CN112152816A

CN112152816A - Credible mechanism of Internet of things security chip

Info

Publication number: CN112152816A
Application number: CN202011014771.8A
Authority: CN
Inventors: 裴景秋
Original assignee: Nanjing Hangling Information Technology Co ltd
Current assignee: Nanjing Hangling Information Technology Co ltd
Priority date: 2020-09-24
Filing date: 2020-09-24
Publication date: 2020-12-29
Anticipated expiration: 2040-09-24
Also published as: CN112152816B

Abstract

The invention discloses a credible mechanism of a security chip of the Internet of things, which relates to the technical field of the security of the Internet of things and comprises the following steps: acquiring a physical unclonable function of a chip, and extracting a plurality of corresponding pairs of excitations from the physical unclonable function; extracting a response part of the corresponding pair of the excitations as a first entropy value, and adding the first entropy value into an entropy pool; extracting communication protocol information in the communication process as a second entropy value by the Internet of things equipment, and adding the second entropy value into the entropy pool; combining the first entropy value and the second entropy value in the entropy pool to obtain physical characteristic information; inputting the physical characteristic information into a fuzzy extractor, outputting auxiliary data P and a uniform random value R by the fuzzy extractor, and taking the auxiliary data P and the uniform random value R as registration information registration identities; the invention uses the random characteristic 'physical fingerprint' as identity registration information in the chip production and manufacturing process, and uses the block chain as an identity generation and registration platform, thereby having high safety.

Description

Credible mechanism of Internet of things security chip

Technical Field

The invention relates to the technical field of Internet of things security, in particular to a trusted mechanism of an Internet of things security chip.

Background

The unique identification of the internet of things device is a basic function, and can have a plurality of application scenarios, such as software authorization (how to ensure that your software can be used on a specific machine after being authorized), software License, device identification and the like. The current common modes have a plurality of problems:

(1) network card MAC address

MAC addresses are probably the most common identification methods, but this method is now largely unreliable: a computer may have multiple network cards and multiple MAC addresses, for example, a typical notebook may have multiple MAC addresses such as wired, wireless, and bluetooth, and the MAC addresses may change each time with the change of different connection modes. Also, the MAC address is more when the virtual machine is installed. Another more fatal weakness of MAC addresses is that MAC addresses are easily changed manually. Therefore, the MAC address is not basically recommended to be used as the device unique ID.

(2)CPU ID

The CPU ID can be viewed in the Windows system by running the "wmic CPU get process" through the command line.

At present, the CPU ID can not uniquely identify the equipment, and Intel can not provide unique ID any more because the CPU IDs of the same batch are the same. And through practical testing, the CPU IDs of the newly purchased same batch of PCs are likely to be the same. This can be problematic as a unique identification of the device.

The identity authentication of the internet of things equipment refers to that when the internet of things equipment is accessed into an internet of things system, the identity of the equipment needs to be identified so as to confirm the validity of the equipment. Equipment authentication is the first step of whole thing networking safety, and to legal equipment, the authentication mechanism allows it to insert and carry out data communication and information exchange with other equipment in the thing networking, and to illegal equipment, the authentication mechanism limits its access in the thing networking to avoid its potential safety hazard that brings, to sum up, come as authentication information through traditional sign and appear illegal problem of inserting easily, the security is relatively poor.

Disclosure of Invention

The invention provides a credible mechanism of an Internet of things security chip, which solves the technical problems in the related technology.

According to one aspect of the invention, a trusted mechanism of an internet of things security chip is provided, which comprises the following steps:

s100, acquiring a physical unclonable function of a chip, and extracting a plurality of corresponding pairs of excitations from the physical unclonable function;

s200, extracting a response part of the corresponding pair of the excitations as a first entropy value, and adding the first entropy value into an entropy pool;

s300, extracting communication protocol information in the communication process as a second entropy value by the Internet of things equipment, and adding the second entropy value into an entropy pool;

s300, combining the first entropy and the second entropy in the entropy pool to obtain physical characteristic information;

s400, inputting the physical characteristic information W into a fuzzy extractor, outputting auxiliary data P and a uniform random value R by the fuzzy extractor, and taking the auxiliary data P and the uniform random value R as registration information registration identities;

s500, in the authentication stage, a uniform random value R ' is regenerated through physical characteristic information W ' of the Internet of things equipment to be authenticated and output auxiliary data P, whether the value of | R ' -R | is smaller than a preset threshold value is verified, if yes, authentication is successful, and if not, authentication is failed.

Further, the regenerating of the uniform random value R 'through the physical characteristic information W' of the internet of things device to be authenticated and the output auxiliary data P is calculated through a recovery algorithm of a fuzzy extraction technology by using the physical characteristic information and the output auxiliary data P.

Further, the communication protocol information is a system frame number of the MIB in the LTE standard.

Further, the communication protocol information is obtained by rearranging the character string of the system frame number according to a predetermined rule.

Further, the physical characteristic information obtained by combining the first entropy value and the second entropy value is the addition of the first entropy value and the second entropy value or the direct combination, wherein the direct combination is that the binary word of the first entropy value and the second entropy value is coincident, and the binary word of the second entropy value is arranged after the binary word of the first entropy value.

Further, the registering the auxiliary data P and the uniform random value R as the registration information includes:

generating a user name IDm, a password PWm, auxiliary data Pm (public) and a uniform random value Rm (obtained by a fuzzy extraction algorithm through physical characteristic information Wm) by using the Internet of things equipment Um, and sending the user name IDm, the password PWm, the auxiliary data Pm (public) and the uniform random value Rm to a non-verification node NVP of a block chain;

the non-verification node NVP inquires whether the user name IDm is registered in the registration block chain or not through the registration block chain;

if so, registered information is sent to the Internet of things equipment Um, otherwise unregistered information is sent to the Internet of things equipment Um;

after the Internet of things device Um receives the unregistered information, the Internet of things device Um sends the registered information to the non-verification node NVP;

the Internet of things equipment Um performs Hash processing on the password PWm to obtain a fixed-length password Hm;

encrypting the uniform random value Rm by using a public key PUBnvp of the non-verification node NVP to obtain Envp (Rm), combining to obtain intermediate information (IDm, Envp (Rm), Pm and Hm), and sending to the non-verification node NVP;

in the step, after the intermediate information is sent to the non-verification node NVP, the Internet of things equipment Um does not store the auxiliary data Pm and the uniform random value Rm;

the non-verification node NVP executes a block chain intelligent contract to initiate the registration transaction, and uses a private key PRA of the non-verification node NVP to sign intermediate information (IDm, Envp (Rm), Pm, Hm and IDnvp) to generate SIGNVp, wherein IDnvp is ID information of the non-verification node NVP;

the non-verification node NVP broadcasts the registration transaction information to the verification node VP; the registration transaction information includes (IDm, Envp (Rm), Hm, IDnvp, SIGNnvp);

the verification node VP verifies the registration transaction initiated by the non-verification node NVP, and writes a plurality of registration transaction generation blocks into the registration block chain through a consensus mechanism in one period.

Further, the authentication phase includes:

the Internet of things equipment Um 'is provided with a user name IDm' and a password PWm 'and generates physical characteristic information Wm' and initiates an authentication request to a non-authentication node NVP;

the non-verification node NVP executes a block chain intelligent contract to verify whether the IDm' is a registered user;

if yes, executing the next step, otherwise, failing to authenticate;

the non-verification node NVP carries out Hash processing on the password PWm ' through the IDm ' fixed-length password Hm ' to obtain a fixed-length password Hm ', and verifies whether the Hm ' is the same as the Hm or not;

the non-verification node NVP queries the auxiliary data Pm through IDm ', and recovers through a recovery algorithm of a fuzzy extraction technology based on the auxiliary data Pm and the physical characteristic information Wm ' to obtain a uniform random value Rm ';

the non-verification node NVP judges whether the absolute value of the difference value alpha ' between Rm ' and Rm exceeds a preset threshold value alpha, if alpha ' is less than alpha, the authentication is successful, and the next step is executed;

if the alpha' is more than or equal to the alpha, finishing the authentication and failing the authentication;

the non-verification node NVP generates and endorses the information of the authentication transaction, broadcasts the information to the verification node VP, and packs a plurality of authentication transactions into blocks through a consensus mechanism within a certain time and writes the blocks into an authentication chain.

Further, the non-verification node NVP generating and endorsing the authentication transaction information includes the following steps:

the non-verification node NVP initiates the authentication transaction, and the signature of (IDm ', Rm', Hm ', IDnvp) is generated to SIGNNvp';

the authentication transaction information includes (IDm ', Rm', Hm ', IDnvp, SIGNnvp').

The invention has the beneficial effects that: according to the invention, the random characteristic physical fingerprint in the chip production and manufacturing process is used as the identity registration information, when the equipment is inactive, the equipment cannot be opened or all memory contents can not be read, and the identity generation mechanism based on the equipment has the advantages of non-replicability and variability and can greatly improve the security of the Internet of things;

according to the method, the final physical characteristic information is obtained by combining the two types of sources of entropy values into the entropy pool, so that the sources of the physical characteristic information of the equipment of the Internet of things are enriched, and the establishment of a physical fingerprint model through machine learning hard solution is avoided;

according to the invention, the irreparable modification and decentralization characteristics of the block chain are used as the identity generation registration platform, so that the possibility of modifying the registration information after the server is broken can be avoided, and the safety is further improved.

