CN116318678B - A multi-factor Internet of Things terminal dynamic group access authentication method - Google Patents

Abstract

Translated fromChinese

本发明涉及一种多因子物联网终端动态群组接入认证方法，属于物联网领域，包括：S1：SDN控制器与物联网网关建立安全连接，SDN控制器进行系统初始化，生成一个安全私钥，并选择一个安全单项哈希函数；S2：将物联网终端按群组进行划分，在安全信道下统一注册；S3：物联网终端通过PUF解密智能卡中的秘密参数，并对物联网终端的安全性、可靠性进行验证；S4：物联网终端进行身份认证与会话密钥协商；S5：当要向某一终端群组中添加新成员时，更新组密钥以保证前向安全；S6：当发现一个群组中的某个成员存在恶意行为时，将该成员逐出群组，并更新组密钥SK_G以保证后向安全；S7：定时更新组身份与PUF激励响应对。

The invention relates to a multi-factor Internet of Things terminal dynamic group access authentication method, which belongs to the field of Internet of Things, and comprises the following steps: S1: an SDN controller establishes a secure connection with an Internet of Things gateway, the SDN controller performs system initialization, generates a secure private key, and selects a secure single hash function; S2: the Internet of Things terminals are divided into groups, and are uniformly registered under a secure channel; S3: the Internet of Things terminals decrypt secret parameters in a smart card through a PUF, and verify the security and reliability of the Internet of Things terminals; S4: the Internet of Things terminals perform identity authentication and session key negotiation; S5: when a new member is to be added to a terminal group, the group key is updated to ensure forward security; S6: when a member in a group is found to have malicious behavior, the member is expelled from the group, and the group key SK_G is updated to ensure backward security; S7: the group identity and PUF incentive response pairs are updated regularly.

Description

Multi-factor internet of things terminal dynamic group access authentication method

Technical Field

The invention belongs to the field of Internet of things, and relates to a dynamic group access authentication method for a multi-factor Internet of things terminal.

Background

With the large-scale deployment of internet of things services, the number of internet of things terminals is increasing explosively. However, a large number of low-cost, low-power-consumption, narrow-bandwidth internet of things terminals are often deployed in unmanned or wireless signal complex environments with less data to send or receive. If the communication network is accessed by adopting an end-to-end authentication method one by one, a great deal of unnecessary signaling and calculation overhead is generated. The authentication efficiency is low, and the service life of the terminal powered by the battery is consumed. How to realize access authentication and key distribution and management of tens of thousands of internet of things terminals becomes a challenging research problem. The grouping of a plurality of terminals of the Internet of things is an effective management means, and the service network of group authentication faces to massive concurrent access scenes, and only needs to authenticate individual nodes in the group, and other group members can finish batch authentication locally. On the premise of ensuring safety, various system overheads can be reduced, and authentication efficiency is improved.

Lai C et al propose a lightweight group authentication scheme based on resource-constrained machine-to-machine (M2M) under 3GPP network architecture in "Lai C,LuR,ZhengD,etal.GLARM:Group-basedlightweightauthentication scheme for resource-constrained machine to machine communications[J].Computer Networks,2016,99:66-81.". In the scheme, a symmetrical cryptosystem and a method for aggregating MAC addresses are adopted to realize simultaneous authentication of a group of terminals. But this protocol does not implement forward/backward security, once the current key is compromised, the historical keys and future keys will be presumed to be unsecure, possibly resulting in a significant amount of encrypted data being compromised.

Li J et al in "Li J,Wen M,Zhang T.Group-based authentication and key agreement with dynamic policy updating for MTC in LTE-A networks[J].IEEE Internet ofThings Journal,2015,3(3):408-417." propose an AKA protocol based on dynamic policy updating of groups. In the protocol, a scheme of combining asynchronous secret sharing with Diffie-Hellman key exchange is adopted to realize distributed authentication and session key negotiation in the LTE-A network and realize dynamic updating of the access authority of the MTC device. However, the protocol adopts point multiplication operation, and each terminal device needs to communicate with a service network to realize key negotiation, so that the calculation and signaling overhead of the terminal is high.

Cao J et al in "Cao J,Yan Z,Ma R,et al.LSAA:A lightweight and secure access authentication scheme forbothUE andmMTC devices in 5Gnetworks[J].IEEE Internet ofThings Journal,2020,7(6):5329-5344." propose a lightweight secure access authentication scheme for UE and MMTC devices in a 5G network. In the scheme, the secure functions of mutual authentication, session key establishment, identity privacy protection, forward/backward confidentiality and the like of common User Equipment (UE) large-scale machine type communication (MMTC) equipment are realized by using Chebyshev chaotic mapping. However, the scheme does not verify the reliability and the safety of the terminal of the Internet of things and lacks a dynamic refreshing mechanism, so that a malicious node can be accessed to the system.

Among the above protocols, the protocol proposed by Lai C et al does not realize forward/backward security, once the current key leaks, the history key and the future key can be presumed, possibly resulting in a large amount of encrypted data leaking, the protocol proposed by Li J et al is complex in calculation, and each terminal device needs to communicate with the service network to realize key negotiation, resulting in high computational and signaling overhead of the terminal, and the protocol proposed by Cao J et al does not verify the reliability and security of the terminal of the internet of things and lacks a dynamic refresh mechanism, possibly causing the system to access a malicious node.

Disclosure of Invention

Therefore, the invention aims to provide a multi-factor internet of things terminal dynamic group access authentication method, which aims to realize a plurality of security functions, reduce signaling, calculation and storage expenses of the internet of things terminal in authentication, and realize batch authentication and session key negotiation of the internet of things terminal.

In order to achieve the above purpose, the present invention provides the following technical solutions:

a multi-factor internet of things terminal dynamic group access authentication method comprises the following steps:

s1, in a system initialization stage, an SDN controller establishes a secure connection with an Internet of things gateway, the SDN controller performs system initialization, generates a secure private key and selects a secure single hash function;

S2, in the registration stage of the terminals of the Internet of things, the terminals of the Internet of things are divided according to groups, and unified registration is performed under a safety channel;

s3, in the login stage, the terminal of the Internet of things decrypts secret parameters in the smart card through the PUF, and verifies the safety and reliability of the terminal of the Internet of things;

s4, in a group to be authenticated, firstly, a group leader initiates an access authentication request to an SDN controller; the SDN controller verifies the identity of the group leader through the information in registration and the parameters in the authentication request, generates a random number, calculates an encryption key for each member in the group, and then sends the encryption key to the gateway of the Internet of things; the gateway of the internet of things calculates a session key for each terminal member, protects a random number through an encryption key, and then broadcasts an authentication message to group members; the group member calculates the encryption key, the session key and the group key locally according to the parameters and the authentication information when logging in, then verifies the authentication information and updates the pseudo identity, and then calculates the authentication success information and sends the authentication success information to the group owner;

s5, dynamically joining the terminal, namely updating a group key to ensure forward security when a new member is to be added into a certain terminal group;

S6, dynamically removing the terminal, namely when a member in a group is found to have malicious behaviors, evicting the member from the group, and updating a group key SK_G to ensure backward safety;

And S7, updating the group identity and PUF excitation response at fixed time, namely updating the group identity and PUF excitation response to prevent tracking attack after a certain period of time, reselecting a private key and a PUF input excitation by each terminal of the Internet of things, calculating corresponding registration parameters and sending the registration parameters to an SDN controller, recalculating the group identity and the selection random number by the SDN controller according to the new parameters and sending the group identity and the selection random number to each terminal of the Internet of things through an original session key, and then synchronously calculating an updated session key and a group key by each terminal and the SDN controller.

