한국전자통신학회논문지 (The Journal of the Korea institute of electronic communication sciences)

한국전자통신학회 (Korea Institute of Electronic Communication Science)
권호 표지
DOI QR코드

DOI QR Code

IoT 환경에서의 안전한 키 업데이트를 위한 하드웨어 연동 보안 시스템

Hardware Interlocking Security System with Secure Key Update Mechanisms In IoT Environments

  • 투고 : 2017.07.10
  • 심사 : 2017.08.01
  • 발행 : 2017.08.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

최근 사물인터넷(IoT)의 발전에 따라 IoT장비가 실생활에 적극적으로 사용되고 있다. 하지만 IoT장비의 사용이 늘어남에 따라서, IoT 보안 사고에 의한 사생활 침해의 문제 또한 늘어나고 있다. 키 관리는 보안 서비스에서 기본적이면서도 중요한 작업이다. 보안성 강화를 위해 인증 과정에서 동일한 키의 재사용은 제한되어야 하지만 다양한 키들을 기억하며 수동으로 업데이트하는 일은 어려운 일이다. 본 논문에서는 자동화된 키 관리 하드웨어 보안 모듈인 HSM을 제안한다. 제안하는 HSM은 IoT장치에 부착하여 장비와 직접 통신하며, 사용자의 개입 없이 안전하고 자동화된 키관리 과정을 제공한다. 제안된 기법을 통해서 제공되는 키는 인터넷 서비스에서의 사용자와 기기의 인증에 사용될 수 있다.

Recent advances in Internet of Things (IoT) encourage us to use IoT devices in daily living areas. However, as IoT devices are being ubiquitously used, concerns onsecurity and privacy of IoT devices are getting grown. Key management is an important and fundamental task to provide security services. For better security, we should restrict reusing a same key in sequential authentication sessions, but it is difficult to manually update and memorize keys. In this paper, we propose a hardware security module(HSM) for automated key management in IoT devices. Our HSM is attached to an IoT device and communicates with the device. It provides an automated, secure key update process without any user intervention. The secure keys provided by our HSM can be used in the user and device authentications for any internet services.

키워드

참고문헌

  1. J. Yoo, J. Ko, S. Jung, Y. Chung, K. Kim, K. Moon, and K. Chung, "Design of an Embedded Multimodal Biometric System," Electronics and Telecommunications Research Institute-Information Security Research Division, Dec, 2007, pp. 988-992.
  2. S. Yoon and G. Kim, "Personal Biometric Identification based on ECG Features," J. of the Korea Institute of Communication and Information Sciences, vol. 10, no. 4, 2015, pp. 521-526.
  3. L. Lamport, "Password Authentication with Insecure Communication," Communication of the ACM, vol. 24, no. 11, Nov, 1981, pp. 770-772. https://doi.org/10.1145/358790.358797
  4. N. Haller, C. Metz, P. Nesser, and M. Straw, "A One-Time Password System," RFC 2289, Bellcore, Kaman Sciences Corporation, Nesser and Nesser Consulting, Feb, 1998, pp. 1-25.
  5. C. Mitchell, "Remote user authentication using public information," 9th Institute of Mathematics and Application Conf. on Cryptography and Coding, Lecture Notes in Computer Science 2898, Berlin, Heidelberg, Dec, 2003, pp. 360-369.
  6. H. Chien and J. Jan, "Robust and Simple Authentication Protocol," Oxford J., The Computer J., vol. 46, no. 2, 2003. pp. 1-9. https://doi.org/10.1093/comjnl/46.1.1
  7. J. Soo and K. Park, "An Efficient data management Scheme for Hierarchical Multi-processing using Double Hash Chain," Digital Fusion Research, vol. 13, no. 10, 2015, pp. 271-278.
  8. H. Park and J. Seo, "Implementation of Mobile Authentication System for Context-Awareness based on Near Field Communication," J. of the Korea Institute of Communication and Information Sciences, vol. 12, no. 1, 2017, pp. 39-45.
  9. G. Montenegro and C. Castelluccia. "Crypto-based identifiers (CBIDs): Concepts and applications," ACM Trans. Information and System Security, vol. 7, no. 1, 2004, pp. 97-127. https://doi.org/10.1145/984334.984338
  10. E. Blass, O. Elkhiyaoui, K. Molva, and R. "Tracker: security and privacy for RFID based supply chains," In Proc. the 18th Network and Distributed System Security Symp., San Diego, California, Feb, 2011.
  11. V. Griffith, M. Jokobsson, and Messin, "Deriving mother's maiden names using public records," Applied Cryptography and Network Security (ACNS), Springer, Heidelberg, vol. Lecture Notes in Computer Science 3531, 2005, pp. 91-103.
  12. D. Klien, "A survey of and improvements to password security," UNIX Security II: USENIX Workshop Proc., Portland, Oregon, Aug, 1990.
  13. W. Jeong and S. Lee, "A Study on the Self-Key Generation Algorithm for Security Elevation in Near Field Communications," J. of the Korea Institute of Communication and Information Sciences, vol. 7, no. 5, 2012, pp. 1027-1032.