基于物理不可克隆函数的电网NB-IoT端到端安全加密方案

doi:10.6040/j.issn.1672-3961.0.2019.034

摘要/Abstract

摘要：

为提高电网数据传输的高安全性,提出一种基于物理不可克隆函数和国密算法SM3的电网NB-IoT(narrow band internet of things, NB-IoT)端到端安全加密方案。引入国产密码算法SM3,设计一个自主可控的NB-IoT应用层安全架构,对LTE现有的密钥派生结构进行扩展,并结合物理不可克隆函数确保NB-IoT终端和电网业务平台间加密密钥的生成。分析和试验表明:所提出的方案实现了物联网设备与终端之间的安全数据传输和双向身份认证,并具有兼容性高、通信开销小、轻量化和灵活更新的特点。此外,该方案在密钥协商时还支持电网业务平台对NB-IoT设备的认证,进一步增强电网业务系统的安全性。

关键词: 智能电网, 窄带物联网, 端到端安全, 物理不可克隆函数, SM3算法

Abstract:

In order to improve the high security of power network data transmission, an end-to-end security encryption scheme of NB-IoT (narrow band internet of things, NB-IoT) for smart grid based on physical unclonable function and domestic cipher algorithm SM3 was proposed in this paper. A self-controllable NB-IoT application layer security architecture was designed by introducing the SM3, extending the existing key derivation structure of LTE, and combining the physical unclonable function to ensure the generation of encryption keys between NB-IoT terminals and power grid business platforms. Analysis and experiment showed that the proposed scheme realized secure data transmission and bidirectional identity authentication between IoT devices and terminals. Its features included high compatibility, low communication costs, lightweight and flexible key update. In addition, the scheme also supported terminal authentication during key agreement, which furtherly enhanced the security of business systems in smart grid.

Key words: smart grid, narrow band internet of things, end-to-end security, physical unclonable function, SM3

中图分类号:

TN915.08

刘冬兰,刘新,陈剑飞,王文婷,张昊,马雷,李冬. 基于物理不可克隆函数的电网NB-IoT端到端安全加密方案[J]. 山东大学学报 (工学版), 2020, 50(1): 63-71.

Donglan LIU,Xin LIU,Jianfei CHEN,Wenting WANG,Hao ZHANG,Lei MA,Dong LI. End-to-end security encryption scheme of NB-IoT for smart grid based on physical unclonable function[J]. Journal of Shandong University(Engineering Science), 2020, 50(1): 63-71.