Further, the step S1 specifically includes that the SDN controller establishes a secure connection with the gateway of the Internet of things, then generates a secure private key delta_sc, and selects a secure single hash function H () {0,1}^*→{0,1}ⁿ, n is the bit width of the hash function message digest output.

Further, in the step S2, all k terminal members in the group are provided with a physical unclonable function PUF by default, and initialize a stimulus response CRP (Ci, ri), and the registration of the terminal of the internet of things specifically includes the following steps:

S21, outputting a calculated registration parameter GPW_i through an identity ID_i and a PUF by the terminal of the Internet of things, and sending registration information of < ID_i,GPW_i > to the SDN controller;

R_i＝PUF(C_i)

GPW_i＝H(ID_i||R_i)

Wherein, R_i represents the output response of the physical unclonable function PUF, C_i represents the input stimulus of the physical unclonable function, GPW_i represents the registration parameter, and H represents the hash function;

S22, calculating a pseudo identity VID_i for the terminal of the Internet of things by the SDN controller, selecting a large prime number p_i and an exponential operation primitive root g, and sending registration information < VID_i,p_i, g > to the terminal of the Internet of things by the SDN controller, wherein the calculation formula of the VID_i is as follows:

VID_i＝H(ID_i||δ_sc)

δ_sc represents the security private key of the SDN controller;

S22, selecting a private key x_i by the terminal of the Internet of things, calculating registration information y_i≡g^ximodp_i, and sending registration information < y_i > to the SDN;

s24, the SDN controller constructs a congruence equation set according to the registration information to calculate a set identity mark GID, the set identity mark is encrypted through the registration information to calculate W_i, the SDN controller sends registration information < W_i > to the terminal of the Internet of things, and the GID is a calculation result of the congruence equation, and the formula is as follows:

S25, the terminal of the Internet of things verifies and calculates B₁ and B₂ for encryption private keys and parameter integrity, and stores < B₁,B₂,VID_i,W_i > into the smart card SMC_i, wherein W_i is used for protecting the parameter of the GID:

B₁ and B₂ are used for protecting the private key and integrity verification of the terminal of the Internet of things, and the calculation process is as follows:

B₂＝H(VID_i||ID_i||x_i||R_i||W_i||GID)。

Further, the step S3 specifically includes that the terminal of the Internet of things reads the identity ID_i and the PUF input stimulus C_i, and parameters < B₁,B₂,VID_i,W_i > in the smart card, calculates GPW_i, decrypts the private key protected by B₁, and verifies the integrity of the parameters.

Further, the step S4 specifically includes:

S41, generating a timestamp T₁ by a group leader, calculating an authentication request verification parameter AUTH_GL＝H(GID||VID_GL||ID_GL||T₁), and sending an authentication request message < VID_GL,AUTH_GL,T₁ > to the gateway of the Internet of things;

S42, the gateway of the Internet of things forwards the authentication request message to the SDN controller;

S43, after verifying the freshness of the message, the SDN controller verifies AUTH_GL, calculates an encryption key K_i＝H(VIDi||GID||GPW_i for each terminal member, selects a random number r, and sends the message < { VID_i,K_i }, r, GID > to the terminal of the Internet of things;

S44, the gateway of the Internet of things calculates D_i for protecting the random number r, calculates a session key SK_i and an integrity verification parameter AUTH_i-ITG, and sends a message < VID_i,D_i,AUTH_i-ITG > to a group leader according to the following formula:

SK_i＝H(VID_i||GID||r||K_i)

AUTH_i-ITG＝H(VID_i||GID||r||SK_i||K_i||D_i)

S45, broadcasting the message in the group by the group owner, calculating an encryption key K_i by the terminal member, decrypting D_i to obtain a random number r, calculating a session key SK_i, calculating a group key SK_G, carrying out integrity verification and calculation AUTH_i-ITG, updating a pseudo-identity calculation VID_i^new, calculating an authentication success parameter AUTH_i-N, and sending the message < VID_i,AUTH_i-N > to the group owner, wherein the formula is as follows:

SK_G=H(r||GID)

VID_i^new＝H(r||VID_i||ID_i)

AUTH_i-N＝H(VID_i||GID||D_i||r||SK_i||SK_G||K_i)

S46, the group leader carries out fusion calculation on the information of each member to obtain fusion authentication parameters AUTH_t, and sends the information < VID_GL,AUTH_t > to the gateway of the Internet of things, wherein:

s47, the gateway of the Internet of things calculates SK_G, verifies AUTH_t, sends an authentication success message to the SDN controller, and synchronously calculates < SK_i,SK_G,VID_i^new >.

Further, the step S5 specifically includes the following steps:

S51, the new member N_k+1 generates a time stamp T₂, calculates an authentication request verification parameter AUTH_k+1, and sends a message < VID_k+1,AUTH_k+1,T₂ > to the group owner of the group, with the following specific formula:

AUTH_k+1＝H(GID'||VID_k+1||ID_k+1||GPW_k+1||T₂)

s52, adding a group identity to the message by the group leader, and sending the message < VID_GL,VID_k+1,AUTH_k+1,T₂ > to the SDN controller;

s53, the SDN controller verifies the freshness of the message, verifies and calculates AUTH_k+1, reconstructs a congruence equation set to calculate a new group identity mark GID_new, selects a new random number r_new, calculates encryption keys K'_k+1 and K_k+1, and sends the message < { VID_k+1,K'_k+1,K_k+1},r_new,GID_new > to the gateway of the Internet of things, wherein the calculation formula is as follows:

K’_k+1＝H(VID_k+1||GID'||GPW_k+1)

K_k+1＝H(VID_k+1||GID_new||GPW_k+1)

S54, the gateway of the Internet of things calculates D'_k+1 and D_k+1 for encrypting the new group identity and the random number, calculates a session key SK_k+1 and an integrity verification parameter AUTH_(k+1)-ITG, sends a message < VID_k+1,D'_k+1,D_k+1,AUTH_(k+1)-ITG > to a new member, and broadcasts < r_new,GID_new > to the original group member through the original group key, wherein the calculation formula is as follows:

SK_k+1＝H(VID_k+1||GID_new||r_new||K_k+1)

AUTH_(k+1)-ITG＝H(VID_k+1||GID_new||r_new||SK_k+1||K'_k+1||K_k+1||D'_k+1||D_k+1)

S55, the new member calculates an encryption key K '_k+1 and K_k+1 to decrypt D'_k+1 and D_k+1 to obtain a new group identity and a random number, calculates a session key SK_k+1 and a group key SK_G^new, calculates an AUTH_(k+1)-ITG to be verified, updates a pseudo-identity VID_k+1^new, calculates an authentication success parameter AUTH_(k+1)-N, and sends a message < VID_k+1,AUTH_(k+1)-N > to the gateway of the Internet of things, and other members update the < SK_i,SK_G,W_i > after receiving the < r_new,GID_new >, wherein the calculation formula is as follows:

VID_k+1^new＝H(r||VID_k+1||ID_k+1)

AUTH_(k+1)-N＝H(VID_k+1||GID_new||D'_k+1||D_k+1||r_new||SK_k+1||SK_G^new||K'_k+1||K_k+1)

s56, the gateway of the Internet of things calculates SK_G^new, verifies and calculates AUTH_(k+1)-N, sends an authentication success message to the SDN controller, and synchronously updates the < SK_i,SK_G >.

Further, the step S6 specifically includes the following steps:

S61, firstly, the SDN controller retrieves malicious member N_k, and cancels legal identity of N_k, modifies y_k into other value y'_k, and reconstructs a congruence equation set to calculate GID_new:

SDN generates a new random number r_new and encrypts and sends a message < r_new,GID_new > to group members except malicious member N_k through SK_i;

Other members update < SK_i,SK_G,W_i >, and the SC recalculates < SK_i,SK_G > and synchronizes with the ITG through encryption.

Further, step S7 includes the steps of generating a new PUF input stimulus C_i^new by the Internet of things terminal, calculating R_i^new,GPW_i^new, selecting a new private key x_i^new to calculate y_i^new, sending a message < GPW_i^new,y_i^new > to the SDN controller, reconstructing a congruence equation set by the SDN controller to obtain a GID_new, generating a new random number R_new, broadcasting the message < R_new,GID_new > to all group members, and updating parameters of the < SK_i,SK_G,W_i,B₁,B₂ > by the group members, the SDN controller and the Internet of things gateway.

The invention has the beneficial effects that:

Firstly, the method not only can realize the safety functions of mutual authentication, identity anonymity, replay attack resistance and the like, but also can update the pseudo identity and the random number after each negotiation, and update the encryption key at regular time, thereby ensuring the randomness and independence of each session key and the group key, even if an attacker obtains the current group key or the session key of a member in various ways, the former or later group key or session key can not be calculated, and the forward/backward safety is realized.

Secondly, only hash, exclusive or and other lightweight encryption algorithms are used in the whole process of the method, and the SDN controller only needs to authenticate the group leader in the terminal group of the internet of things, and other terminals of the internet of things can complete authentication and session key negotiation through local calculation by a method of broadcasting and aggregating messages, so that the calculation and signaling cost of terminals with limited resources is greatly reduced.

Thirdly, by utilizing the characteristics of the PUF and combining with the smart card, the reliability and the security verification of the terminal of the Internet of things are realized, a terminal adding and removing mechanism is designed, when a certain node in a group of the terminal of the Internet of things is added into or leaves the group, the SDN controller can reconstruct a congruence equation set through the China remainder theorem to generate a new group identity mark, and the updating of the secret key is realized with minimum cost without re-authenticating each member in the group.

Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention. The objects and other advantages of the invention may be realized and obtained by means of the instrumentalities and combinations particularly pointed out in the specification.

Drawings

For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in the following preferred detail with reference to the accompanying drawings, in which:

FIG. 1 is a diagram of a network architecture according to an embodiment of the present invention;

FIG. 2 is a detailed protocol registration process diagram according to an embodiment of the present invention;

fig. 3 is a detailed protocol authentication process diagram according to an embodiment of the present invention.

Detailed Description

Other advantages and effects of the present invention will become apparent to those skilled in the art from the following disclosure, which describes the embodiments of the present invention with reference to specific examples. The invention may be practiced or carried out in other embodiments that depart from the specific details, and the details of the present description may be modified or varied from the spirit and scope of the present invention. It should be noted that the illustrations provided in the following embodiments merely illustrate the basic idea of the present invention by way of illustration, and the following embodiments and features in the embodiments may be combined with each other without conflict.

In which the drawings are for illustrative purposes only and are not intended to be construed as limiting the invention, and in which certain elements of the drawings may be omitted, enlarged or reduced in order to better illustrate embodiments of the invention, and not to represent actual product dimensions, it will be understood by those skilled in the art that certain well-known structures in the drawings and descriptions thereof may be omitted.

In the description of the present invention, it should be understood that, if there are terms such as "upper", "lower", "left", "right", "front", "rear", etc., the directions or positional relationships indicated are based on the directions or positional relationships shown in the drawings, only for convenience of describing the present invention and simplifying the description, rather than indicating or implying that the referred devices or elements must have a specific direction, be constructed and operated in a specific direction, so that the terms describing the positional relationships in the drawings are merely for exemplary illustration and are not to be construed as limitations of the present invention, and that the specific meanings of the terms described above may be understood by those skilled in the art according to specific circumstances.

Referring to fig. 1 to 3, with the rapid development of the internet of things, the existing protocol for handling access authentication of a large number of terminals of the internet of things has many problems of insufficient security function, high system overhead, lack of refresh mechanism and the like. Aiming at the current state of the art, the invention provides a multi-factor internet of things terminal dynamic group access authentication method, which realizes batch lightweight authentication of the internet of things terminal on the premise of ensuring safety.

In order to implement the access authentication protocol in the present invention, a network architecture of internet of things terminal group authentication is designed, and refer to fig. 1. The method comprises the steps that a large number of internet of things terminals form a plurality of authentication groups, each group comprises a group leader, an internet of things gateway is responsible for information transmission, partial parameter calculation and authentication information verification, and an SDN controller is responsible for internet of things terminal registration, session key calculation and other responsibilities.

The invention relates to a multi-factor internet of things terminal dynamic group access authentication method, which comprises the following 7 stages:

(1) And in the system initialization stage, the Internet of Things Gateway (ITG) and the SDN Controller (SC) establish secure connection, and the data interaction between the ITG and the SDN controller is secure and credible. The SDN controller firstly initializes the system, generates a security private key delta_sc, and selects a security single hash function H () {0,1}^*→{0,1}ⁿ, n is the bit width of the hash function message digest output.