Drawings

Fig. 1 is a schematic flow chart of a trusted mechanism of an internet-of-things security chip according to an embodiment of the present invention;

fig. 2 is a table of CPRs for a plurality of stimulus Corresponding Pairs (CPRs) according to an embodiment of the present invention.

Detailed Description

The subject matter described herein will now be discussed with reference to example embodiments. It should be understood that these embodiments are discussed only to enable those skilled in the art to better understand and thereby implement the subject matter described herein, and are not intended to limit the scope, applicability, or examples set forth in the claims. Changes may be made in the function and arrangement of elements discussed without departing from the scope of the disclosure. Various examples may omit, substitute, or add various procedures or components as needed. For example, the described methods may be performed in an order different from that described, and various steps may be added, omitted, or combined. In addition, features described with respect to some examples may also be combined in other examples.

The term "entropy" is originally a thermodynamic concept, and is used as a factor for increasing randomness in cryptography, and sometimes environmental "noise" is used to refer to the factor for increasing entropy, and the noise herein does not refer to sound, but may refer to randomness in environments such as images, magnetic fields, light rays, motion tracks and the like.

The "entropy pool" refers to a data structure designed at the system or application level, and is used for collecting "noise" in the environment, and when random numbers are needed, the collected "noise" is selected from the entropy pool to be used as the random numbers.

The "fingerprint" referred to in the present invention is not a biometric fingerprint, but refers to a physical characteristic unique to a device;

in this embodiment, an internet of things security chip trusted mechanism is provided, as shown in fig. 1, which is a schematic flow diagram of the internet of things security chip trusted mechanism according to the present invention, as shown in fig. 1, the internet of things security chip trusted mechanism includes the following steps:

s100, acquiring a Physical Unclonable Function (PUF) of the chip, and extracting a plurality of excitation Corresponding Pairs (CPRs) from the Physical Unclonable Function (PUF);

the "physical fingerprint" of a chip is a random feature in the production and manufacturing process of the chip, and the physical fingerprint has uniqueness and non-reproducible characteristics, such as time delay, frequency, voltage and the like. The physical unclonable function is a function of functional units of "physical fingerprint" difference identification built inside the chip. The most important operating characteristics of a PUF are its uniqueness and irreproducibility, with each input stimulus corresponding to an output response, and the outputs of different circuits being unpredictable, i.e., "stimulus-response pairs" CPRs. CPRs are only generated in the case of stimulus inputs, and response outputs are not present in the case of stimulus failures. And the PUF has natural anti-splitting attack characteristics, once the chip is split, the physical characteristics of the chip will change, the CPRs also change, and the generated multiple PUFs with randomness and uniqueness are output as the secret key of the cryptographic algorithm by utilizing the random deviation of the chip in the manufacturing process, so that the cryptographic algorithm has the advantages of being undoubted and safer.

Digital circuit PUFs currently have two main implementations:

1) is generated by using the propagation delay of the digital signal. When a digital signal is transmitted among various components, propagation delay exists, and the delay is related to parameters of the components, such as the length and width of a MOSFET channel, the threshold voltage, the thickness of an oxide layer and the like. Therefore, the propagation delay of the digital signal has randomness, which is the embodiment of the physical unclonable function. Common types of PUFs based on propagation delay are arbierPUFs and ring oscillator PUFs. The arbierpup realizes two symmetrical digital circuits on an IC, selects a specific path for signal propagation by external excitation, and finally sets an arbiter at the end point of the two paths to judge the arrival sequence of electrical signals on the two paths to output response. The ring oscillator PUF outputs a response by measuring the number of oscillations per unit time of the electrical signals on the two paths.

2) Using the steady state of the memory cell circuit. Generally, digital storage is accomplished by bistable logic cells. Specifically, a bistable logic cell is implemented by two cross-coupled gates, such as inverters, and then a register selectively stores one of the states to store a binary digit. However, if the bistable ballast unit enters an unstable state, it will oscillate between unstable states until it reaches a stable state, and will obviously be biased towards either state. This bias is generally caused by process variations in the manufacturing process, which are also a manifestation of the physically unclonable function. SRAMPUFl9] outputs a response through the steady state of a static random access cell or flip-flop. Butterfly PUFs output a response by destroying the steady state after a cell.

