Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on the Development of Secure Communication Channel Using PUF Technology in M-IoT Environment

M-IoT 환경에서 PUF 기술을 활용한 안전한 통신채널 구성 기법

  • 김수민 (국방대학교 국방과학학과) ;
  • 이수진 (국방대학교 국방과학학과)
  • Received : 2019.09.24
  • Accepted : 2019.12.30
  • Published : 2019.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Based on the Internet of Things technology, one of the core technologies of the fourth industrial revolution, our Ministry of Defense is also pushing to establish M-IoT in defense area to improve management efficiency, innovate military culture and strengthen military power. However, devices connected to the Military Internet of Things can be easily exposed to various of cyber threats as most of them are developed and with a focus on improving sensing and communication skills that collect and transmit data. And it is not easy to uniquely identify the numerous heterogeneous devices, and to establish a secure communication channel between devices or between devices and management servers. In this paper, based on PUF technology, we propose a novel key management scheme that can uniquely identify the various devices, and generate the secret keys needed for the establishment of a secure communication channel using non-replicable information generated by the PUF. We also analyze the efficiency of our proposed scheme through comparison with existing key management scheme and verify the logic and security using BAN Logic.

4차 산업혁명의 핵심기술 중 하나인 사물인터넷 기술을 기반으로 국방부도 경영 효율화, 병영문화 혁신 및 전력 강화 등을 위해 국방 사물인터넷(M-IoT)의 구축을 추진하고 있다. 그러나 국방 사물인터넷에 연결되는 기기들은 대부분 데이터를 수집하고 전송하는 센싱 및 통신능력 향상에 중점을 두고 개발 및 도입되기 때문에 다양한 사이버위협에 손쉽게 노출될 수 있다. 또한, 국방 사물인터넷 환경에서 운용될 수많은 종류의 기기들을 고유하게 식별하고 기기 간 혹은 기기들과 관리서버 간의 안전한 통신채널을 구성하기도 쉽지 않다. 이에 본 논문에서는 PUF 기술을 기반으로 국방 사물인터넷 환경에서 운용될 다양한 기기들을 고유하게 식별해 내고, PUF가 생성하는 복제 불가능한 정보를 이용하여 안전한 통신채널 구성에 필요한 비밀키를 설립하고 관리해 나갈 수 있는 키 관리 기법을 제안하며 기존 키 관리 기법들과의 비교를 통해 제안된 키 관리 기법의 안전성을 분석하고, BAN Logic을 통해 논리성과 안전성을 검증한다.

Keywords

References

  1. 김장환. (2017). 사물인터넷과 AI가 가져올 산업구조의 변화. 융합보안논문지, 17(5), 93-99.
  2. M. M. Hossain, M. Fotouhi and R. Hasan. Towards an analysis of security issues, challenges, and open problems in the internet of things. 2015.
  3. S. Babar, P. Mahalle, A. Stango, N. Prasad, and R. Prasad, "Proposed security model and threat taxonomy for the internet of things (IoT)," in Anonymous Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 420-429, 2010.
  4. M. Abomhara, G. M. Koien, "Security and privacy in the internet of things: Current status and open issues," 2014 International Conference on Privacy and Security in Mobile Systems (PRISMS), pp. 1-8, 2014.
  5. J. Granjal, E. Monteiro and J. Sa Silva, "Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues," IEEE Communications Surveys & Tutorials, vol. 17, pp. 1294-1312, 2015. https://doi.org/10.1109/COMST.2015.2388550
  6. M. Asplund and S. Nadjm-Tehrani, "Attitudes and Perceptions of IoT Security in Critical Societal Services," IEEE Access, vol. 4, pp.2130-2138, 2016. https://doi.org/10.1109/ACCESS.2016.2560919
  7. 유우영. (2018). IoT 보안에 대한 국내외 연구 동향 분석. 융합보안논문지, 18(1), 61-67.
  8. 이동건, 이연철, 김경훈, 박종규, 최용제, 김호원, "안전하고 신뢰성 있는 PUF 구현을 위한 가이드라인," 정보보호학회논문지, 제 24권, 제 1호, pp. 241-259, 2014. https://doi.org/10.13089/JKIISC.2014.24.1.241
  9. U. Rṻhrmair and D. E. Holcomb, "PUFs at a Glance," In Proceedings of the conference on Design, Automation & Test in Europe (DATE '14), 2014.
  10. 백종학, 신광조, "PUF 기술을 활용한 보안칩 기술 개발과 그 응용 분야," 전자공학회지, 7월, 2016.
  11. 변진욱, "PUF 기반 RFID 인증 프로토콜의 효율적설계에 관한 연구," 정보보호학회논문지, 제 24권, 제5호, pp. 987-999, 2014. https://doi.org/10.13089/JKIISC.2014.24.5.987
  12. C. W. O'Donnell, G. E. Suh, and S. Devadas, "PUF Based Random Number Generation," MIT CSAIL CSG Technical Memo 481, 2004.
  13. J. Zhang, B. Qi, and G. Qu, "HCIC: Hardware- assisted Control-flow Integrity Checking," IEEE Internet of Things Journal, pp. 1-14, 2018.
  14. Y. Alkabani, F. Koushanfar, N. Kiyavash, and M. Potkonjak. "Trusted integrated circuits: A nondestructive hidden characteristics extraction approach", Lecture Notes in Computer Science, Springer-Berlin, vol. 5284, pp. 102-117, 2008.
  15. J. Bringerr, H. Chabanne, T. Icart, "On physical obfuscation of cryptographic algorithms," vol. 5922 of Lecture Notes in Computer Science, Springer-Verlag, pp. 88-103, 2009.
  16. 정진우, 이수진. (2019). 5G 인증 및 키합의 프로토콜(5G-AKA)의 보안취약점과 PUF 기반의 보안성 향상 방안 . 융합보안논문지, 19(1), 3-10.
  17. 백종학, 신광조, "PUF 기술을 활용한 보안칩 기술 개발과 그 응용 분야," 전자공학회지, 제 43권, 제7호, pp. 59-67, 2016.
  18. M. Huang, B. Yu, and S. Li, "Puf-assisted group key distribution scheme for software-defined wireless sensor networks," IEEE Communications Letters, Vol 22, no. 2, pp. 404-407, 2018. https://doi.org/10.1109/LCOMM.2017.2778725
  19. 이종훈, 박정수, 정승욱, 정수환. (2013). PUF 기반의 보안 USB 인증 및 키 관리 기법. 한국통신학회 논문지(J-KICS) '13-12 Vol.38B No.12
  20. J. Liu, Y. Xiao and C.L. Philip Chen, Authentication and Access Control in the Internet of Things, ICDCSW, 2012, 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops, 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops 2012, pp. 588-592.
  21. S. Sciancalepore, A. Capossele, G. Piro, G. Boggia and G. Bianchi, Key Management Protocol with Implicit Certificates for IoT systems, IoT-Sys '15 Proceedings of the 2015 Workshop on IoT challenges in Mobile and Industrial Systems,2015, pp. 37-42.
  22. Y. Ben Saied and A. Olivereau, D-HIP: A distributed key exchange scheme for HIP-based Internet of Things, World of Wireless, Mobile and Multimedia Networks (WoWMoM), 2012 IEEE International Symposium on a, June 2012, pp. 1-7.
  23. An. Braeken, P. Kumar, A. Gurtov, M. Ylianttila, Proxy-based end-toend key establishment protocol for the Internet of Things, 2015 IEEE International Conference on Communication Workshop (ICCW), pp. 2677-2682.
  24. J. Shen, M. Sangman and I. Chung, A Novel Key Management Protocol in Body Area Networks , ICNS 2011 : The Seventh International Conference on Networking and Services, pp. 246-251.
  25. Yue Li, Design of a Key Establishment Protocol for Smart Home Energy Management System, 2013 Fifth International Conference on Computational Intelligence, Communication Systems and Networks (CICSyN), June 2013, pp. 88-93.
  26. L. Veltri, S. Cirani, S. Busanelli and G. Ferrari, A novel batch-based group key management protocol applied to the Internet of Things, Ad Hoc Networks, November 2013, vol. 11, pp. 2724-2737. https://doi.org/10.1016/j.adhoc.2013.05.009
  27. M. Riyadh Abdmeziem, T. Djamel and I. Romdhani, A Decentralized Batch-Based Group Key Management Protocol for Mobile Internet of Things (DBGK), 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM), 2015, pp. 1109-1117.
  28. Gavin Lowe, "Casper : A compiler for the analysis of security protocols," In Proc. 10th IEEE Computer Security Foundations Workshop, 1997.
  29. F.J. Thayer Fabrega, J.C. Herzog, and J. D. Guttman. "Strand spaces : Proving security protocols correct," Journal of Computer Security, 1999.
  30. M. Burrows, M. Abadi, and R. Needham, "A logic of authentication," ACM Trans. Comput. Syst. 8(1), pp.18-36, 1990. https://doi.org/10.1145/77648.77649
  31. M. Warnier, "Bilateral Key Exchange analysed in BAN logic," Research Note, 2002.