您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(工学版)》

山东大学学报 (工学版) ›› 2020, Vol. 50 ›› Issue (1): 63-71.doi: 10.6040/j.issn.1672-3961.0.2019.034

• 电气工程 • 上一篇    下一篇

基于物理不可克隆函数的电网NB-IoT端到端安全加密方案

刘冬兰1(),刘新1,陈剑飞2,王文婷1,张昊1,马雷1,李冬2   

  1. 1. 国网山东省电力公司电力科学研究院, 山东 济南 250003
    2. 国网山东省电力公司, 山东 济南 250001
  • 收稿日期:2019-01-23 出版日期:2020-02-20 发布日期:2020-02-14
  • 作者简介:刘冬兰(1987—),女,云南宣威人,高级工程师,硕士,研究方向为信息安全、大数据、物联网等. E-mail:liudonglan2006@126.com
  • 基金资助:
    国网山东省电力公司科技项目(52062617002V)

End-to-end security encryption scheme of NB-IoT for smart grid based on physical unclonable function

Donglan LIU1(),Xin LIU1,Jianfei CHEN2,Wenting WANG1,Hao ZHANG1,Lei MA1,Dong LI2   

  1. 1. State Grid Shandong Electric Power Research Institute, Jinan 250003, Shandong, China
    2. State Grid Shandong Electric Power Company, Jinan 250001, Shandong, China
  • Received:2019-01-23 Online:2020-02-20 Published:2020-02-14
  • Supported by:
    国网山东省电力公司科技项目(52062617002V)

摘要:

为提高电网数据传输的高安全性,提出一种基于物理不可克隆函数和国密算法SM3的电网NB-IoT(narrow band internet of things, NB-IoT)端到端安全加密方案。引入国产密码算法SM3,设计一个自主可控的NB-IoT应用层安全架构,对LTE现有的密钥派生结构进行扩展,并结合物理不可克隆函数确保NB-IoT终端和电网业务平台间加密密钥的生成。分析和试验表明:所提出的方案实现了物联网设备与终端之间的安全数据传输和双向身份认证,并具有兼容性高、通信开销小、轻量化和灵活更新的特点。此外,该方案在密钥协商时还支持电网业务平台对NB-IoT设备的认证,进一步增强电网业务系统的安全性。

关键词: 智能电网, 窄带物联网, 端到端安全, 物理不可克隆函数, SM3算法

Abstract:

In order to improve the high security of power network data transmission, an end-to-end security encryption scheme of NB-IoT (narrow band internet of things, NB-IoT) for smart grid based on physical unclonable function and domestic cipher algorithm SM3 was proposed in this paper. A self-controllable NB-IoT application layer security architecture was designed by introducing the SM3, extending the existing key derivation structure of LTE, and combining the physical unclonable function to ensure the generation of encryption keys between NB-IoT terminals and power grid business platforms. Analysis and experiment showed that the proposed scheme realized secure data transmission and bidirectional identity authentication between IoT devices and terminals. Its features included high compatibility, low communication costs, lightweight and flexible key update. In addition, the scheme also supported terminal authentication during key agreement, which furtherly enhanced the security of business systems in smart grid.

Key words: smart grid, narrow band internet of things, end-to-end security, physical unclonable function, SM3

中图分类号: 

  • TN915.08

图1

NB-IoT网络架构"

图2

NB-IoT用户面保密性安全架构"

图3

3GPP NB-IoT会话密钥派生结构"

图4

IOT身份认证管理系统"

图5

IPSec基本配置"

图6

网关隧道监控"

表1

几种方案的性能特性对比"

