跳到主要內容

臺灣博碩士論文加值系統

(2600:1f28:365:80b0:879a:e16d:38fe:36d8) 您好!臺灣時間:2024/12/13 07:46
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:黃聖傑
研究生(外文):Sheng-Jie Huang
論文名稱:物聯網安全機制之研究
論文名稱(外文):A Research on Security Mechanisms in Internet-of-Things
指導教授:張雅芬張雅芬引用關係
指導教授(外文):Ya-Fen Chang
學位類別:碩士
校院名稱:國立臺中科技大學
系所名稱:資訊工程系碩士班
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2020
畢業學年度:108
語文別:英文
論文頁數:23
中文關鍵詞:身份驗證物聯網簽名數位簽章橢圓曲線密碼學金鑰交換無人機無人機聯網
外文關鍵詞:authenticationIoTInternet of ThingssignatureECCelliptic curve cryptographykey agreementInternet of DronesIoD
相關次數:
  • 被引用被引用:1
  • 點閱點閱:213
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
透過物聯網(IoT),能夠讓我們日常生活中使用的設備互相溝通。物聯網有各種應用,例如工業自動化和醫療科技。但是,設備之間數據交換是透過公共網路做傳輸,因此應有妥善的安全機制。為了保護數據的安全性,數位簽章和雜湊函數會時常被採用。Rao和Prema使用客製化的BLAKE2b雜湊函數c-BLAKE2b和橢圓曲線加密演算法ECDSA,以提出了適用於IoT的身份驗證方法。他們宣稱,他們的方法適用於計算能力有限的IoT設備,且可同時兼顧安全性與效能。然而,詳細分析他們的方法後,我們發現該方法,無法抵禦冒充攻擊與重送攻擊。在本研究中,我們將展示這些攻擊如何威脅Rao和Prema的方法。
另外,物聯網技術亦可應用於無人機以構成無人機互聯網(IoD)。在IoD中,無人機可以幫助政府收集或傳輸數據進行救災、地形調查、軍事、火災探測等。為了保護IoD數據傳輸的安全性,Zhang等學者提出了一種僅使用XOR運算和單向雜湊函數來抵抗已知攻擊的輕量化認證和密鑰協商方法,他們聲稱其方法可以有效降低通訊和計算成本。在分析他們的方法之後,我們發現他們的方法無法確保用戶匿名,並無法抵禦阻斷服務攻擊和重播攻擊。本研究中亦詳細分析這些安全缺失是如何威脅到Zhang等學者的方法。
Via IoT (Internet of Things), devices used in our daily life can communicate with each other. IoT is also applied to various applications such as industrial automation and eHealth. However, messages exchanged among devices are transmitted via public channels such that proper security mechanisms are required. In order to protect the security of data, digital signature and hash function are usually adopted. Rao and Prema proposed an authentication scheme in IoT by using the customized BLAKE2b hash function, c-BLAKE2b, and the elliptic curve digital signature scheme, ECDSA. They claimed that their scheme could ensure security and efficiency at the same time for IoT devices with limited computational capability. After analyzing their scheme, we find that their scheme is vulnerable to impersonation attack and replay attack. In this thesis, how the found security flaws damage Rao and Prema’s scheme are shown.
On the other hand, IoT technologies can be applied to drones to form Internet of Drones (IoD). In IoD, drones can help the government to gather or transmit data for disaster relief, investigation of terrain, military, fire detection and so on. In order to protect the security of data transmission for IoD, Zhang et al. proposed a lightweight authentication and key agreement scheme by using only XOR operation and one-way hash function to resist known attacks. They claimed that their scheme could effectively reduce communication and computation cost. After analyzing their scheme, we find that their scheme is vulnerable to compromised user anonymity, denial-of-service attack and replay attack. In this thesis, how these found security flaws threaten Zhang et al.’s scheme is shown in detail.
中文摘要.........................................................i
Abstract........................................................ii
Table of contents...............................................iii
List of figures.................................................iv
List of tables..................................................v
Chapter 1. Introduction.........................................1
1.1 Motivation and background...................................1
1.2 Thesis organization.........................................3
Chapter 2. Review of Rao and Prema’s authentication scheme......4
2.1 Key generation phase........................................5
2.2 Registration phase..........................................5
2.3 Authentication phase........................................6
2.3.1 Signature generation process..............................6
2.3.2 Signature verification process............................7
Chapter 3. Security analysis of Rao and Prema’s scheme..........8
3.1 Impersonation attack........................................8
3.2 Replay attack...............................................10
Chapter 4. Review of Zhang et al.’s scheme......................11
4.1 Setup phase.................................................11
4.2 User registration phase.....................................13
4.3 Drone Registration phase....................................14
4.4 Authentication phase........................................15
Chapter 5. Security analysis of Zhang et al.’s scheme...........17
5.1 Vulnerability to compromised user anonymity.................17
5.2 Vulnerability to denial-of-service attack...................18
5.3 Vulnerability to replay attack..............................20
Chapter 6. Conclusions..........................................21
Bibliography....................................................22
[1] S. Abughazalah, K. Markantonakis, and K. Mayes, “Secure improved cloud-based RFID authentication protocol,” Lecture Notes in Computer Science, Vol. 8872, Springer, Cham, Switzerland, pp. 147-164, 2015.
[2] K. Fan, W. Jiang, H. Li and Y. Yang, “Cloud-based RFID mutual authentication scheme for efficient privacy preserving in IoV,” Journal of the Franklin Institute, https://doi.org/10.1016/j.jfranklin.2019.02.023, 2019.
[3] M.S. Farash, M. Turkanović, S. Kumari and M. Hölbl, “An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment,” Ad Hoc Networks, Vol. 36, pp. 152-176, 2016.
[4] R. Amin, SK Hafizul Islam, G.P. Biswas, M. K. Khan, L. Leng and N. Kumar, “Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks,” Computer Networks, Vol. 101, pp. 42-62, 2016.
[5] W. Li and P. Wang, “Two-factor authentication in industrial Internet-of-Things: Attacks, evaluation and new construction,” Future Generation Computer Systems, Vol. 101, pp. 694-708, 2019.
[6] K. Fan, W. Jiang, H. Li and Y. Yang, “Lightweight RFID protocol for medical privacy protection in IoT,” IEEE Transactions on Industrial Informatics, Vol. 14, No. 4, pp. 1656-1665, 2018.
[7] S. F. Aghilia, H. Mala, P. Kaliyar and M. Conti, “SecLAP: Secure and lightweight RFID authentication protocol for Medical IoT,” Future Generation Computer Systems, Vol. 101, No.01, pp. 621-634, 2019.
[8] V. Rao and K.V Prema, “Light-weight hashing method for user authentication in Internet-of-Things,” Ad Hoc Networks, Vol. 89, pp. 97-106, 2019.
[9] J.-P. Aumasson, S. Neves , Z. Wilcox-O’Hearn and C. Winnerlein, “BLAKE2: simpler, smaller, fast as MD5,” Proceedings of International Conference on Applied Cryptography and Network Security, Springer-Verlag Berlin Heidelberg, pp. 119-135, 2013 .
[10] J.-P. Aumasson and L. Henzen, W. Meier, and R.C.-W. Phan, “SHA-3 proposal BLAKE,” Submission to National Institute of Standards and Technology, 2010.
[11] Y. F. Chang, S. J. Huang and W. L. Tai, “Comments on light-weight hashing method for user authentication in Internet-of-Things,” Proceedings of IAM 2020 Winter, Sapporo, Japan, pp. 353-362, 2020.