(2) In the registration stage of the terminals of the Internet of things, the terminals of the Internet of things perform unified registration according to group division, and an existing group of the terminals of the Internet of things is assumed, wherein k terminal members { N₁,N₂,...,N_k } are arranged in the group, each member is provided with a PUF by default, an excitation response pair (C_i,R_i) is initialized, and the registration process is completed under a secure channel. The terminal registration process of the Internet of things comprises the following steps:

(2a) Referring to fig. 2, each N_i selects one identity ID_i for itself and calculates R_i＝PUF(C_i),GPW_i＝H(ID_i||R_i). N_i then sends < ID_i,GPW_i > to the SC over the secure channel.

(2B) Referring to fig. 2, after receiving the registration message sent by N_i, the SC calculates a pseudo-identity VID_i＝H(ID_i||δ_sc for N_i). SC selects one large prime number p_i (i=1,..k) for N_i, and p_i≠p_j when i+.j, and satisfies that there are two different large prime numbers in the range of p_i -1. Next, SC selects an exponential-operated primitive root, g, for the group, which is also the generator of group Z^*_pi. The SC sends < VID_i,p_i, g > to N_i over the secure channel.

(2C) Referring to fig. 2, after receiving the SC reply message, N_i selects a private key x_i∈Z^*_pi for itself and calculates y_i≡g^ximodp_i. N_i then issues < y_i > to the SC over the secure channel.

(2D) Referring to fig. 2, after receiving y_i from k N_i transmissions, the SC constructs a congruence equation set using the chinese remainder theorem,

Wherein GID is the group identity of the group, SC is N_i for calculationThen, the SC generates a table in which group information < GID, g >, and each member information < ID_i,VID_i,y_i,p_i,GPW_i > are recorded. The SC sends < W_i > to N_i over the secure channel.

(2E) With continued reference to FIG. 2, N_i, upon receipt of W_i, calculatesB₂＝H(VID_i||ID_i||x_i||R_i||W_i GID). Then store < B₁,B₂,VID_i,W_i > into the smart card SMC_i. So far, the terminal group of the Internet of things completes the registration process.

(3) And in the login stage, when one Internet of things terminal group needs to be accessed to the 5G network, each member firstly executes a login step, decrypts and verifies the security parameters in the smart card. N_i reads the identity ID_i and PUF input stimulus C_i from the local storage, reads the parameters stored at enrolment from the smart card < B₁,B₂,VID_i,W_i>.N_i calculates R_i＝PUF(C_i),GPW_i＝H(ID_i||R_i),And verifies whether B₂ is equal to the calculation of H (VID_i||ID_i||x_i||R_i||W_i GID). If the parameters are equal, the parameters are legal, the terminal of the Internet of things is safe and reliable, and the next flow can be executed. Otherwise, the login will stop, re-reading the parameters and computing the verification.

(4) Referring to fig. 3, the process of negotiating the identity authentication and the session key of the terminal of the internet of things comprises the following steps:

(4a) Referring to fig. 3, a member is selected in a group according to the factors of computing power, signal quality, energy storage and the like to be the group leader of the group, and an authentication request is initiated by the group leader (N_GL). N_GL generates a time stamp T₁ and calculates AUTH_GL＝H(GID||VID_GL||ID_GL||T₁). Subsequently, N_GL sends an authentication message M₁＝<VID_GL,AUTH_GL,T₁ > to the ITG.

(4B) Referring to fig. 3, when message M₁ is received, the ITG does nothing else but forwards the message to the SC.

(4C) Referring to fig. 3, after receiving the forwarding message of the ITG, the SC first verifies the validity of T₁ to ensure the freshness of the message. Then, the SC performs a lookup table according to VID_GL to obtain the identity GID of the group and the true identity ID_GL of N_GL, and verifies whether AUTH_GL is equal to the calculation result of H (gid||vid_GL||ID_GL||T₁). If not, terminating the authentication flow and sending authentication failure information. Otherwise, the SC retrieves all members of the group according to GID and calculates K_i＝H(VID_i||GID||GPW_i). The SC generates a random number r, and then sends the message M₂＝<{VID_i,K_i, r, GID > encrypted to the ITG.

(4D) Referring to FIG. 3, the ITG decrypts the message M₂ to obtain < { VID_i,K_i }, r, GID >. Subsequently, the ITG calculates for each member N_iSK_i＝H(VID_i||GID||r||K_i),AUTH_i-ITG＝H(VID_i||GID||r||SK_i||K_i||D_i).ITG Message M₃＝<VID_i,D_i,AUTH_i-ITG > is sent to N_GL.

(4E) Referring to fig. 3, N_GL receives message M₃ and broadcasts it in the group. N_i within the group calculates K_i＝H(VID_i||GID||GPW_i based on VID_i receiving the corresponding message < VID_i,D_i,AUTH_i-ITG>.N_i in combination with the parameters acquired at login),SK_i＝H(VID_i||GID||r||K_i), the group key SK_G =h (r||gid), verifies whether AUTH_i-ITG is equal to the calculation result of H (VID_i||GID||r||SK_i||K_i||D_i). If equal, N_i authenticates the SC successfully. Otherwise, authentication fails. N_i calculates AUTH_i-N＝H(VID_i||GID||D_i||r||SK_i||SK_G||K_i), update the pseudo-identity VID_i^new＝H(r||VID_i||ID_i). Subsequently, N_i sends a message M₄＝<VID_i,AUTH_i-N > to N_GL.

(4F) Referring to FIG. 3, upon receipt of each N_i sent message, N_GL calculates

Subsequently, N_GL sends a message M₅＝<VID_GL,AUTH_t > to the ITG.

(4G) Referring to FIG. 3, upon receipt of message M₅, the ITG calculates SK_G＝H(r||GID),AUTH_i-N and verifies if AUTH_t is compatible withIs equal to the calculated result of (a). If not, authentication fails and the message M₅ is retrieved. Otherwise, the access authentication and the session key negotiation are successful. ITG sends authentication success message to SC, SC calculates SK_i＝H(VID_i||GID||r||K_i),SK_G＝H(r||GID),VID_i^new＝H(r||VID_i||ID_i).

(5) And dynamically joining the terminal, namely if a new member is to be added into a certain terminal group, the group key SK_G needs to be updated besides necessary authentication so as to ensure forward security and ensure that the new terminal cannot acquire the previous encrypted message. Since the new member is unaware of the current group key, broadcasting the new group key calculation parameters through current group key encryption typically has minimal cost after authenticating the new member is successful. The dynamic joining process of the terminal of the Internet of things comprises the following steps:

(5a) First, new member N_k+1 generates a time stamp T₂ and calculates

AUTH_k+1＝H(GID'||VID_k+1||ID_k+1||GPW_k+1||T₂). Subsequently, N_k+1 sends a message M₁＝>VID_k+1,AUTH_k+1,T₂ > to the group leader N_GL of the group.