方案 通信开销 存储开销 长期密钥更新 与现有架构的兼容性
文献[6] 1AKA+2轮 nmAV 固定
文献[7] 1AKA nmAV 固定
文献[8] 3轮 nlCSP
本文方案 2轮 nlCSP 灵活定制
1 赵婷, 高昆仑, 郑晓崑, 等. 智能电网物联网技术架构及信息安全防护体系研究[J]. 中国电力, 2012, 45 (5): 87- 90.
doi: 10.3969/j.issn.1004-9649.2012.05.019
ZHAO Ting , GAO Kunlun , ZHENG Xiaokun , et al. Research on technical framework and cyber security protection system of IOT in smart grid[J]. Electric Power, 2012, 45 (5): 87- 90.
doi: 10.3969/j.issn.1004-9649.2012.05.019
2 中国人民共和国工业和信息化部.中华人民共和国工业和信息化部公告2017年第27号[EB/OL]. (2017-06-20). http://www.miit.gov.cn/n1146295/n1652858/n1652930/n4509607/c5695255/content.html.
3 中国无线电协会.中国无线电协会电力无线专网产业联盟正式成立[EB/OL]. (2017-09-26). http://www.rachina.org.cn/2017-09/26/content-1891324.html.
4 人民邮电报.江苏电信与国网江苏电力签署战略合作协议[EB/OL]. (2017-09-18). http://www.cnii.com.cn/telecom/2017-09/18/content-1889351.htm.
5 5G微信公众平台.国家电网试点NB-IoT 470M网络[DB/OL].[2017-08-31]. http://www.sohu.com/a/168469519-673855.
6 第三代合作伙伴计划3GPP. 3GPP TS 33.220 Generic authentication architecture (GAA); generic bootstrapping architecture (GBA) V15.3.0.[EB/OL].[2018-09-01]. http://www.3gpp.org/ftp/Specs/archive/33-series/33.220/33220-f30.zip.
7 第三代合作伙伴计划3GPP. 3GPP TS 33.163 Battery efficient security for very low throughput machine type communication (MTC) devices (BEST) V16.0.0.[EB/OL].[2018-09-01]. http://www.3gpp.org/ftp/Specs/archive/33-series/33.163/33163-g00.zip.
8 LIN Yuesong, JIANG Fuqiang, WANG Zhu, et al. Research on PUF-based security enhancement of narrow-band internet of things[C]//2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA). Cracow, Poland: IEEE, 2018: 702-709.
9 周海涛, 孔华锋, 刘虹. 基于物理不可克隆函数的智能警务设备认证协议[J]. 计算机应用与软件, 2016, 33 (12): 284- 287.
doi: 10.3969/j.issn.1000-386x.2016.12.066
ZHOU Haitao , KONG Huafeng , LIU Hong . The authentication protocol for intelligent police devices based on physical unclonable function[J]. Computer Applications and Software, 2016, 33 (12): 284- 287.
doi: 10.3969/j.issn.1000-386x.2016.12.066
10 李森森, 黄一才, 郁滨, 等. 基于物理不可克隆函数的蓝牙密钥生成器[J]. 电子测量与仪器学报, 2018, 32 (2): 137- 145.
LI Sensen , HUANG Yicai , YU Bin , et al. Bluetooth key generator based on physical unclonable function[J]. Journal of Electronic Measurement and Instrumentation, 2018, 32 (2): 137- 145.
11 3GPP TR 23.720. Study on architecture enhancements for cellular Internet of things V13.0.0.[EB/OL]. (2016-03-01)[2019-01-23]. http://www.3gpp.org/ftp/Specs/archive/23-series/23.720/23720-d00.zip.
12 袁野, 陈君. 面向LTE的干线及城域传送网融合解决方案的探讨[J]. 移动通信, 2012, 36 (21): 11- 15.
doi: 10.3969/j.issn.1006-1010.2012.21.002
YUAN Ye , CHEN Jun . Discussion on LTE trunk line and metropolitan area transmission network fusion solution[J]. Mobile Communication, 2012, 36 (21): 11- 15.
doi: 10.3969/j.issn.1006-1010.2012.21.002
13 PAPPU Ravikanth , RECHT Ben , TAYLOR Jason , et al. Physical one-way functions[J]. Science, 2002, 297 (5589): 2026- 2030.
doi: 10.1126/science.1074376
14 寇红召, 张紫楠, 马骏. 基于物理不可克隆函数的RFID双向认证[J]. 计算机工程, 2013, 39 (6): 142- 145.
