정보과학회 논문지 (Journal of KIISE)

  • 제43권11호
  • /
  • Pages.1245-1258
  • /
  • 2016
  • /
  • 2383-630X(pISSN)
  • /
  • 2383-6296(eISSN)
한국정보과학회 (Korean Institute of Information Scientists and Engineers)
권호 표지
DOI QR코드

DOI QR Code

메시지 인증 코드에 대한 연구 동향 분석 및 성능 비교

Analysis of Research Trend and Performance Comparison on Message Authentication Code

  • 투고 : 2016.06.27
  • 심사 : 2016.09.07
  • 발행 : 2016.11.15
⟨ 이전 논문 다음 논문 ⟩

초록

다양한 기기들이 상호 연결되어 통신하는 IoT 환경에서는 보안 위협을 방지하기 위해 암호 알고리즘, 메시지 인증 코드 등 기밀성과 무결성을 제공하는 암호 기술을 사용한다. 안전성이 검증된 기존 암호 기술들이 다수 존재하지만, 저전력 저성능의 마이크로 컨트롤러 기반 IoT 기기에 기존 암호 기술을 그대로 사용하기 어렵기 때문에 다양한 경량 암호 기술이 등장하게 되었다. 최근 경량 블록 암호 알고리즘에 대한 연구는 꾸준히 증가하고 있지만, 경량 메시지 인증 코드에 대한 연구는 미흡한 실정이다. 따라서, 본 논문에서는 다양한 메시지 인증 코드에 대한 분류 분석을 통해 향후 메시지 인증 코드의 발전 방향에 대해 제시한다. 또한, 기반 기술별 대표 알고리즘을 실제 마이크로 컨트롤러에 구현 실험하여 저사양 환경에서의 알고리즘 성능 저하를 실증적으로 검증한다.

Cryptographic technologies providing confidentiality and integrity such as encryption algorithms and message authentication codes (MACs) are necessary for preventing security threats in the Internet of Things (IoT) where various kinds of devices are interconnected. As a number of encryption schemes that have passed security verification are not necessarily suitable for low-power and low-performance IoT devices, various lightweight cryptographic schemes have been proposed. However, a study of lightweight MACs is not sufficient in comparison to that of lightweight block ciphers. Therefore, in this paper, we reviewed various kinds of MACs for their classification and analysis and then, we presented a new way for future MAC development. We also implemented major MAC algorithms and performed experiments to investigate their performance degradation on low-end micro-controllers.

