protocol for Accessing Vehicular Application Services with the Support of Secret Credential Management System
Pullela Security issues in mobile computing
Inamura Expansions of CHAP: Modificationless on its structures of packet and data exchange
Mahshid et al. An optimized authentication protocol for mobile networks
Gan et al. A PKI-based authentication approach for E-Business systems
CN119814292A (en) A cross-domain authentication key negotiation method based on industrial Internet of Things

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant