Journal of Internet of Things and Convergence (사물인터넷융복합논문지)

The Korea Internet of Things Society (한국사물인터넷학회)
권호 표지
DOI QR코드

DOI QR Code

A IoT Security Service based on Authentication and Lightweight Cryptography Algorithm

인증 및 경량화 암호알고리즘 기반 IoT 보안 서비스

  • Kim, Sun-Jib (Div. of Information Technology, Hansei University)
  • Received : 2020.12.15
  • Accepted : 2021.01.18
  • Published : 2021.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

The IoT market continues to expand and grow, but the security threat to IoT devices is also increasing. However, it is difficult to apply the security technology applied to the existing system to IoT devices that have a problem of resource limitation. Therefore, in this paper, we present a service that can improve the security of IoT devices by presenting authentication and lightweight cryptographic algorithms that can reduce the overhead of applying security features, taking into account the nature of resource limitations of IoT devices. We want to apply these service to home network IoT equipment to provide security. The authentication and lightweight cryptographic algorithm application protocols presented in this paper have secured the safety of the service through the use of LEA encryption algorithms and secret key generation by users, IoT devices and server in the IoT environment. Although there is no difference in speed from randomly generating secret keys in experiments, we verify that the problem of resource limitation of IoT devices can be solved by additionally not applying logic for secret key sharing to IoT devices.

IoT 시장은 지속적으로 확대 성장하고 있지만, IoT 기기에 대한 보안 위협 또한 증가하고 있다. 그러나 자원 한정의 문제점을 가지고 있는 IoT 기기에 기존 시스템에 적용되었던 보안기술을 적용하는 것은 어렵다. 이에 본 논문에서는 IoT 기기의 자원 한정이라는 특성 하에서 보안 기능 적용에 따른 오버헤드를 줄일 수 있는 인증 및 경량 암호알고리즘 적용하여 IoT 기기의 보안성을 향상시킬 수 있는 서비스를 제시하여 IoT 기기가 제공되는 홈네트워크 등에 보안성을 제공하고자 한다. 이에 본 논문에서 제시하고 있는 인증 및 경량 암호알고리즘 적용 서비스는 기존 연구에서 증명되었던 IoT 환경에서 적용 가능한 LEA 암호화 알고리즘의 이용과 더불어 비밀키 생성에 있어 이용자, IoT 기기와 서버가 참여하여 3자의 상호인증기반 비밀키 생성을 통해 서비스의 안전성을 확보하였으며 실험에서 랜덤하게 비밀키를 생성하는 방식과 속도의 차이가 없으나, 부가적으로 비밀키 공유를 위한 로직을 IoT 기기에 적용하지 않음으로써 IoT 기기의 자원 한정의 문제점을 해결할 수 있음을 검증하였다.

Keywords

References

  1. IDC [Internet] https://www.idc.com/getdoc.jsp?containerId=IDC_P29 475, Worldwide Internet of Things Spending Guide.
  2. N.H.Kang, "Standard technology trends for IoT security", Information and Communication Magazine, Vol.21, No.9, pp.40-45, 2014.
  3. S.R.Oh and Y.G.Kim, "Security Analysis of MQTT and CoAP protocols in the IoT Environment" Proceeding of the Korea Information Processing Society Conference, Vol.23, No.1, pp.297-299, 2016.
  4. ISO/IEC, "Information technology - Message Queuing Telemetry Transport(MQTT) V3.1.1. "ISO/IEC 20922:2016, 2016.
  5. H.Y.Kim and J.N.Kim, "A Study of End-to-End Message Security Protocol Based on Lighweight Ciphers for Smart IoT Devices", Journal of The Korea Institute of Information Security & Cryptology, Vol.28, No.6, 2018.
  6. Zach Shelby, Klaus Hartke, and Carsten Bormann, "The Constrained Application Protocol(CoAP)", IETF RFC 7252, 2014.
  7. J. Daemen and V. Rjjmen, "The design of Rijndel:AES-the advanced encryption standard", Springer, 2013.
  8. D. Hong, J. Lee, D. Kim, D. Kwon, K. Ryu. and D. Lee, "LEA: A 128-Bit Block Cipher for Fast Encryption on Common Processors", ISA. LNCS Vol.8267, pp.3-27, Springer, 2013.
  9. J.M.Jeong, P.H.Kim, KY.Jung, E.J.Yoon and K.Y.Yoo, "Key Management Method for LEA Lightweight Block Cipher", Proceedings of Symposium of the Korean Institute of communications and Information Sciences, pp.959-960, 2017.
  10. R. Rivest, A. Shamir, and L. Adleman, "A method for obtaining Digital Signatures and Public-Key Crypto-systems", Communications of the ACM, Vol.21, No.2, pp.120-126, 1978. https://doi.org/10.1145/359340.359342
  11. N. Koblitz, "Elliptic curve cryptosystems", Mathematics of Computation, Vol.48, No.177, pp.203-209, 1987. https://doi.org/10.1090/S0025-5718-1987-0866109-5
  12. K.H.Lee, "A Scheme on Anomaly Prevention for Systems in IoT Environment", Journal of The Korea Internet of Things Society, Vol.5, No.2, pp.8195-101, 2019.
  13. KISIS [Internet] https://www.kisis.or.kr/kisis/subIndex/307.do
  14. Namuwiki [Internet] https://namu.wiki/w/LEA
  15. Wikipedia [Internet] https://en.wikipedia.org/wiki/ESP8266