키워드

과제정보

연구 과제 주관 기관 : 한국연구재단, 정보통신기술진흥센터

참고문헌

  1. A.J. Menezed, P.C. van Oorschot, and S.A. Vanstone, "Handbook of Applied Cryptography," CRC Press, Boca Raton, USA, 1996.
  2. C. Kolias, A. Stavrou, and J. Voas, "Securely Making, "Things Right," Computer, Vol. 48, No. 9, pp. 84-88, Sept. 2015.
  3. R. Beaulieu, D. Shors, J. Smith, S. Treatman-Clark, B. Weeks, and L. Wingers, "The SIMON and SPECK Families of Lightweight Block Ciphers," IACR Cryptology ePrint Archive 2013-404, Jun. 2013.
  4. D. Hong, JK. Lee, DC. Kim, D. Kwon, KH. Ryu, and DG. LEE, "LEA: A 128-bit block cipher for fast encryption on common processors," WISA 2013, LNCS 8267, pp. 3-27, Aug. 2014.
  5. B. Alomair and R. Poovendran, "Efficient authentication for mobile and pervasive computing," IEEE Transactions on Mobile Computing, Vol. 13, Iss. 3, pp. 469-481, Dec. 2014. https://doi.org/10.1109/TMC.2012.252
  6. T. Dierks and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2," IETF RFC 5246, Aug. 2008.
  7. P. Calhoun, M. Montemurro, and D. Stanley, "Control and provisioning of wireless access points (CAPWAP) protocol binding for IEEE 802.11," RFC 5416, Mar. 2009.
  8. S. Farahani, "ZigBee wireless networks and transceivers," Newton, MA: Newnes, 2008.
  9. B. Foulad and, S. Ghanoun, "Security evaluation of the Z-Wave wireless protocol," Black Hat conference, Las Vegas, NV, Jul. 2013.
  10. W. Trappe, R. Howard, and RS. Moore, "Low-Energy Security: Limits and Opportunities in the Internet of Things," IEEE Security & Privacy, Vol. 13, No. 1, pp. 14-21, Jan.-Feb. 2015. https://doi.org/10.1109/MSP.2015.7
  11. M. Cazorla, S. Gourgeon, K. Marquet, and M. Minier, "Survey and benchmark of lightweight block ciphers for wireless sensor networks," Security and Cryptography( SECRYPT), 2013 International Conference on IEEE, pp. 1-6, Jul. 2013.
  12. DJ. Bernstein and T. Lange (editors), "eBACS: ECRYPT Benchmarking of Cryptographic Systems," Available: http://bench.cr.yp.to, accessed 7 Mar. 2015.
  13. C. Wenzel-Benner, and J. Graf, "XBX: eXternal Benchmarking eXtension for the SUPERCOPcrypto benchmarking framework," Cryptographic Hardware and Embedded Systems, CHES 2010. LNCS 6225, pp. 294-305, Aug. 2010.
  14. K. Gaj, J.P. Kaps, V. Amirineni, M. Rogawski, E. Homsirikamoi, and B.Y. Brewster, "Athena-automated tool for hardware evaluatioN: Toward fair and comprehensive benchmarking of cryptographic hardware using FPGAs," Field Programmable Logic and Applications (FPL), 2010 International Conference on. IEEE, pp. 414-421, Sept. 2010.
  15. J. Balasch, B. Ege, T. Eisenbarth, B. Gerard, Z. Gong, T. Gijneyse, S. Heyse, S. Kerckhof, F. Koeune, T. Plos, T. Poppelmann, F. Regazzoni, F. Standaert, G.V. Assche, R.V. Keer, L.O. Oldeneel, and I. Maurich, "Compact implementation and performance evaluation of hash functions in attiny devices," CARDIS 2012, LNCS 7771, pp. 158-172, 2013.
  16. D. Dinu, Y.L. Corre, D. Khovratovich, J. GroBschadl, L. Perrin, and A. Biryukov, "Triathlon of Lightweight Block Ciphers for the Internet of Things," IACR Cryptology ePrint Archive 2015-209, Jul. 2015.
  17. YW. Law, J. Doumen, and P. Hartel, "Survey and benchmark of block ciphers for wireless sensor networks," ACM Transactions on Sensor Networks (TOSN), Vol. 2, No. 1, pp. 65-93, Feb. 2006. https://doi.org/10.1145/1138127.1138130
  18. S. Bakhtiari, R. Safavi-Naini, and J. Pieprzyk, "Cryptographic hash functions: A survey," Technical Report 95-02, Centre for Computer Security Research, Department of Computer Science, University of Wollongong, Australie, 1995.
  19. L. Carter and M. Wegman, "Universal classes of ahsh functions," Proc. of the ninth annual ACM symposium on Theory of computing (STOC '77), ACM, New York, NY, USA, pp. 106-112. 1977.
  20. FIPS, NIST, "113: Data Authentication," National Institute of Standards and Technology, Federal Information Processing Standards, 1985.
  21. M. Dworkin, "NIST special publication 800-38B," NIST special publication, 800(38B), 38B, Mar. 2005.
  22. J. Black and P. Rogaway, "A block cipher mode of operation for parallelizable message authentication," EUROCRYPT 2012, LNCS 2332, pp. 384-397, Apr. 2002.
  23. G. Tsudik, "Message authentication with one-way hash functions," ACM SIGCOMM Computer Communication Review, Vol. 22, iss. 5, pp. 29-38, 1992. https://doi.org/10.1145/141809.141812
  24. B. Preneel and PC.Van Oorschot, "MDx-MAC and Building Fast MACs from Hash Functions," CRYPTO '95, LNCS 963, pp. 1-14, Aug. 1995.
  25. M. Bellare, R. Canetti, and H. Krawczyk, "Keying Hash Functions for Message Authentication," CRYPTO '96, LNCS 1109, pp. 1-15, Aug. 1996.
  26. J. Black, S. Halevi, H. Krawczyk, T. Krovetz, and P. Rogaway, "UMAC: Fast and Secure Message Authentication," CRYPTO '99, LNCS 1666, pp. 216-233, Aug. 1999.
  27. D. Bernstein, "The Poly1305-AES Message-Authentication Code," FSE 2005, LNCS 3557, pp. 32-49, Feb. 2005.
  28. ISO/IEC 9797-1:1999 Standard, Information Technology - Security Techniques - Message Authentication Codes (MACs) - Part 1: Mechanisms Using a Block Cipher, ISO/IEC, 1999.
  29. M. Bellare, R. Guerin, and P. Rogaway, "XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions," CRYPTO '95, LNCS 963, pp. 15-28, Aug. 1995.
  30. J.Black and P. Rogaway, "CBC MACs for Arbitrary Length Messages: The Three-Key Constructions," Crypto 2000, LNCS 1880, pp. 197-215, Aug. 2000.
  31. T. Iwata and K. Kurosawa, "OMAC: One-Key CBC MAC," FSE 2003, LNCS 2887, pp.129-153, Feb. 2003.
  32. P. Rogaway, "Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC," ASIACRYPT 2004, LNCs 3329, pp. 16-31, Dec. 2004.
  33. MJ. Dworkin, "SP 800-38D. Recommendation for block cipher modes of operation: Galois/Conter Mode (GCM) and GMAC," Technical Report. NIST, Gaithersburg, MD, United States, 2007.
  34. M. Simplicio, P. Barbuda, P. Barreto, T. Carvalho, and C. Margi, "The Marvin message authentication code and the LetterSoup authenticated encryption scheme," Security and Communication Networks, Vol. 2, No. 2, pp. 165-180, Mar. 2009. https://doi.org/10.1002/sec.66
  35. P. Sarkar, "Pseudo-random functions and parallelizable modes of operations of a block cipher," IEEE Transactions on Information Theory, Vol. 56, No. 8, pp. 4025-4037, Aug. 2010. https://doi.org/10.1109/TIT.2010.2050921
  36. K. Yasuda, "A new variant of PMAC: beyond the birthday bound," CRYPTO 2011, LNCS 6841, pp. 596-609, Aug. 2011.
  37. N. Mouha, B. Mennick, A. V. Herrewege, D. Watanabe, B. Preneel, and I. Verbauwhede, "Chaskey: An Efficient MAC Algorithm for 32-bit Microcontrollers," SAC 2014, LNCS 8781, pp. 306-323, Mar. 2014.
  38. DW. Davies, DO. Claydon, "The message authenticator algorithm (MAA) and its implementation," NPL Report DITC 109/88, Feb. 1988.
  39. FIPS, NIST, "198: The Keyed-Hash Message Authentication Code (HMAC)," National Institute of Standards and Technology, Federal Information Processing Standards, 2002.
  40. S. Patel "An efficient MAC for short messages," SAC 2002, LNCS 2595, pp. 353-368, Mar. 2003.
  41. M. Najjar, and F. Najjar, "d-HMAC Dynamic HMAC function," 2006 International Conference on Dependability of Computer Systems, Szklarska Poreba, pp. 119-126, May. 2006.
  42. K. Yasuda, "Multilane HMAC-Security beyond the birthday limit," Indocrypt 2007, LNCS 4859, pp. 18-32, Dec. 2007.
  43. K. Yasuda, "HMAC without the "Second" Key," ISC 2009, LNCS 5735, pp. 443-458, Sept. 2009.
  44. S. Halevi and H. Krawczyk, "MMH: Software message authentication in the Gbit/second rates," FSE '97, LNCS 1267, pp. 172-189, Jan. 1997.
  45. M. Etzel, S. Patel, and Z. Ramzan, "Square hash: Fast message authentication via optimized universal hash functions," CRYPTO'99, LNCS 1666, pp. 234-251, Aug. 1999.
  46. Y. Nir and A. Langley, "ChaCha20 and Poly1305 for IETF Protocols," RFC 7539, May. 2015.
  47. JP Kaps, K. Yüksel, and B. Sunar, "Energy scalable universal hashing." IEEE Transactions on Computers, Vol. 54, No. 12, pp. 1484-1495, Dec. 2005. https://doi.org/10.1109/TC.2005.195
  48. J. Song, R. Poovendran, J. Lee, and T. Iwata, "The AES-CMAC Algorithm," RFC 4493, Jun. 2006.
  49. H. Krawczyk, R. Canetti. Informational, and M. Bellare, "HMAC: Keyed-Hashing for Message Authentication," IETF REC 2104, Feb. 1997.
  50. J. Guo, T. Peyrin, A. Poschmann, "The PHOTON family of lightweight hash functions," CRYPTO 2011, LNCS 6841, pp. 222-239, Aug. 2011.
  51. A. bogdanov, M. Knezevic, G. Leander, D. Toz, K. Varici, and I. Verbauwhede, "SPONGENT: A lightweight hash function," CHES 2011, LNCS 6917, pp. 312-325, Sept. 2011.
  52. Z. Gong, PH. Hartel, SI. Nikova, SH. Tang, and B. Zhu, "TuLP: A Family of Secure and Practical Message Authentication Codes for Body Sensor Networks," Journal of computer science and technology, Vol. 29, No. 1, pp. 53-68, Jan. 2014. https://doi.org/10.1007/s11390-013-1411-8