KOU Hongzhao , ZHANG Zinan , MA Jun . RFID mutual authentication based on physical unclonable function[J]. Computer Engineering, 2013, 39 (6): 142- 145.
15 刘伟强, 崔益军, 王成华. 一种低成本物理不可克隆函数结构的设计实现及其RFID应用[J]. 电子学报, 2016, 44 (7): 1772- 1776.
doi: 10.3969/j.issn.0372-2112.2016.07.036
LIU Weiqiang , CUI Yijun , WANG Chenghua . Design and implementation of a low-cost physical unclonable function and its application in RFID[J]. Acta Electronica Sinica, 2016, 44 (7): 1772- 1776.
doi: 10.3969/j.issn.0372-2112.2016.07.036
16 庞子涵, 周强, 高文超, 等. FPGA物理不可克隆函数及其实现技术[J]. 计算机辅助设计与图形学学报, 2017, 29 (9): 1591- 1603.
PANG Zihan , ZHOU Qiang , GAO Wenchao , et al. Hardware implementation of physical unclonable function on FPGAs[J]. Journal of Computer-Aided Design & Computer Graphics, 2017, 29 (9): 1591- 1603.
17 周恩辉, 刘雅娜. 基于物理不可克隆函数的高性能RFID网络隐私保护算法[J]. 通信与网络, 2016, 42 (3): 98- 101.
ZHOU Enhui , LIU Yana . Physically unclonable function based high performance privacy protection algorithm of RFID network[J]. Communication and Network, 2016, 42 (3): 98- 101.
18 杨建喜, 张悦, 池亚平, 等. 基于物理不可克隆函数的小区重选安全协议设计[J]. 计算机工程, 2018, 44 (11): 154- 157.
YANG Jianxi , ZHANG Yue , CHI Yaping , et al. Design of cell reselection security protocol based on physical unclonable function[J]. Computer Engineering, 2018, 44 (11): 154- 157.
19 郭丽敏, 刘丹, 王立辉, 等. 基于PUF的RFID系统安全密钥协商协议[J]. 微电子学与计算机, 2017, 34 (7): 60- 64.
GUO Limin , LIU Dan , WANG Lihui , et al. Secure key exchange protocol for RFID system based on PUF[J]. Microelectronics & Computer, 2017, 34 (7): 60- 64.
20 徐崇耀.基于国密算法和PUF技术的物联网安全芯片设计与实现[D].广州:广东工业大学, 2018.
XU Zongyao. The design and implemention of IoT secruity chip based on national encryption algorithm and PUF technology[D]. Guangzhou: Guangdong University of Technology, 2018.
21 杨灵, 闫大顺. 基于PUF的低成本RFID系统安全协议[J]. 计算机工程, 2010, 36 (15): 148- 150.
doi: 10.3969/j.issn.1000-3428.2010.15.052
YANG Ling , YAN Dashun . Security protocol for low-cost RFID system based on PUF[J]. Computer Engineering, 2010, 36 (15): 148- 150.
doi: 10.3969/j.issn.1000-3428.2010.15.052
No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] 施来顺,万忠义 . 新型甜菜碱型沥青乳化剂的合成与性能测试[J]. 山东大学学报(工学版), 2008, 38(4): 112 -115 .
[2] 孔祥臻,刘延俊,王勇,赵秀华 . 气动比例阀的死区补偿与仿真[J]. 山东大学学报(工学版), 2006, 36(1): 99 -102 .
[3] 陈瑞,李红伟,田靖. 磁极数对径向磁轴承承载力的影响[J]. 山东大学学报(工学版), 2018, 48(2): 81 -85 .
[4] 李可,刘常春,李同磊 . 一种改进的最大互信息医学图像配准算法[J]. 山东大学学报(工学版), 2006, 36(2): 107 -110 .
[5] 季涛,高旭,孙同景,薛永端,徐丙垠 . 铁路10 kV自闭/贯通线路故障行波特征分析[J]. 山东大学学报(工学版), 2006, 36(2): 111 -116 .
[6] 刘文亮,朱维红,陈涤,张泓泉. 基于雷达图像的运动目标形态检测及跟踪技术[J]. 山东大学学报(工学版), 2010, 40(3): 31 -36 .
[7] 孙国华,吴耀华,黎伟. 消费税控制策略对供应链系统绩效的影响[J]. 山东大学学报(工学版), 2009, 39(1): 63 -68 .
[8] 王,张艳宁,申家振,刘俊成 . 基于信息测度和支持向量机的图像边缘检测[J]. 山东大学学报(工学版), 2006, 36(3): 95 -99 .
[9] 李芳佳, 高尚策, 唐政, 石井雅博, 山下和也. 基于元胞自动化模型的三维雪花晶体近似模式的产生(英文)[J]. 山东大学学报(工学版), 2009, 39(1): 102 -105 .
[10] 程代展,李志强. 非线性系统线性化综述(英文)[J]. 山东大学学报(工学版), 2009, 39(2): 26 -36 .