Journal of Digital Convergence (디지털융복합연구)

The Society of Digital Policy and Management (한국디지털정책학회)
권호 표지
DOI QR코드

DOI QR Code

Inter-device Mutual authentication and Formal Verification in M2M Environment

M2M 환경에서 장치간 상호 인증 및 정형검증

  • Bae, WooSik (Dept. of AIS Center, Ajou Motor College)
  • Received : 2014.07.10
  • Accepted : 2014.09.20
  • Published : 2014.09.28
Download PDF
⟨ Previous Next ⟩

Abstract

In line with the advanced wireless communication technology, M2M (Machine-to-Machine) communication has drawn attention in industry. M2M communication features are installed and operated in the fields where human accessibility is highly limited such as disaster, safety, construction, health and welfare, climate, environment, logistics, culture, defense, medical care, agriculture and stockbreeding. In M2M communication, machine replaces people for automatic communication and countermeasures as part of unmanned information management and machine operation. Wireless M2M inter-device communication is likely to be exposed to intruders' attacks, causing security issues, which warrants proper security measures including cross-authentication of whether devices are legitimate. Therefore, research on multiple security protocols has been conducted. The present study applied SessionKey, HashFunction and Nonce to address security issues in M2M communication and proposed a safe protocol with reinforced security properties. Notably, unlike most previous studies arguing for the security of certain protocols based on mathematical theorem proving, the present study used the formal verification with Casper/FDR to prove the safety of the proposed protocol. In short, the proposed protocol was found to be safe and secure.

최근 무선통신 시스템의 기술이 발전함으로 M2M(Machine-to-Machine)이 산업분야에서 관심이 되고 있다. 기기간 통신인 M2M은 재난, 안전, 건설, 보건복지, 기상, 환경, 물류, 문화, 국방, 의료, 농.축산 등 사람의 접근이 어려운 공간 등에 설치되어 운용된다. 이는 사람을 대신해 장비들이 자동으로 상황에 맞추어 통신을 하고 어느 정도의 조치는 자동으로 취해지도록 함으로써 사람을 대신한 정보 관리 및 장비 운영을 할 수 있다. M2M이 디바이스간 통신이 무선으로 이루어지는 경우 공격자의 공격에 노출되어 운영되는 보안적 문제로 정당한 장치인지 상호인증 등 적절한 보안이 필요하다. 관련하여 최근 보안적으로 안전한 많은 프로토콜이 연구 되고 있으며 본 논문에서는 M2M 보안문제를 해결하기 위하여 SessionKey, HashFunction, 및 Nonce 를 적용하였으며 보안취약성을 보완한 안전한 프로토콜을 제안한다. 제안프로토콜을 기존의 대부분의 연구처럼 수학적 정리증명으로 안전함을 주장하지 않고 Casper/FDR을 이용하여 정형검증 하였으며 실험결과 제안프로토콜이 안전함이 확인되었다.

Keywords

References

  1. J. S. Song, "M2M Standards and Technology Trends," TTA Journal, Vol.150, pp.84-89, 2013. 11.
  2. C. S. Pyo, "M2M Techonolgy and Its Standardization Trends, oneM2M 2013 Seoul International Conference, 2013. 06
  3. G. Wu, S. TalwReader, K. Johnsson, N. Himayat, and K. D. Johnson, "M2M: from mobile to embedded internet," IEEE Communications Magazine, vol. 49, no. 4, pp. 36-43, 2011.
  4. Huy Hoang Ngo, XianpingWu, Phu Dung Le and Bala Srinivasan, "An individual and group authentication model for wireless network services," JCIT: Journal of Convergence Information Technology, vol.5, no.1, pp.82-94, 2010.
  5. ETSI, "Machine to Machine Communications (M2M); M2M functional architecture," ETSI, TS 102 690, DEC, 2011.
  6. K. Oh, T. Kim, and H. Kim, "Implementation of publickey-based key distribution in wireless sensor network," in Proc. KOSBE, , pp. 95-98, Seoul, Korea, Feb. 2008
  7. R. Hummen, J. H. Ziegeldorf, H. Shafagh, S. Raza, and K. Wehrle, "Towards viable certificate-based authentication for the Internet of Things," in Proc, ACM HotWiSec '13, pp. 37-42, Budapest, Hungary, Apr. 2013
  8. P. Kalyani and C. Chellappan, "Heterogeneous wireless moobile sensor network mobile based routing adapted to dynamic topology," European Journal of Scientific Research, vol. 50, no. 1, pp.143-150, 2011.
  9. G. Lowe. " Casper: A compiler for the analysis of security protocols." User Manual and Tutorial. Version 1.12 2009
  10. Oxford University Computing Laboratory. FDR2 User Manual, 19th October 2010
  11. oneM2M-TR-0003. " Analysis of Security Solutions for the oneM2M System." Technical Specification. 2014. 08
  12. C.A.R HoReadere. Communicating Sequential Processes. Prentice-Hall. 1985