Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지

ECQV Certificate Based Security Mechanism for End-to-End Security in IoT

IoT 종단간 보안을 위한 ECQV 인증서 기반의 보안 메커니즘

  • Received : 2017.03.04
  • Accepted : 2017.03.27
  • Published : 2017.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

IoT technology is evolving and related services and technologies are spreading throughout the life. These IoT technologies make life easier for users, but they also have big threats like double-edged swords. Therefore, the importance of security is emerging and related researches are actively proceeding. Existing researches have focused on reducing the computational load on the constrained devices, performing the DTLS for the end-to-end security from a network architecture perspective. In this paper, we propose a DTLS protocol that uses ECQV certificate instead of existing X.509 certificate to reduce the load of DTLS protocol from the network perspective. In addition, the proposed scheme is implemented and compared with PSK and RPK modes.

IoT 기술은 점차 발전하고 있으며 관련 서비스와 기술들이 생활 곳곳에 스며들고 있다. 이러한 IoT 기술은 사용자의 삶을 편하게 해주지만 양날의 검처럼 큰 위협 또한 가지고 있다. 때문에 보안의 중요성이 떠오르며 관련 연구들이 활발하게 진행되고 있다. 기존에 진행되는 연구들은 네트워크 아키텍처 관점에서 종단간 보안을 위해 DTLS를 사용하며 특히 성능이 제약된 기기에 생기는 부하를 줄이는 데 초점이 맞춰져 있다. 본 논문에서는 역시 네트워크 관점에서 DTLS 프로토콜의 부하를 줄이기 위해 기존의 X.509 인증서가 아닌 경량화된 인증서인 ECQV 인증서를 사용하는 DTLS 프로토콜을 제안한다. 또한 제안기법을 실제로 구현하고 기존의 보안 모드인 PSK, RPK 모드와 비교 및 분석한다.

Keywords

References

  1. Granjal, Jorge, Edmundo Monteiro, and Jorge Sa Silva, "Security in the integration of low-power wireless sensor networks with the internet: A survey," Ad Hoc Networks 24, pp. 264-297, 2015. https://doi.org/10.1016/j.adhoc.2014.08.001
  2. Roman, Rodrigo, Pablo Najera, and Javier Lopez, "Securing the internet of things," Computer 44.9, pp. 51-59, 2011. https://doi.org/10.1109/MC.2011.291
  3. IEEE Computer Society. IEEE Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements Part 15.4: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks (WPANs), 2006.
  4. Kushalnagar, Nandakishore, Gabriel Montenegro, and Christian Schumacher, "IPv6 over low-power wireless personal area networks (6LoWPANs): overview, assumptions, problem statement, and goals," No. RFC 4919, 2007.
  5. Winter, Tim, "RPL: IPv6 routing protocol for low-power and lossy networks," 2012.
  6. Shelby, Zach, Klaus Hartke, and Carsten Bormann, "The constrained application protocol (CoAP)," No. RFC 7252, 2014.
  7. Hummen, R., Shafagh, H., Raza, S., Voig, T., & Wehrle, K, "Delegation-based Authentication and Authorization for the IP-based Internet of Things," 2014 Eleventh Annual IEEE International Conference on Sensing, Communication, and Networking (SECON), IEEE, pp. 284-292, 2014.
  8. dos Santos, G. L., da Cunha Rodrigues, G., Granville, L. Z., & Tarouco, L. M. R, "A DTLS-based security architecture for the Internet of Things," 2015 IEEE Symposium on Computers and Communication (ISCC), IEEE, pp. 809-815, 2015.
  9. 권혁진, and 강남희, "사물인터넷에서 경량화 장치 간 DTLS 세션 설정 시 에너지 소비량 분석," 한국통신학회논문지 40.8, pp. 1588-1596, 2015. https://doi.org/10.7840/kics.2015.40.8.1588