CN-122001602-A - Safe communication system and method for generating artificial intelligence enabled Internet of things

Abstract

The invention belongs to the technical field of artificial intelligence, and discloses a secure communication system and a method for generating artificial intelligence to enable the Internet of things, wherein the system comprises a registration authority, a communication server and a communication server, wherein the registration authority is responsible for registering Internet of things users and Internet of things equipment; the system comprises an Internet of things user, intelligent equipment, an intelligent device, an edge artificial intelligence, an edge server and an edge server, wherein the Internet of things user registers with a registration authority by using an intelligent mobile phone and interacts with the edge artificial intelligence after logging in, the remote intelligent equipment is controlled by the edge artificial intelligence, the intelligent equipment is used for collecting data in an environment and transmitting the data to the edge artificial intelligence and the Internet of things user after mutual authentication, the edge artificial intelligence is an edge server close to the intelligent equipment, and the edge server is provided with an artificial intelligence application, and is a fusion of edge computing and the artificial intelligence. The invention mainly realizes the safe communication between the Internet of things user and the remote intelligent equipment, and a weak physical unclonable function is embedded in the intelligent equipment in order to protect the physical safety of the remote intelligent equipment.

Inventors

• GUO YIMIN

Assignees

• 中南财经政法大学

Dates

Publication Date

20260508

Application Date

20241107

Claims (8)

1. 1. A secure communications system for generating artificial intelligence enabled internet of things, the system comprising: the registration authority module is used for registering the Internet of things user and the intelligent equipment, is a trusted server and registers the entity in the Internet of things; The Internet of things user module is connected with the registration authority module, and an Internet of things user registers with the registration authority module by using a smart phone and controls remote intelligent equipment through edge artificial intelligence after logging in; The intelligent equipment module is used for collecting data in the environment, and after the intelligent equipment performs mutual authentication with the Internet of things user, the intelligent equipment transmits the data to the edge artificial intelligence and the Internet of things user; the edge artificial intelligent module is connected with the Internet of things user module and the intelligent equipment module, is an edge server close to the intelligent equipment, deploys artificial intelligent application, can process data transmitted by the intelligent equipment, performs data analysis and decision making, and assists the Internet of things user and the intelligent equipment to perform mutual authentication.
2. 2. The generated artificial intelligence enabled internet of things secure communication system of claim 1, wherein the registration authority module is configured to perform operations of a registration phase and an authentication phase, wherein: The registration stage comprises user registration and intelligent equipment registration, wherein a registration authority module carries out identity registration and authentication information storage for the Internet of things user and intelligent equipment; The authentication stage comprises user login and mutual authentication between the internet of things user and the intelligent device so as to ensure the security of subsequent communication.
3. 3. The generated artificial intelligence enabled internet of things secure communication system of claim 1, wherein the edge artificial intelligence module further comprises: the data processing unit is used for processing and analyzing the data transmitted from the intelligent equipment and making a decision according to the analysis result; The authentication assisting unit is used for assisting mutual authentication between the user of the Internet of things and the intelligent equipment and generating a safe session key after successful authentication so as to realize safe communication between the user and the intelligent equipment.
4. 4. The generated artificial intelligence enabled internet of things secure communication system of claim 1, wherein the smart device module comprises: The data acquisition unit is used for acquiring data in the environment; A Weak Physical Unclonable Function (WPUF) module to generate a response value during the smart device registration phase to enhance the device's uniqueness and resistance to attacks; And the authentication unit is used for carrying out mutual authentication with the Internet of things user and the edge artificial intelligent module in the authentication stage, so that the security of the data in the transmission process is ensured.
5. 5. A method of secure communication of a generated artificial intelligence enabled internet of things based on the secure communication system of a generated artificial intelligence enabled internet of things of claim 1, the method comprising a registration phase and an authentication phase; The registration stage is to register the Internet of things user and the intelligent equipment by a registration authority, and the authentication stage is to realize the mutual authentication between the Internet of things user and the intelligent equipment, so as to realize the secure communication, and specifically comprises the following steps: (1) User registration: s1, a user sends a registration request message Regi to a registration authority; S2, after receiving a registration request of a user, the registration authority generates a response message Resi and transmits (Regi, resi) to the user; S3: the user selects the user name IDi and the password PWi, and selects two random numbers ai and bi, calculates RIDi =h (idi||ai), RPWi =h (idi|pwi||ai), bi, proci = RIDi ] Resi, and then { Proci, RPWi } is passed to the registration authority; s4, after receiving a registration request of a user, the registration authority generates a random number ri for the user, calculates RIDi = Proci:Resi, ai=h (ri||x) RPWi, bi=h (x||y) and h (RPwi), transmits Ai and Bi to the user, and stores registration information { RIDi, ri } of the user in the edge artificial intelligence; S5, the user receives the message transmitted by the registration authority, the mobile equipment calculates h(ri||x)＝Ai⊕RPWi,h(x||y)＝Bi⊕h(RPWi),Ci＝h(IDi||PWi)⊕ai,Di＝h(ri||x)⊕h(RIDi||PWi),Ei＝h(x||y)⊕h(RIDi||IDi||PWi),Fi＝h(h(ri||x)||h(x||y)||RIDi||PWi||ai),, and finally { Ci, di, ei, fi } is stored in the mobile phone; (2) Registering intelligent devices, namely embedding a weak physical unclonable function WPUF into each intelligent device; the registration authority selects an identity IDj for the smart device, generates a challenge Cj and a current registration timestamp Tj, calculating sj=h (idj||x||tj), rj=wpuf (Cj); storing { IDj, h (Rj) [ h (x||Tj), tj ] in the edge artificial intelligence, storing { IDj, cj, sj } in the intelligent device; The authentication stage comprises login and mutual authentication, wherein a user firstly uses a smart phone to log in, after the login is successful, the user performs the mutual authentication with remote intelligent equipment through edge artificial intelligence, and a secure session key for subsequent communication of the user is generated; (1) The user inputs a user name IDi and a password PWI, the smart phone calculates ai=h (IDi|PWI) and is equal to stored Fi, RIDi =h (IDi|ai), h (ri|x) =Di h (RIDi |PWI), h (x|y) =Ei|h (RIDi |IDi|PWI), and calculates Fi=h (h (ri|x) ||h (x|y) | RIDi |PWI ai) and is equal to stored Fi; (2) After successful login, the user and the remote intelligent equipment execute mutual authentication, and the authentication steps are as follows: the mobile device selects an intelligent device IDj to be accessed, generates a random number n1, a current timestamp t1, calculates M1＝n1⊕h(h(ri||x)||t1),TIDi＝RIDi⊕h(ri||x),Auth1＝h(h(ri||x)||RIDi||TIDi||n1||t1),M2＝IDj⊕h(Auth1||t1),M3＝h(RIDi||PWi||n1||t1)⊕h(h(ri||x)||IDj||n1), and finally transmits Meg1= { M1, TIDi, M2, M3, auth1, t1} to the edge artificial intelligence; After the edge artificial intelligence receives the message, checking the freshness of the message, i.e. judging whether the difference between the time stamp of the received message and the time stamp of the transmitted message is smaller than the preset maximum transmission delay, if the message is fresh, the edge artificial intelligence calculates RIDi = TIDi # (h (x||y), checks whether RIDi exists in its own database, if so, finds RIDi corresponding ri, calculating n1=m1_h (h (ri) x t 1), auth1=h (h (ri) x RIDi n1 t 1), judging whether auth1 is the same as the received auth1, if so, edge artificial intelligent authentication users are real, and calculating idj=m2 'h (auth1 t 1), h (RIDi PWi n1 t 1) =m3's of the h (h (ri x) IDj n 1) if the two are the same; the edge artificial intelligence checks whether IDj exists in a database, if so, the corresponding h (Rj) index h (x||Tj), tj and h (Rj) is recovered; The edge artificial intelligence generates a random number n2, a current time stamp t2, calculates Sj＝h(IDj||x||Tj),M4＝n2⊕h(Sj||h(Rj)||t2),M5＝h(RIDi||PWi||n1||t1)⊕h(IDj||h(Rj)||n2||t2),M6＝h(x||n2)⊕h(Sj||h(Rj)||n2),Auth2＝h(h(RIDi||PWi||n1||t1)||h(x||n2)||IDj||h(Rj)||n2||t2); and finally transmits a message Meg2= { M4, M5, M6, auth2, t2} to the intelligent device; after receiving the message, the intelligent device checks the freshness of the received message, if the message is fresh, the intelligent device calculates rj=wpuf (Cj) according to Cj in the memory, then calculates n2＝M4⊕h(h(IDj||x||Tj)||h(Rj)||t2),h(RIDi||PWi||n1||t1)＝M5⊕h(IDj||h(Rj)||n2||t2),h(x||n2)＝M6⊕h(Sj||h(Rj)||n2),Auth2*＝h(h(RIDi||PWi||n1||t1)||h(x||n2)||IDj||h(Rj)||n2||t2), and checks whether auth2 is equal to auth2 or not; The intelligent device generates a random number n3, the current timestamp t3 and transmits a message Meg3= { M7, M8, auth3, t3} to the user after M7＝n3⊕h(h(RIDi||PWi||n1||t1)||IDj||t3),M8＝h(x||n2)⊕h(h(RIDi||PWi||n1||t1)||n3),SK＝h(h(RIDi||PWi||n1||t1)||h(x||n2)||IDj||n3||t3),Auth3＝h(h(RIDi||PWi||n1||t1)||SK||IDj||t3); is calculated; After the user receives the message transmitted by the smart device, the freshness of the message is checked, if the received message is fresh, the user calculation n3＝M7⊕h(h(RIDi||PWi||n1||t1)||IDj||t3),h(x||n2)＝M8⊕h(h(RIDi||PWi||n1||t1)||n3),SK＝h(h(RIDi||PWi||n1||t1)||h(x||n2)||IDj||n3||t3),Auth3*＝h(h(RIDi||PWi||n1||t1)||SK||IDj||t3), checks whether Auth3 is equal to the received Auth3, if the two are equal, the user authenticates the smart device, so far, the user and the smart device perform mutual authentication, and a shared session key SK is generated for subsequent secure communications.
6. 6. A computer device comprising a memory and a processor, the memory storing a computer program that, when executed by the processor, causes the processor to perform the steps of the method of generating artificial intelligence enabled internet of things secure communication of claim 1.
7. 7. A computer readable storage medium storing a computer program which, when executed by a processor, causes the processor to perform the steps of the method of generating artificial intelligence enabled internet of things secure communication of claim 1.
8. 8. An information data processing terminal, wherein the information data processing terminal is configured to implement the secure communication system of the generation type artificial intelligence enabled internet of things according to claim 1.

Description

Safe communication system and method for generating artificial intelligence enabled Internet of things Technical Field The invention belongs to the technical field of artificial intelligence, but is not limited to the technical field of artificial intelligence, and particularly relates to a secure communication system and method for generating artificial intelligence enabled Internet of things. Background The generated artificial intelligence is a branch of the artificial intelligence, can process data, can learn the internal rules of things, and can independently create new contents. The generation type artificial intelligence enabling Internet of things refers to the fact that the generation type artificial intelligence technology is integrated into the Internet of things, and intelligent comprehensive upgrading of the Internet of things can be achieved. Big data can be generated and transmitted in the Internet of things enabled by the generated artificial intelligence, so that communication security of the Internet of things scene faces a great challenge. Authentication protocol is an important means of protecting secure communications between entities in an internet of things scenario. Over the past time, considerable authentication protocols have been proposed for various application scenarios of the internet of things, however, many claim to have not only superior performance, but also to be able to resist various known attacks. Unfortunately, some authentication protocols have been discovered to have some security vulnerabilities soon after the proposal. Furthermore, some improved authentication protocols have been found to be unsafe. How to design a secure authentication protocol has attracted considerable attention. The generated artificial intelligence enabled Internet of things scene has more serious security threat, and an attacker can not only completely control a communication channel, but also capture intelligent equipment and implement an attack method based on the artificial intelligence according to various obtained data. Therefore, in order to guarantee secure communications in the generated artificial intelligence enabled internet of things scenario, it is necessary to design an efficient and secure authentication protocol to prevent various attacks on the generated artificial intelligence enabled internet of things. At present, a large number of authentication protocols are provided for Internet of things scenes such as industrial Internet of things, internet of vehicles, smart grids, intelligent medical systems, wireless body area networks, unmanned aerial vehicle networks, agricultural Internet of things, intelligent home and the like. Many protocols are discovered to have security holes soon after being proposed and authentication protocols of "design-patch-redesign" may still be unsafe. The disadvantage of the prior art is firstly that the attack capability of the attacker is not fully considered, in particular that the attacker has an attack technique based on artificial intelligence, so that the existing authentication technique is secure in the case of weak attacker capability and is not secure in the case of strong attacker capability. Secondly, the prior art uses cryptographic primitives with large calculation amount for enhancing security, so that the techniques are not applicable in the resource-limited internet of things scene. The invention solves these currently unsolvable problems (1) authentication protocols can also provide security guarantees in the face of the strongest attacker. (2) The communication scheme is lightweight while providing strong security guarantee, and is suitable for application in the generated artificial intelligence enabled Internet of things scene. Disclosure of Invention Aiming at the problems existing in the prior art, the invention provides a secure communication system and a method for generating artificial intelligence to enable the Internet of things. The invention is realized in such a way that a secure communication system of the Internet of things is enabled by the generation type artificial intelligence, and the system comprises: the registration authority is responsible for registering the Internet of things user and the Internet of things equipment, is a trusted server and is responsible for registering the entity in the Internet of things; The internet of things user is connected with the registration authority, the internet of things user uses the smart phone to register with the registration authority, after logging in, interacting with the edge artificial intelligence, and controlling the remote intelligent device through the edge artificial intelligence; the intelligent device is used for collecting data in the environment and transmitting the data to the edge artificial intelligence and the Internet of things user after mutual authentication; The system comprises an intelligent device, an edge artificial intelligence, an edge se