(5B) When N_GL receives the message, a message M₂＝<VID_GL,M₁ > is generated and sent to the ITG. The ITG forwards the message to the SC.

(5C) After receiving the message M₂, the SC verifies the validity of the T₂ a priori, and ensures the freshness of the message. The SC calculation verifies whether AUTH_k+1 is equal to the calculation result of H (GID' |vid_k+1||ID_k+1||GPW_k+1||T₂). If not, authentication fails, otherwise, the SC authentication N_k+1 succeeds. The SC retrieves the relevant information for the group based on VID_GL in the message, and reconstructs the same as the system of equations in combination with the parameter < y_k+1,p_k+1 > at registration of N_k+1,

The SC generates a new random number r_new and calculates K'_k+1＝H(VID_k+1||GID'||GPW_k+1),K_k+1＝H(VID_k+1||GID_new||GPW_k+1). and then the SC sends the message M₃＝<{VID_k+1,K'_k+1,K_k+1},r_new,GID_new > encrypted to the ITG.

(5D) When ITG receives message M₃, calculate

SK_k+1＝H(VID_k+1||GID_new||r_new||K_k+1);

AUTH_(k+1)-ITG＝H(VID_k+1||GID_new||r_new||SK_k+1||K'_k+1||K_k+1||D'_k+1||D_k+1)

Subsequently, the ITG sends a message M₄＝<VID_k+1,D'_k+1,D_k+1,AUTH_(k+1)-ITG > to N_k+1. At the same time, the ITG sends < r_new,GID_new > to the original members of the group via the original group key SK_G.

(5E) Calculate K'_k+1＝H(VID_k+1||GID'||GPW_k+1 when N_k+1 receives the message),SK_k+1＝H(VID_k+1||GID_new||r_new||K_k+1),SK_G^new＝H(r_new||GID_new), And verifies whether AUTH_(k+1)-ITG is equal to the calculation of H(VID_k+1||GID_new||r_new||SK_k+1||K'_k+1||K_k+1||D'_k+1||D_k+1). If equal then N_k+1 succeeds in authenticating the SC, otherwise, failure occurs. N_k+1 calculation

AUTH_(k+1)-N＝H(VID_k+1||GID_new||D'_k+1||D_k+1||r_new||SK_k+1||SK_G^new||K'_k+1||K_k+1), Update pseudo-identity VID_k+1^new＝H(r||VID_k+1||ID_k+1). Subsequently, N_k+1 sends a message M₅＝<VID_k+1,AUTH_(k+1)-N > to the ITG. At the same time, after receiving < r_new,GID_new >, other members update < SK_i,SK_G,W_i >.

(5F) When the ITG receives the message, SK_G^new＝H(r_new||GID_new is calculated) and verifies that AUTH_(k+1)-N is equal to the result of H(VID_k+1||GID_new||D'_k+1||D_k+1||r_new||SK_k+1||SK_G^new||K'_k+1||K_k+1). If the authentication information is equal, the ITG sends an authentication success message to the SC, and the SC updates the < SK_i,SK_G >. Otherwise, the verification fails, and the M₅ needs to be acquired again.

(6) The dynamic removal terminal stage is that when a member in a group is found to have malicious behaviors, the member needs to be evicted from the group. And the group key SK_G should be updated as soon as possible to ensure backward security, ensuring that no malicious members can obtain the encrypted message afterwards. Since the current group key is not already secure, the SDN controller needs to update the group identity GID and transmit new security parameters through the session key with each member. The dynamic removal process of the terminal of the Internet of things comprises the following steps:

(6a) First the SC retrieves malicious member N_k, obtaining all relevant record information for its group in the registered table. The SC revokes the legal identity of N_k, modifies its y_k to other values y'_k, reconstructs the set of congruence equations,

The SC generates a new random number r_new and sends message M_i＝<r_new,GID_new > encrypted over SK_i to group members other than malicious member N_k.

(6B) After other members receive < r_new,GID_new >, < SK_i,SK_G,W_i > is updated. The SC also recalculates < SK_i,SK_G > and synchronizes with the ITG through encryption.

(7) The timing update group identity and PUF challenge-response phase requires updating the CRP (C_i,R_i) with the group identity identification GID and PUF challenge-response after a certain period of time. N_i generates a new C_i^new and calculates R_i^new＝PUF(C_i^new),GPW_i^new＝H(ID_i||R_i^new).N_i re-selects the private key x_i^new∈Z^*_pi for itself and calculatesN_i sends the SC an encrypted message < GPW_i^new,y_i^new > over SK_i. The SC receives the message and decrypts it, and then reconstructs the congruence equation set to obtain GID_new. The SC generates a new random number r_new and broadcasts < r_new,GID_new > to all members by encryption with the group key SK_G. N_i decrypts the message and updates < SK_i,SK_G,W_i,B₁,B₂ > immediately after it receives the message. After the update, the new session key can be used to exchange data, and the SC and ITG can update the < SK_i,SK_G > synchronously after receiving the new message.

Finally, it is noted that the above embodiments are only for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made thereto without departing from the spirit and scope of the present invention, which is intended to be covered by the claims of the present invention.

Claims (8)

