SYMMETRIC KEY-BASED USER AUTHENTICATION METHOD FOR ENSURING ANONYMITY IN WIRELESS SENSOR NETWORK ENVIRONMENT

摘要

The present invention relates to a symmetric key-based user authentication method performed by a smart card, a user terminal capable of reading and writing the smart card, a plurality of sensors, and a gateway communicating with the sensor. The present invention provides a configuration comprising the steps of: (a) receiving, by the gateway, a user ID and a dynamic password from the user terminal, generating a secret key encrypted with the ID and the dynamic password, and a login verification value composed of the dynamic password and the secret key, and storing the same in the smart card; (b) extracting, by the user terminal, the dynamic password from the input ID and password, decrypting the secret key by using the extracted dynamic password, restoring the login verification value, and verifying the restored login verification value with the login verification value of the smart card; (c) generating, by the user terminal, a dynamic ID, generating a symmetric key with a dynamic ID and a secret key, encrypting the dynamic ID with a symmetric key to generate a first message, and transmitting the dynamic ID and the first message to the gateway; (d) restoring, by the gateway, the symmetric key with the received dynamic ID and the stored secret key, decoding the first message with the restored symmetric key, and verifying the dynamic ID; (e) generating, by the gateway, a second random number, encrypting the second random number with a shared key, generating a session key with the received dynamic ID, the shared key, and the second random number, generating a second verification value with a dynamic ID, a session key, a shared key, and a sensor ID, and transmitting the encrypted second random number, the dynamic ID, and the second verification value to each sensor; (f) decrypting, by each sensor, the second random number with the shared key, extracting and sharing the session key with the received dynamic ID, the shared key, and the decrypted second random number, and extracting and verifying the second verification value with the dynamic ID, the extracted session key, the shared key, and the sensor ID; (g) generating, by each sensor, a third verification value with the shared key, the extracted session key, the received dynamic ID, and the sensor ID, and transmitting the generated third verification value to the gateway; (h) extracting, by the gateway, the third verification value with the shared key, the generated session key, the received dynamic ID, and the sensor ID to compare and verify the extracted third verification value with the transmitted third verification value, and transmitting a second message in which the dynamic ID, the sensor ID, the session key, and a first random number are encrypted with the symmetric key; and (i) decrypting, by the user terminal, the second message with the symmetric key, and verifying the dynamic ID and the first random number. By using only the hash function with a very small amount of computation and the symmetric key-based cryptosystem according to the user authentication method as described above, it is possible to have a very high efficiency in terms of efficiency.