KIPS Transactions on Computer and Communication Systems (정보처리학회논문지:컴퓨터 및 통신 시스템)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Design of a Lightweight Security Protocol Using Post Quantum Cryptography

양자내성암호를 활용한 경량 보안 프로토콜 설계

  • Received : 2020.06.29
  • Accepted : 2020.07.08
  • Published : 2020.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

As the IoT (Internet of Things) era is activated, a lot of information including personal information is being transmitted through IoT devices. For information protection, it is important to perform cryptography communication, and it is required to use a lightweight security protocol due to performance limitations. Currently, most of the encryption methods used in the security protocol use RSA and ECC (Elliptic Curve Cryptography). However, if a high performance quantum computer is developed and the Shor algorithm is used, it can no longer be used because it can easily solve the stability problems based on the previous RSA and ECC. Therefore, in this paper, we designed a security protocol that is resistant to the computational power of quantum computers. The code-based crypto ROLLO, which is undergoing the NIST (National Institute of Standards and Technology) post quantum cryptography standardization, was used, and a hash and XOR computation with low computational consumption were used for mutual communication between IoT devices. Finally, a comparative analysis and safety analysis of the proposed protocol and the existing protocol were performed.

IoT (Internet of Things) 시대가 활성화되면서 개인정보를 포함한 많은 정보들이 IoT 디바이스들을 통해 전달되고 있다. 정보보호를 위해 디바이스끼리 상호 암호화하여 통신하는 것이 중요하며 IoT 디바이스 특성상, 성능의 제한으로 인해 경량 보안 프로토콜 사용이 요구된다. 현재 보안 프로토콜에서 사용하는 암호 기법들은 대부분 RSA, ECC (Elliptic Curve Cryptography)를 사용하고 있다. 하지만 고사양의 양자 컴퓨터가 개발되고 쇼어 알고리즘을 활용한다면 앞선 RSA와 ECC가 근거하는 안정성의 문제를 쉽게 해결할 수 있기 때문에 더 이상 사용할 수 없다. 이에 본 논문에서는 양자 컴퓨터의 계산능력에 내성을 가지는 보안 프로토콜을 설계하였다. 미국 NIST (National Institute of Standards and Technology) 양자내성암호 표준화 공모전을 진행중인 코드기반암호 ROLLO를 사용하였으며, IoT 디바이스끼리의 상호 통신을 위해 연산 소모가 적은 해시, XOR연산을 활용하였다. 마지막으로 제안하는 프로토콜과 기존 프로토콜의 비교 분석 및 안전성 분석을 실시하였다.

Keywords

References

  1. J. Gubbi, R. Buyya, S. Marusic and M. Palaniswami, “Internet of Things (IoT): A Vision, Architectural Elements, and Future Directions,” Future Gen. Comput. Syst, Vol. 29, No. 7, pp. 1645-1660, 2013. https://doi.org/10.1016/j.future.2013.01.010
  2. K. H. Wang, C. M. Chen, W. Fang and T. Y. Wu, "A Secure Authentication Scheme for Internet of Things," Pervasive and Mobile Computing, Vol. 42, pp. 15-26, 2017. https://doi.org/10.1016/j.pmcj.2017.09.004
  3. R. J. McEliece, "A Public-Key Cryptosystem Based On Algebraic Coding Theory," Technical Report, NASA, 1978.
  4. C. A. Melchor, N. Aragon, M. Bardet, S. Bettaieb, L. Bidoux, O. Blazy, J. C. Deneuville, P. Gaborit, A. Hauteville, A. Otmani, O. Ruatta, J. P. Tillich, and G. Zemor, "ROLLO-Rank-Ouroboros, LAKE& LOCKER," Submission to the NIST Post Quantum Standardization Process, Round 2, 2019.
  5. K. S. Roy and H. K. Kalita, “A Code based Light-weight Authentication Scheme for IoT in Fog Computing Environment,” Jour of Adv Research in Dynamical & Control Systems, Vol. 11, No. 6, pp. 97-107, 2019.
  6. Github: source code [internet], https://github.com/starj1023/Code-Based-Protocol-ROLLO-
  7. A. Armando, D. Basin, Y. Boichut,Y. Chevalier, L. Compagna, J. Cuellar, P. Hankes Drielsma, P. C. Heam, O. Kouchnarenko, J. Mantovani, S. Modersheim, D. V. Oheimb, M. Rusinowitch, J. Santiago, M. Turuani, L. Vigano, and L. Vigneron, "The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications," in Proceedings of the 17th International Conference on Computer Aided Verification (CAV'05), Vol. 3576, pp. 281-285, 2005.