S200, extracting a response part of Corresponding Pairs (CPRs) of excitation as a first entropy value, and adding the first entropy value into an entropy pool;

s400, inputting the physical characteristic information W into a Fuzzy Extractor (FE), outputting auxiliary data P (public) and a uniform random value R by the Fuzzy Extractor (FE), and taking the auxiliary data P and the uniform random value R as registration information registration identities;

The uniform random value R 'is regenerated through the physical characteristic information W' of the Internet of things equipment to be authenticated and the output auxiliary data P, and is obtained through calculation through the physical characteristic information and the output auxiliary data P through a recovery algorithm of a fuzzy extraction technology.

In the above-described trusted mechanism, although physical characteristic information has irreproducibility and complete randomness, SRAMPUF and ring oscillator PUFs are typically weak PUFs. Strong PUFs may be based on their high entropy content

Providing a large number of CRPs, a feature that makes it possible to support very well the lightweight class of CRPs in networking security

And (5) identity authentication. Arbierpufs are the most typical strong PUFs. The current strong PUF is easily attacked by machine learning, and great potential safety hazard exists. An attacker can simulate (clone) the entire PUF instance by collecting the very small number of CRPs exchanged over the communication channel, and the cloned PUF parametric model can exhibit almost the same stimulus-response behavior as a hardware PUF. For example, for a 64x 64 Arbiter PUF, the prediction accuracy of the training model may exceed 95% when using about 650 pairs of CRPs (training time on a common PC is about 0.01s) for modeling attacks; when 18050 pairs of CRPs (training time on ordinary PC is about 0.6s) are used, the prediction accuracy is up to 99.9% 11.

Although this embodiment overcomes this problem to some extent, the internet of things device needs to register to the server, which means that the physical characteristic information needs to be stored in the server, once the server is broken, an illegal access person can directly authenticate by modifying the registration information, which means that illegal access will become easy, and to solve this problem, this embodiment provides a trusted mechanism combining a block chain, storing the registration information in the block chain, and avoiding the registration information from being modified based on the unchangeable characteristic and the decentralized characteristic of the block chain, including:

generating a user name IDm, a password PWm, auxiliary data Pm (public) and a uniform random value Rm (obtained by a fuzzy extraction algorithm through physical characteristic information Wm) by using the Internet of things equipment Um, and sending the user name IDm, the password PWm, the auxiliary data Pm (public) and the uniform random value Rm to a non-verification Node (NVP) of a block chain;

a non-verification Node (NVP) inquires whether the user name IDm is registered to a registration block chain or not through the registration block chain;

after the Internet of things device Um receives the unregistered information, the Internet of things device Um sends the registered information to a non-verification Node (NVP);

encrypting a uniform random value Rm by using a public key PUBnvp of a non-verification Node (NVP) to obtain Envp (Rm), combining to obtain intermediate information (IDm, Envp (Rm), Pm and Hm), and sending to the non-verification Node (NVP);

in the step, after the intermediate information is sent to a non-verification Node (NVP), the Internet of things equipment Um does not store auxiliary data Pm and a uniform random value Rm;

the non-verification Node (NVP) executes a block chain intelligent contract to initiate the registration transaction, and signature of intermediate information (IDm, Envp (Rm), Pm, Hm and IDnvp) is generated by using a private key PRA of the non-verification Node (NVP), wherein IDnvp is ID information of the non-verification Node (NVP);

the non-verification Node (NVP) broadcasts the registration transaction information to the verification node (VP); the registration transaction information includes (IDm, Envp (Rm), Hm, IDnvp, SIGNnvp);

the verification node (VP) verifies the registration transaction initiated by the non-verification Node (NVP), and writes a plurality of registration transaction generation blocks into the registration block chain through a consensus mechanism in one period.

In addition, the present embodiment provides an example of authentication:

the Internet of things equipment Um 'is provided with a user name IDm' and a password PWm 'and generates physical characteristic information Wm' and initiates an authentication request to a non-authentication Node (NVP);

the non-verification Node (NVP) executes a block chain intelligent contract to verify whether the IDm' is a registered user;

if yes, executing the next step, otherwise, failing to authenticate;

the non-verification Node (NVP) performs Hash processing on the password PWm 'through the IDm' fixed-length password Hm to obtain a fixed-length password Hm ', and verifies whether the Hm' is the same as the Hm or not;

a non-verification Node (NVP) queries auxiliary data Pm through IDm ', and recovers to obtain a uniform random value Rm ' through a recovery algorithm of a fuzzy extraction technology based on the auxiliary data Pm and physical characteristic information Wm ';

judging whether the absolute value of the difference value alpha ' between Rm ' and Rm exceeds a preset threshold alpha by a non-verification Node (NVP), if alpha ' is less than alpha, successfully authenticating, and executing the next step;

if alpha' is more than or equal to alpha, the authentication is ended and the authentication fails.