Translated fromChinese

1.一种多因子物联网终端动态群组接入认证方法，其特征在于：包括以下步骤：1. A multi-factor Internet of Things terminal dynamic group access authentication method, characterized in that it includes the following steps:S1：系统初始化阶段：SDN控制器与物联网网关建立安全连接，SDN控制器进行系统初始化，生成一个安全私钥，并选择一个安全单项哈希函数；S1: System initialization phase: The SDN controller establishes a secure connection with the IoT gateway, the SDN controller initializes the system, generates a secure private key, and selects a secure one-way hash function;S2：物联网终端注册阶段：将物联网终端按群组进行划分，在安全信道下统一注册；S2: IoT terminal registration phase: IoT terminals are divided into groups and registered uniformly in a secure channel;S3：登录阶段：物联网终端通过PUF解密智能卡中的秘密参数，并对物联网终端的安全性、可靠性进行验证；S3: Login stage: The IoT terminal decrypts the secret parameters in the smart card through PUF and verifies the security and reliability of the IoT terminal;S4：身份认证与会话密钥协商阶段：在一个待认证的群组中，首先组长向SDN控制器发起接入认证请求；SDN控制器通过注册时的信息与认证请求中的参数，验证组长的身份后，生成一个随机数并为群组中每一位成员计算加密密钥，然后发送给物联网网关；物联网网关为每个终端成员计算会话密钥，并通过加密密钥保护随机数，然后向群组成员广播认证消息；群组成员根据登录时的参数与认证消息在本地计算加密密钥、会话密钥、组密钥，然后验证认证消息并更新伪身份，随后计算认证成功消息发送给组长；组长将各个成员的验证成功消息进行融合发送给物联网网关；物联网网关对融合消息验证成功后，向SDN控制器发送认证成功消息，随后SDN控制器同步计算会话密钥与组密钥；S4: Identity authentication and session key negotiation phase: In a group to be authenticated, the group leader first initiates an access authentication request to the SDN controller; the SDN controller verifies the identity of the group leader through the information at the time of registration and the parameters in the authentication request, generates a random number and calculates the encryption key for each member in the group, and then sends it to the IoT gateway; the IoT gateway calculates the session key for each terminal member, protects the random number with the encryption key, and then broadcasts the authentication message to the group members; the group members calculate the encryption key, session key, and group key locally according to the parameters at the time of login and the authentication message, then verify the authentication message and update the pseudo-identity, and then calculate the authentication success message and send it to the group leader; the group leader merges the authentication success messages of each member and sends them to the IoT gateway; after the IoT gateway successfully verifies the merged message, it sends the authentication success message to the SDN controller, and then the SDN controller synchronously calculates the session key and group key;S5：动态加入终端阶段：当要向某一终端群组中添加新成员时，更新组密钥以保证前向安全；S5: Dynamic terminal joining stage: When adding a new member to a terminal group, the group key is updated to ensure forward security;S6：动态移除终端阶段：当发现一个群组中的某个成员存在恶意行为时，将该成员逐出群组，并更新组密钥SK_G以保证后向安全；S6: Dynamic terminal removal phase: When a member in a group is found to have malicious behavior, the member is expelled from the group and the group key SK_G is updated to ensure backward security;S7：定时更新组身份与PUF激励响应对阶段：当一定时间段后，为防止跟踪攻击，对组身份标识和PUF激励响应对进行更新；各个物联网终端重新选择私钥与PUF输入激励，并计算相应注册参数发送给SDN控制器；SDN控制器根据新的参数，重新计算组身份标识与选择随机数，并通过原有会话密钥发送给各个物联网终端；随后各个终端与SDN控制器同步计算更新会话密钥与组密钥。S7: Periodic update of group identity and PUF stimulus response pair: After a certain period of time, in order to prevent tracking attacks, the group identity and PUF stimulus response pair are updated; each IoT terminal reselects the private key and PUF input stimulus, and calculates the corresponding registration parameters and sends them to the SDN controller; the SDN controller recalculates the group identity and selects the random number based on the new parameters, and sends them to each IoT terminal through the original session key; then each terminal and the SDN controller synchronously calculate and update the session key and group key.2.根据权利要求1所述的多因子物联网终端动态群组接入认证方法，其特征在于：所述步骤S1具体包括：SDN控制器与物联网网关建立安全连接，然后生成一个安全私钥δ_sc，并选择一个安全单项哈希函数H():{0,1}^*→{0,1}ⁿ，n是哈希函数消息摘要输出的位宽。2. The multi-factor IoT terminal dynamic group access authentication method according to claim 1 is characterized in that: the step S1 specifically comprises: the SDN controller establishes a secure connection with the IoT gateway, then generates a secure private key δ_sc , and selects a secure one-way hash function H():{0,1}^* →{0,1}ⁿ , where n is the bit width of the hash function message digest output.3.根据权利要求1所述的多因子物联网终端动态群组接入认证方法，其特征在于：3. The multi-factor Internet of Things terminal dynamic group access authentication method according to claim 1, characterized in that:所述步骤S2中，群组中的k个终端成员都默认配备一个物理不可克隆函数PUF，并初始化一个激励响应对CRP(Ci,Ri)，物联网终端注册具体包括以下步骤：In step S2, each of the k terminal members in the group is equipped with a physical unclonable function PUF by default, and a stimulus response pair CRP (Ci, Ri) is initialized. The IoT terminal registration specifically includes the following steps:S21：物联网终端通过身份标识ID_i与PUF输出计算注册参数GPW_i，向SDN控制器发送<ID_i,GPW_i>注册信息；S21: The IoT terminal calculates the registration parameter GPW_i through the identity ID_i and the PUF output, and sends the registration information <ID_i ,GPW_i > to the SDN controller;R_i＝PUF(C_i)R_i =PUF(C_i )GPW_i＝H(ID_i||R_i)GPW_i =H(ID_i || R_i )其中，R_i表示物理不可克隆函数PUF的输出响应，C_i表示物理不可克隆函数的输入激励，GPW_i表示注册参数，H表示哈希函数；Where R_i represents the output response of the physical unclonable function PUF, C_i represents the input stimulus of the physical unclonable function, GPW_i represents the registration parameter, and H represents the hash function;S22：SDN控制器为物联网终端计算伪身份VID_i，选择大素数p_i和指数运算的原根g，SDN控制器发送注册信息<VID_i,p_i,g>到物联网终端；VID_i的计算公式如下：S22: The SDN controller calculates a pseudo identity VID_i for the IoT terminal, selects a large prime number_pi and a primitive root g of the exponential operation, and sends registration information <VID_i ,_pi ,g> to the IoT terminal; the calculation formula of VID_i is as follows:VID_i＝H(ID_i||δ_sc)VID_i =H(ID_i || δ_sc )δ_sc表示SDN控制器的安全私钥；δ_sc represents the security private key of the SDN controller;S22：物联网终端选择私钥x_i，计算注册信息y_i≡g^ximod p_i，并向SDN发送注册信息<y_i>；S22: The IoT terminal selects a private key x_i , calculates the registration information y_i ≡g^xi mod_pi , and sends the registration information <y_i > to the SDN;S24：SDN控制器根据注册信息构建同余方程组计算得到组身份标识GID，通过注册信息加密组身份标识计算得W_i，SDN控制器发送注册信息<W_i>到物联网终端；GID是同余方程的计算结果，公式如下：S24: The SDN controller constructs a group of congruence equations according to the registration information to calculate the group identity GID, encrypts the group identity through the registration information to calculate_Wi , and the SDN controller sends the registration information_<Wi> to the IoT terminal; GID is the calculation result of the congruence equation, and the formula is as follows:S25：物联网终端为加密私钥和参数完整性验证计算B₁和B₂，并将<B₁,B₂,VID_i,W_i>存储到智能卡SMC_i中，其中W_i用于保护GID的参数：S25: The IoT terminal calculates B₁ and B₂ for encryption private key and parameter integrity verification, and stores <B₁ ,B₂ ,VID_i ,_Wi > in the smart card SMC_i , where_Wi is used to protect the parameters of GID:W_i＝GID⊕GPW_iWi ＝_GID⊕GPWiB₁和B₂用于保护物联网终端的私钥和完整性验证，其计算过程如下所示：_B1 and_B2 are used to protect the private key and integrity verification of the IoT terminal. The calculation process is as follows:B₁＝x_i⊕H(VID_i||GPW_i)B₁ =x_i ⊕H(VID_i ||GPW_i )B₂＝H(VID_i||ID_i||x_i||R_i||W_i||GID)。B₂ =H(VID_i ||ID_i ||x_i ||R_i ||W_i ||GID).4.根据权利要求1所述的多因子物联网终端动态群组接入认证方法，其特征在于：步骤S3具体包括：物联网终端读取身份标识ID_i和PUF输入激励C_i，以及智能卡中的参数<B₁,B₂,VID_i,W_i>，计算GPW_i，解密B₁保护的私钥并对参数进行完整性验证。4. The multi-factor Internet of Things terminal dynamic group access authentication method according to claim 1 is characterized in that: step S3 specifically includes: the Internet of Things terminal reads the identity identifier ID_i and the PUF input stimulus C_i , as well as the parameters <B₁ , B₂ , VID_i , W_i > in the smart card, calculates GPW_i , decrypts the private key protected by B₁ and verifies the integrity of the parameters.5.根据权利要求1所述的多因子物联网终端动态群组接入认证方法，其特征在于：所述步骤S4具体包括：5. The multi-factor Internet of Things terminal dynamic group access authentication method according to claim 1, characterized in that: the step S4 specifically comprises:S41：群组组长生成时间戳T₁，计算认证请求验证参数AUTH_GL＝H(GID||VID_GL||ID_GL||T₁)，并将认证请求消息＜VID_GL,AUTH_GL,T₁>发送到物联网网关；S41: The group leader generates a timestamp T₁ , calculates the authentication request verification parameter AUTH_GL =H(GID||VID_GL ||ID_GL ||T₁ ), and sends an authentication request message <VID_GL ,AUTH_GL ,T₁ > to the IoT gateway;S42：物联网网关将认证请求消息转发给SDN控制器；S42: The IoT gateway forwards the authentication request message to the SDN controller;S43：SDN控制器验证消息新鲜性后验证AUTH_GL，为每个终端成员计算加密密钥K_i＝H(VIDi||GID||GPW_i)，选择随机数r，将消息＜{VID_i,K_i},r,GID>发送到物联网终端；S43: The SDN controller verifies the freshness of the message and then verifies AUTH_GL , calculates the encryption key K_i =H(VIDi||GID||GPW_i ) for each terminal member, selects a random number r, and sends the message 〈{VID_i ,K_i },r,GID> to the IoT terminal;S44：物联网网关为保护随机数r计算D_i，计算会话密钥SK_i，以及完整性验证参数AUTH_i-ITG，将消息<VID_i,D_i,AUTH_i-ITG>发送到群组组长，公式如下：S44: The IoT gateway calculates_Di to protect the random number r, calculates the session key_SKi , and the integrity verification parameter AUTHi_-ITG , and sends the message <_VIDi ,_Di , AUTHi_-ITG > to the group leader. The formula is as follows:D_i＝r⊕H(VID_i||K_i)D_i = r ⊕ H ( VID_i || K_i )SK_i＝H(VID_i||GID||r||K_i)SK_i =H(VID_i ||GID||r||K_i )AUTH_i-ITG＝H(VID_i||GID||r||SK_i||K_i||D_i)AUTH_i-ITG =H(VID_i ||GID||r||SK_i ||K_i ||D_i )S45：组长将消息在组内进行广播，终端成员计算加密密钥K_i，解密D_i得到随机数r，计算会话密钥SK_i，计算组密钥SK_G，并进行完整性验证计算AUTH_i-ITG，更新伪身份计算VID_i^new，计算认证成功参数AUTH_i-N，将消息<VID_i,AUTH_i-N>发送给群组组长；公式如下：S45: The group leader broadcasts the message within the group. The terminal members calculate the encryption key K_i , decrypt D_i to obtain the random number r, calculate the session key SK_i , calculate the group key SK_G , and perform integrity verification to calculate AUTH_i-ITG , update the pseudo identity to calculate VID_i^new , calculate the authentication success parameter AUTH_iN , and send the message <VID_i ,AUTH_iN > to the group leader. The formula is as follows:SK_G＝H(r||GID)SK_G ＝H(r||GID)VID_i^new＝H(r||VID_i||ID_i)VID_i^new =H(r||VID_i ||ID_i )AUTH_i-N＝H(VID_i||GID||D_i||r||SK_i||SK_G||K_i)AUTH_iN =H(VID_i ||GID||D_i ||r||SK_i ||SK_G ||K_i )S46：群组组长将各个成员的消息进行融合计算得到融合认证参数AUTH_t，将消息<VID_GL,AUTH_t>发送到物联网网关；其中：S46: The group leader integrates the messages of each member to obtain the integrated authentication parameter AUTH_t , and sends the message <VID_GL ,AUTH_t > to the IoT gateway; wherein:AUTH_t＝AUTH_1-N⊕AUTH_2-N⊕...⊕AUTH_k-NAUTH_t ＝AUTH_1-N ⊕AUTH_2-N ⊕...⊕AUTH_kNS47：物联网网关计算SK_G，并验证AUTH_t，向SDN控制器发送认证成功消息，SDN控制器同步计算<SK_i,SK_G,VID_i^new＞。S47: The IoT gateway calculates SK_G , verifies AUTH_t , and sends an authentication success message to the SDN controller. The SDN controller synchronously calculates <SK_i , SK_G , VID_i^new >.6.