A Lightweight Inter-domain Direct Anonymous Attestation Scheme for Machine-to-Machine Networks

摘要

As an important application mode of Internet of Things, Machine-to-Machine (M2M) networks have gained more and more concerns. However, the security problems such as privacy protection and platform authentication in M2M networks are not fulfilled the requirements yet. Since the M2M devices are always assigned to desolate and uninhabited circumstances, it is vulnerable to be stolen or maliciously attacked by those adversary or hacker. Meanwhile, the limiting computational and storage capabilities of M2M device also restrain the application of complicated security scheme. The inter-domain platform authentication of M2M device belonged to different issuer is not fully resolved in those early literatures. In this paper, we propose a Lightweight Inter-domain Direct Anonymous Attestation (L-IDAA) scheme to solve the security problems in inter-domain M2M networks according to the features of them and the characters of the M2M devices. We build a M2M Certificate Authority system above the issuer domains, and use this CA system to assure the authenticity of Issuers and Verifiers in different DAA domains. The proposed scheme can remedy the security fault of those legacy inter-domain schemes and gain higher computational efficiency. The computational cost for TPM is reduced to 1G_1~2 and that for Host is reduced to 16G_1+1G_1~2. Finally, we use the ideal/real-system model to prove the security of L-IDAA scheme. The results show that the proposed L-IDAA scheme is feasible and is suitable for inter-domain anonymous attestation in M2M networks.