[12] J. Won, S.-H. Seo and E. Bertino, “Certificateless cryptographic protocols for efficient drone-based smart city applications,” IEEE Access, Vol. 5, pp. 3721-3749, 2017.
[13] B. Semal, K. Markantonakis and R. N. Akram, “A certificateless group authenticated key agreement protocol for secure communication in untrusted UAV networks,” Proceedings of 2018 IEEE/AIAA 37th Digital Avionics Systems Conference (DASC), pp. 1-8, 2018.
[14] J. H. Cheon, K. Han, S.-M. Hong, H. J. Kim, J. Kim, S. Kim, H. Seo, H. Shim and Y. Song, “Toward a secure drone system: flying with real-time homomorphic authenticated encryption,” IEEE Access, Vol. 6, pp. 24325-24339, 2018.
[15] S. H. Alsamhi, O. Ma, M. S. Ansari and F. A. Almalki, “ Survey on collaborative smart drones and internet of things for improving smartness of smart cities,” IEEE Access, Vol. 7, pp. 128125-128152, 2019.
[16] G. Choudhary, V. Sharma and I. You, “Sustainable and secure trajectories for the military internet of drones (IoD) through an efficient medium access control (MAC) protocol,” Computers & Electrical Engineering, Vol. 74, pp. 59-73, 2019.
[17] Y. Zhang, D. He, L. Li and B. Chen, “A lightweight authentication and key agreement scheme for internet of drones,” Computer Communications, Vol. 154, pp. 455-464, 2020.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