• 한국컴퓨터정보학회논문지
• /
• 제25권1호
• /
• pp.87-92
• /
• 2020

IoT 네트워크 환경에서는 서버 등의 고성능 장치부터 각종 센서, 수동형 RFID 등 저사양 장치까지 다수의 여러 장치들이 연결되어 있다. 그렇기에 불법적인 공격에 노출되어 있으며 데이터를 암호화하여 통신을 수행하여야 한다. 암호화 알고리즘으로 대칭키, 공개키 암호화 및 해시 기법 등을 사용할 수 있으나 저성능 IoT 디바이스는 암호화 프로세스를 처리하기에는 적합하지 않는 하드웨어 성능을 가지고 있어 이러한 방법을 채택할 수 없는 경우가 발생한다. 본 논문에서는 블록체인 시스템과 연동한 경량 상호 인증 프로토콜을 적용하여 IoT 환경에서 저성능 단말장치의 안전한 통신을 보장하는 인증 기법을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권2호
• /
• pp.1180-1200
• /
• 2017

Currently, automated payment services provide intuitive user interfaces by adapting various wireless communication devices with mobile services. For example, companies like Samsung, Google, and Apple have selected the NFC payment method to service payments of existing credit cards. An electronic payment standard has been released for NFC activation within Korea and will strengthen the safety of payment service communications. However, there are various security risks regarding the NFC-based electronic payment method. In particular, the NFC payment service using the recently released lightweight devices cannot provide the cryptographic strength that is supported by many financial transaction services. This is largely due to its computational complexity and large storage resource requirements. The chaotic map introduced in this study can generate a highly complicated code as it is sensitive to the initial conditions. As the lightweight study using the chaotic map has been actively carried out in recent years, associated authentication techniques of the lightweight environment have been released. If applied with a chaotic map, a high level of cryptographic strength can be achieved that can provide more functions than simple XOR operations or HASH functions. Further, this technique can be used by financial transaction services. This study proposes a mutual authentication technique for NFC-PCM to support an NFC payment service environment based on the chaotic map.

• Journal of Information Processing Systems
• /
• 제7권4호
• /
• pp.691-706
• /
• 2011

Since security and privacy problems in RFID systems have attracted much attention, numerous RFID authentication protocols have been suggested. One of the various design approaches is to use light-weight logics such as bitwise Boolean operations and addition modulo $2^m$ between m-bits words. Because these operations can be implemented in a small chip area, that is the major requirement in RFID protocols, a series of protocols have been suggested conforming to this approach. In this paper, we present new attacks on these lightweight RFID authentication protocols by using the Gr$\ddot{o}$bner basis. Our attacks are superior to previous ones for the following reasons: since we do not use the specific characteristics of target protocols, they are generally applicable to various ones. Furthermore, they are so powerful that we can recover almost all secret information of the protocols. For concrete examples, we show that almost all secret variables of six RFID protocols, LMAP, $M^2AP$, EMAP, SASI, Lo et al.'s protocol, and Lee et al.'s protocol, can be recovered within a few seconds on a single PC.

• IEIE Transactions on Smart Processing and Computing
• /
• 제1권2호
• /
• pp.95-105
• /
• 2012

The widespread implementation of RFID in ubiquitous computing is constrained considerably by privacy and security unreliability of the wireless communication channel. This failure to satisfy the basic, security needs of the technology has a direct impact of the limited computational capability of the tags, which are essential for the implementation of RFID. Because the universal application of RFID means the use of low cost tags, their security is limited to lightweight cryptographic primitives. Therefore, EPCGen2, which is a class of low cost tags, has the enabling properties to support their communication protocols. This means that satisfying the security needs of EPCGen2 could ensure low cost security because EPCGen2 is a class of low cost, passive tags. In that way, a solution to the hindrance of low cost tags lies in the security of EPCGen2. To this effect, many lightweight authentication protocols have been proposed to improve the privacy and security of communication protocols suitable for low cost tags. Although many EPCgen2 compliant protocols have been proposed to ensure the security of low cost tags, the optimum security has not been guaranteed because many protocols are prone to well-known attacks or fall short of acceptable computational load. This paper proposes a remedy protocol to the flyweight RFID authentication protocol proposed by Burmester and Munilla against a desynchronization attack. Based on shared pseudorandom number generator, this protocol provides mutual authentication, anonymity, session unlinkability and forward security in addition to security against a desynchronization attack. The desirable features of this protocol are efficiency and security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권2호
• /
• pp.978-1002
• /
• 2019

With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

• 정보과학회 논문지
• /
• 제43권11호
• /
• pp.1245-1258
• /
• 2016

다양한 기기들이 상호 연결되어 통신하는 IoT 환경에서는 보안 위협을 방지하기 위해 암호 알고리즘, 메시지 인증 코드 등 기밀성과 무결성을 제공하는 암호 기술을 사용한다. 안전성이 검증된 기존 암호 기술들이 다수 존재하지만, 저전력 저성능의 마이크로 컨트롤러 기반 IoT 기기에 기존 암호 기술을 그대로 사용하기 어렵기 때문에 다양한 경량 암호 기술이 등장하게 되었다. 최근 경량 블록 암호 알고리즘에 대한 연구는 꾸준히 증가하고 있지만, 경량 메시지 인증 코드에 대한 연구는 미흡한 실정이다. 따라서, 본 논문에서는 다양한 메시지 인증 코드에 대한 분류 분석을 통해 향후 메시지 인증 코드의 발전 방향에 대해 제시한다. 또한, 기반 기술별 대표 알고리즘을 실제 마이크로 컨트롤러에 구현 실험하여 저사양 환경에서의 알고리즘 성능 저하를 실증적으로 검증한다.

• 한국정보과학회논문지:정보통신
• /
• 제34권3호
• /
• pp.175-185
• /
• 2007

IEEE 802.15.4 표준에서 데이타 또는 명령프레임의 성공적인 수신과 검증은 확인(Acknowledgment) 프레임을 통해 수행되어 진다. 하지만, 현재의 표준에서는 확인 프레임을 위한 어떠한 보안 기능도 제공하고 있지 않으며, 악의적인 노드는 언제든지 확인 프레임을 이용한 공격이 가능하다. 본 논문에서는 IEEE 802.15.4 네트워크 환경에서 확인 프레임을 위한 링크 레이어 (link-layer) 상의 개체 인증 메커니즘을 제안한다. 제안된 메커니즘은 인증을 위해 3바트의 값을 사용하므로 디바이스의 오버헤드를 크게 감소시킬 수 있다. 개체 인증에 사용되는 암호화된 비트 스트림은 연결설정 (association) 과정을 통해 코디네이터로부터 디바이스에게 전달되어진다. 확률적인 이론과 시abf레이션 결과를 통해 제안된 메커니즘이 MAC 레이어의 공격을 효과적으로 탐지할 수 있음을 증명한다.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2010년도 추계학술대회
• /
• pp.629-630
• /
• 2010

Radio frequency identification (RFID) tags are cheap, simple devices that can store unique identification information and perform simple computation to keep better inventory of packages. Because of this, they are intended to replace the barcodes for supply chain management in the near future. However, unlike barcodes, these tags have a longer range in which they are allowed to be scanned, subjecting them to unauthorized scanning by malicious readers and to various attacks. Therefore, a security protocol for RFID tags is needed to ensure privacy and authentication between each tag and their reader. In order to accomplish this, in this paper, we proposed a lightweight privacy and authentication protocol for passive RFID tags.

• 한국통신학회:학술대회논문집
• /
• 한국통신학회 2004년도 추계종합학술대회 논문 초록집
• /
• pp.437-437
• /
• 2004

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2011년도 추계학술대회
• /
• pp.253-254
• /
• 2011

Most of existing RFID authentication protocols either suffer from some security weaknesses or require costly operations that are not available on low-cost tags. In this paper, we analyzed the security mechanism of a lightweight authentication protocol.