根据权利要求1所述的多因子物联网终端动态群组接入认证方法，其特征在于：步骤S5具体包括以下步骤：6. The multi-factor Internet of Things terminal dynamic group access authentication method according to claim 1, characterized in that: step S5 specifically includes the following steps:S51：新成员N_k+1生成一个时间戳T₂，并计算认证请求验证参数AUTH_k+1，将消息＜VID_k+1,AUTH_k+1,T₂>发送到该群组的组长，具体公式如下：S51: The new member N_k+1 generates a timestamp T₂ , calculates the authentication request verification parameter AUTH_k+1 , and sends a message <VID_k+1 ,AUTH_k+1 ,T₂ > to the leader of the group. The specific formula is as follows:AUTH_k+1＝H(GID’||VID_k+1||ID_k+1||GPW_k+1||T₂)AUTH_k+1 =H(GID'||VID_k+1 ||ID_k+1 ||GPW_k+1 ||T₂ )S52：群组组长向消息中添加组身份标识，将消息<VID_GL,VID_k+1,AUTH_k+1,T₂＞发送到SDN控制器；S52: The group leader adds the group identity to the message, and sends the message <VID_GL , VID_k+1 , AUTH_k+1 , T₂ > to the SDN controller;S53：SDN控制器验证消息的新鲜性，验证计算AUTH_k+1，重新构建同余方程组计算新的组身份标识GID_new，选择新的随机数r_new，计算加密密钥K’_k+1和K_k+1，将消息<{VID_k+1,K’_k+1,K_k+1},r_new,GID_new＞发送给物联网网关；计算公式如下：S53: The SDN controller verifies the freshness of the message, verifies and calculates AUTH_k+1 , reconstructs the congruence equation group to calculate the new group identity GID_new , selects a new random number r_new , calculates the encryption keys K'_k+1 and K_k+1 , and sends the message <{VID_k+1 , K'_k+1 , K_k+1 }, r_new , GID_new > to the IoT gateway; the calculation formula is as follows:K’_k+1＝H(VID_k+1||GID’||GPW_k+1)K'_k+1 =H(VID_k+1 ||GID'||GPW_k+1 )K_k+1＝H(VID_k+1||GID_new||GPW_k+1)K_k+1 =H(VID_k+1 ||GID_new ||GPW_k+1 )S54：物联网网关为加密新的组身份标识和随机数计算D’_k+1和D_k+1，计算会话密钥SK_k+1和完整性验证参数AUTH_(k+1)-ITG，将消息＜VID_k+1,D’_k+1,D_k+1,AUTH_(k+1)-ITG＞发送到新成员，并将＜r_new,GID_new＞通过原有组密钥广播给原有组成员；计算公式如下：S54: The IoT gateway calculates D'_k+1 and D_k+1 to encrypt the new group identity and random number, calculates the session key SK_k+1 and the integrity verification parameter AUTH_(k+1)-ITG , sends the message ＜VID_k+1 ,D'_k+1 ,D_k+1 ,AUTH_(k+1)-ITG ＞ to the new member, and broadcasts ＜r_new ,GID_new ＞ to the original group members using the original group key; the calculation formula is as follows:D’_k+1＝GID_new⊕H(VID_k+1||K’_k+1)D'_k+1 ＝GID_new ⊕H(VID_k+1 ||K'_k+1 )D_k+1＝r_new⊕H(VID_k+1||K_k+1)D_k+1 ＝r_new ⊕H(VID_k+1 ||K_k+1 )SK_k+1＝H(VID_k+1||GID_new||r_new||K_k+1)SK_k+1 =H(VID_k+1 ||GID_new ||r_new ||K_k+1 )AUTH_(k+1)-ITG＝H(VID_k+1||GID_new||r_new||SK_k+1||K’_k+1||K_k+1||D’_k+1||D_k+1)AUTH_(k+1)-ITG =H(VID_k+1 ||GID_new ||r_new ||SK_k+1 ||K'_k+1 ||K_k+1 ||D'_k+1 ||D_k+1 )S55：新成员计算加密密钥K’_k+1和K_k+1解密D’_k+1和D_k+1得到新的组身份标识和随机数，计算会话密钥SK_k+1和组密钥SK_G^new，计算验证AUTH_(k+1)-ITG，更新伪身份VID_k+1^new，计算认证成功参数AUTH_(k+1)-N，将消息＜VID_k+1,AUTH_(k+1)-N＞发送到物联网网关；于此同时，其它成员收到<r_new,GID_new>后，也将<SK_i,SK_G,W_i>进行更新；计算公式如下：S55: The new member calculates the encryption keys K'k₊₁ and Kk₊₁ , decrypts D'_k+1 and Dk₊₁ to obtain a new group identity and random number, calculates the session key SKk₊₁ and the group key_SKGnew^, calculates the verification AUTH_(k+1)-ITG , updates the pseudo identity VIDk_+1new^, calculates the authentication success parameter AUTH_(k+1)-N , and sends the message <VIDk₊₁ , AUTH_(k+1)-N > to the IoT gateway; at the same time, after receiving <_rnew ,_GIDnew >, other members also update <_SKi ,_SKG , W_i >; the calculation formula is as follows:VID_k+1^new＝H(r||VID_k+1||ID_k+1)VID_k+1^new =H(r||VID_k+1 ||ID_k+1 )AUTH_(k+1)-N＝H(VID_k+1||GID_new||D’_k+1||D_k+1||r_new||SK_k+1||SK_G^new||K’_k+1||K_k+1)AUTH_(k+1)-N =H(VID_k+1 ||GID_new ||D'_k+1 ||D_k+1 ||r_new ||SK_k+1 ||SK_G^new ||K'_k+1 ||K_k+1 )S56：物联网网关计算SK_G^new并验证计算AUTH_(k+1)-N，向SDN控制器发送认证成功消息；SDN控制器同步对<SK_i,SK_G>进行更新。S56: The IoT gateway calculates SK_G^new and verifies AUTH_(k+1)-N , and sends an authentication success message to the SDN controller; the SDN controller synchronously updates <SK_i ,SK_G >.7.根据权利要求1所述的多因子物联网终端动态群组接入认证方法，其特征在于：步骤S6具体包括以下步骤：7. The multi-factor Internet of Things terminal dynamic group access authentication method according to claim 1, characterized in that: step S6 specifically includes the following steps:S61：首先SDN控制器检索恶意成员N_k，并撤销N_k的合法身份，将其y_k修改成其它值y’_k，并重新构建同余方程组计算得GID_new：S61: First, the SDN controller retrieves the malicious member N_k and revokes the legal identity of N_k , modifies its y_k to another value y'_k , and reconstructs the congruence equation group to calculate GID_new :SDN生成新的随机数r_new，并将消息＜r_new,GID_new>通过SK_i加密发送给除去恶意成员N_k之外的群组成员；SDN generates a new random number r_new , and encrypts the message <r_new , GID_new > through SK_i and sends it to group members except the malicious member N_k ;S62：其它成员将<SK_i,SK_G,W_i>进行更新，SC也重新计算<SK_i,SK_G>并通过加密与ITG同步。S62: Other members update <SK_i , SK_G , W_i >, and the SC also recalculates <SK_i , SK_G > and synchronizes it with the ITG through encryption.8.根据权利要求1所述的多因子物联网终端动态群组接入认证方法，其特征在于：步骤S7包括：物联网终端生成新的PUF输入激励C_i^new，计算R_i^new，GPW_i^new，选择新的私钥x_i^new计算y_i^new,将消息<GPW_i^new,y_i^new>发送到SDN控制器；SDN控制器重新构建同余方程组得到GID_new，生成新的随机数r_new，并将消息＜r_new,GID_new>广播给所有群组成员；群组成员、SDN控制器和物联网网关，更新<SK_i,SK_G,W_i,B₁,B₂>参数。8. The multi-factor^Internet of Things terminal dynamic group access authentication method according to claim 1 is characterized in that: step^S7 comprises:^the Internet of Things terminal generates a^new PUF input stimulus_Cinew , calculates_Rinew^,_GPWinew , selects a^new private key_xinew^to calculate_yinew , and sends a message <_GPWinew ,_yinew > to the SDN controller; the SDN controller reconstructs the congruence equation group to obtain_GIDnew , generates a new random number_rnew , and broadcasts the message <_rnew ,_GIDnew > to all group members; the group members, the SDN controller and the Internet of Things gateway update the <_SKi ,_SKG ,_Wi ,_B1 ,_B2 > parameters.