图/表 7

图1

图2

图3

图4

图5

图6

表1

参考文献 21

1	赵婷, 高昆仑, 郑晓崑, 等. 智能电网物联网技术架构及信息安全防护体系研究[J]. 中国电力, 2012, 45 (5): 87- 90. doi: 10.3969/j.issn.1004-9649.2012.05.019
	ZHAO Ting , GAO Kunlun , ZHENG Xiaokun , et al. Research on technical framework and cyber security protection system of IOT in smart grid[J]. Electric Power, 2012, 45 (5): 87- 90. doi: 10.3969/j.issn.1004-9649.2012.05.019
2	中国人民共和国工业和信息化部.中华人民共和国工业和信息化部公告2017年第27号[EB/OL]. (2017-06-20). http://www.miit.gov.cn/n1146295/n1652858/n1652930/n4509607/c5695255/content.html.
3	中国无线电协会.中国无线电协会电力无线专网产业联盟正式成立[EB/OL]. (2017-09-26). http://www.rachina.org.cn/2017-09/26/content-1891324.html.
4	人民邮电报.江苏电信与国网江苏电力签署战略合作协议[EB/OL]. (2017-09-18). http://www.cnii.com.cn/telecom/2017-09/18/content-1889351.htm.
5	5G微信公众平台.国家电网试点NB-IoT 470M网络[DB/OL].[2017-08-31]. http://www.sohu.com/a/168469519-673855.
6	第三代合作伙伴计划3GPP. 3GPP TS 33.220 Generic authentication architecture (GAA); generic bootstrapping architecture (GBA) V15.3.0.[EB/OL].[2018-09-01]. http://www.3gpp.org/ftp/Specs/archive/33-series/33.220/33220-f30.zip.
7	第三代合作伙伴计划3GPP. 3GPP TS 33.163 Battery efficient security for very low throughput machine type communication (MTC) devices (BEST) V16.0.0.[EB/OL].[2018-09-01]. http://www.3gpp.org/ftp/Specs/archive/33-series/33.163/33163-g00.zip.
8	LIN Yuesong, JIANG Fuqiang, WANG Zhu, et al. Research on PUF-based security enhancement of narrow-band internet of things[C]//2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA). Cracow, Poland: IEEE, 2018: 702-709.
9	周海涛, 孔华锋, 刘虹. 基于物理不可克隆函数的智能警务设备认证协议[J]. 计算机应用与软件, 2016, 33 (12): 284- 287. doi: 10.3969/j.issn.1000-386x.2016.12.066
	ZHOU Haitao , KONG Huafeng , LIU Hong . The authentication protocol for intelligent police devices based on physical unclonable function[J]. Computer Applications and Software, 2016, 33 (12): 284- 287. doi: 10.3969/j.issn.1000-386x.2016.12.066
10	李森森, 黄一才, 郁滨, 等. 基于物理不可克隆函数的蓝牙密钥生成器[J]. 电子测量与仪器学报, 2018, 32 (2): 137- 145.
	LI Sensen , HUANG Yicai , YU Bin , et al. Bluetooth key generator based on physical unclonable function[J]. Journal of Electronic Measurement and Instrumentation, 2018, 32 (2): 137- 145.
11	3GPP TR 23.720. Study on architecture enhancements for cellular Internet of things V13.0.0.[EB/OL]. (2016-03-01)[2019-01-23]. http://www.3gpp.org/ftp/Specs/archive/23-series/23.720/23720-d00.zip.
12	袁野, 陈君. 面向LTE的干线及城域传送网融合解决方案的探讨[J]. 移动通信, 2012, 36 (21): 11- 15. doi: 10.3969/j.issn.1006-1010.2012.21.002
	YUAN Ye , CHEN Jun . Discussion on LTE trunk line and metropolitan area transmission network fusion solution[J]. Mobile Communication, 2012, 36 (21): 11- 15. doi: 10.3969/j.issn.1006-1010.2012.21.002
13	PAPPU Ravikanth , RECHT Ben , TAYLOR Jason , et al. Physical one-way functions[J]. Science, 2002, 297 (5589): 2026- 2030. doi: 10.1126/science.1074376
14	寇红召, 张紫楠, 马骏. 基于物理不可克隆函数的RFID双向认证[J]. 计算机工程, 2013, 39 (6): 142- 145.
	KOU Hongzhao , ZHANG Zinan , MA Jun . RFID mutual authentication based on physical unclonable function[J]. Computer Engineering, 2013, 39 (6): 142- 145.
15	刘伟强, 崔益军, 王成华. 一种低成本物理不可克隆函数结构的设计实现及其RFID应用[J]. 电子学报, 2016, 44 (7): 1772- 1776. doi: 10.3969/j.issn.0372-2112.2016.07.036
	LIU Weiqiang , CUI Yijun , WANG Chenghua . Design and implementation of a low-cost physical unclonable function and its application in RFID[J]. Acta Electronica Sinica, 2016, 44 (7): 1772- 1776. doi: 10.3969/j.issn.0372-2112.2016.07.036
16	庞子涵, 周强, 高文超, 等. FPGA物理不可克隆函数及其实现技术[J]. 计算机辅助设计与图形学学报, 2017, 29 (9): 1591- 1603.
	PANG Zihan , ZHOU Qiang , GAO Wenchao , et al. Hardware implementation of physical unclonable function on FPGAs[J]. Journal of Computer-Aided Design & Computer Graphics, 2017, 29 (9): 1591- 1603.
17	周恩辉, 刘雅娜. 基于物理不可克隆函数的高性能RFID网络隐私保护算法[J]. 通信与网络, 2016, 42 (3): 98- 101.
	ZHOU Enhui , LIU Yana . Physically unclonable function based high performance privacy protection algorithm of RFID network[J]. Communication and Network, 2016, 42 (3): 98- 101.
18	杨建喜, 张悦, 池亚平, 等. 基于物理不可克隆函数的小区重选安全协议设计[J]. 计算机工程, 2018, 44 (11): 154- 157.
	YANG Jianxi , ZHANG Yue , CHI Yaping , et al. Design of cell reselection security protocol based on physical unclonable function[J]. Computer Engineering, 2018, 44 (11): 154- 157.
19	郭丽敏, 刘丹, 王立辉, 等. 基于PUF的RFID系统安全密钥协商协议[J]. 微电子学与计算机, 2017, 34 (7): 60- 64.
	GUO Limin , LIU Dan , WANG Lihui , et al. Secure key exchange protocol for RFID system based on PUF[J]. Microelectronics & Computer, 2017, 34 (7): 60- 64.
20	徐崇耀.基于国密算法和PUF技术的物联网安全芯片设计与实现[D].广州:广东工业大学, 2018.
	XU Zongyao. The design and implemention of IoT secruity chip based on national encryption algorithm and PUF technology[D]. Guangzhou: Guangdong University of Technology, 2018.
21	杨灵, 闫大顺. 基于PUF的低成本RFID系统安全协议[J]. 计算机工程, 2010, 36 (15): 148- 150. doi: 10.3969/j.issn.1000-3428.2010.15.052
	YANG Ling , YAN Dashun . Security protocol for low-cost RFID system based on PUF[J]. Computer Engineering, 2010, 36 (15): 148- 150. doi: 10.3969/j.issn.1000-3428.2010.15.052

多维度评价

Viewed

Full text

Abstract

Cited

Shared

Discussed

方案	通信开销	存储开销	长期密钥更新	与现有架构的兼容性
文献[6]	1AKA+2轮	nmAV	固定	好
文献[7]	1AKA	nmAV	固定	好
文献[8]	3轮	nlCSP	无	差
本文方案	2轮	nlCSP	灵活定制	好