The non-verification Node (NVP) generates and endorses the information of the current authentication transaction, broadcasts the endorsement information to the verification node (VP), and packs a plurality of authentication transactions into blocks through a consensus mechanism within a certain time and writes the blocks into an authentication chain.

The non-verification Node (NVP) generates the authentication transaction information and endorses the authentication transaction information comprises the following steps:

the non-verification Node (NVP) initiates the authentication transaction, and the signature of (IDm ', Rm', Hm ', IDnvp) is generated to SIGNNvp';

the authentication transaction information includes (IDm ', Rm', Hm ', IDnvp, SIGNnvp');

in the embodiment, the registration information is stored based on the blockchain, so that the registration information is prevented from being tampered, and the safety of identity generation and authentication of the internet of things is improved by using the irreparable property and the decentralization property of the blockchain.

The communication protocol information may be wired communication protocol information or wireless communication protocol information in this embodiment;

the wireless communication protocol information may be selected from, but is not limited to: frequency domain information, channel information, time synchronization information, physical configuration information.

The present embodiment provides a specific embodiment: the Internet of things equipment communicates based on a communication protocol of an LTE standard;

extracting a system frame number of an MIB in an LTE standard as communication protocol information, wherein the range of the frame number in the LTE standard is 0-1023, and 1024 data can be completely coded by 10 bits, so that the system frame number in the LED standard is a binary string with a fixed length, and the binary string is used as wireless communication protocol information, namely a second entropy;

further, in order to reduce the size of the entropy pool, that is, the difference range of the physical characteristic information, the embodiment performs a reduction process on the system frame number information, including:

rearranging the character string of the system frame number according to the following preset rules:

the 0 characters are all located before the 1 characters;

carrying out reduction processing on the system frame number information in the above way, and reducing the fluctuation range of the second entropy;

in this embodiment, a combination of the first entropy and the second entropy is explained by combining the second entropy, and the first entropy is a response part of the excitation Corresponding Pairs (CPRs) extracted as the first entropy, specifically:

the table of the plurality of CPRs exciting Corresponding Pairs (CPRs) as shown in fig. 2 should be as shown, the response part, i.e. the right half part of the table, and the first entropy value is obtained by combining after extracting the binary characters of all the response parts;

the combination can be selected but is not limited to: sorting and combining;

for the combination of the first entropy value and the second entropy value, it may be the addition of the first entropy value to the second entropy value or a direct combination, the direct combination being the coincidence of the first entropy value with a binary word of the second entropy value, the binary word of the second entropy value being arranged after the binary word of the first entropy value.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.

While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.

Claims

1. An internet of things security chip credibility mechanism is characterized by comprising the following steps:

2. The internet of things security chip trusted mechanism as claimed in claim 1, wherein the uniform random value R 'is regenerated through the physical feature information W' of the internet of things device to be authenticated and the output auxiliary data P, and is calculated through a recovery algorithm of a fuzzy extraction technology with the physical feature information and the output auxiliary data P.

3. The internet of things security chip trust mechanism of claim 1, wherein the communication protocol information is a system frame number of the MIB in the LTE standard.

4. The internet-of-things security chip trusted mechanism as claimed in claim 1, wherein the communication protocol information is obtained by rearranging strings of system frame numbers according to a predetermined rule.

5. The Internet of things security chip trust mechanism of claim 1, wherein the combination of the first entropy and the second entropy to obtain the physical characteristic information is the addition or direct combination of the first entropy and the second entropy, the direct combination is the coincidence of the first entropy and the binary word of the second entropy, and the binary word of the second entropy is arranged after the binary word of the first entropy.

6. The internet-of-things security chip trusted mechanism according to claim 1, wherein registering the auxiliary data P and the uniform random value R as registration information comprises:

generating a user name IDm, a password PWm, auxiliary data Pm and a uniform random value Rm by the Internet of things equipment Um, and sending the user name IDm, the password PWm, the auxiliary data Pm and the uniform random value Rm to a non-verification node NVP of a block chain;

7. The internet of things security chip trusted mechanism of claim 6, wherein the authentication phase comprises:

if yes, executing the next step, otherwise, failing to authenticate;

8. The internet of things security chip trusted mechanism as claimed in claim 7, wherein said non-verification node NVP generating and endorsing the authentication transaction information comprises the following steps: