The Journal of the Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회논문지)

The Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회)
권호 표지
DOI QR코드

DOI QR Code

Group Key Generation and Exchange Scheme using a Trapdoor Collision Hash in M2M Communications Environment

M2M 통신 환경에서 트랩도어 충돌 해쉬를 이용한 그룹키 생성 및 교환 기법

  • 김성수 (숭실대학교 일반대학원 컴퓨터학과) ;
  • 전문석 (숭실대학교 일반대학원 컴퓨터학과) ;
  • 최도현 (숭실대학교 일반대학원 컴퓨터학과)
  • Received : 2015.08.26
  • Accepted : 2015.10.09
  • Published : 2015.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

The development of wireless communication technology and change in the ICT market has led to the development of the M2M service and technology. Under these circumstances, the M2M environment has been the focus of communication environment construction between machines without control or direct intervention of human being. With characteristics of wireless communication environment, the possibility of being exposed to numerous security threats and safe communication security technology have becoming an issue an important requirements for problems such as data exposure, forgery, modulation, deletion, and privacy. This research analyzes requirements of trapdoor collision hash, generates keys between groups under the M2M environment by using the specificity of trapdoor, and suggests technology to exchange keys with session keys. Further, it also suggests techniques to confirm authentication of device and gateway in accordance with group key generation. The techniques herein suggested are confirmed as safe methods in that they have attack resistance such as Masquerade Attack, Man-in-the-Middle Attack, and Replay Attack in the group communication block by using the speciality of collision message and collision hash.

무선 통신 기술의 발전과 ICT 시장의 변화에 따라 M2M 서비스 활성화 및 기술은 지속적인 발전을 거듭하고 있다. 사람의 제어나 직접적인 개입 없이 사물과 사물간의 통신환경을 구축하는 M2M 환경이 주목받고 있다. 무선 통신 환경의 특성으로 데이터 노출, 위조, 변조, 삭제, 프라이버시 등의 문제에서 다양한 보안 위협에 노출 될 가능성과 안전한 통신 보안 기술이 중요 요구사항으로 이슈화되고 있다. 본 논문은 트랩도어 충돌 해쉬의 요구사항을 분석하고, 트랩도어의 특수성을 이용하여 M2M 환경에서 그룹간의 키를 생성하고, 이를 세션키로 교환하는 기법을 제안한다. 그리고 그룹키 생성에 이은 디바이스와 게이트웨이의 인증을 확인하는 기법을 제안한다. 제안하는 기법은 충돌 메시지와 충돌 해쉬의 특수성을 이용하여 그룹 통신 구간의 위장 공격, 중간자 공격, 재전송 공격 등의 공격 저항성을 가지는 안전한 기법임을 확인하였다.

Keywords

References

  1. Wen Quan JIN, Do Hyeun Kim, "Implemen tation and Experiment of CoAP Protocol Based on IoT for Verification of Interoperability," The Journal of The Institute of Internet Broadcasting and Communication(JIIBC), Vol 14, No 4, pp 7-12, Aug 2014. https://doi.org/10.7236/JIIBC.2014.14.4.7
  2. JungOh Park, Sangkun Kim, "Mutual Authentica tion and Key Establishment Mechanism for Secure Data Sharing in M2M Environment," The Journal of The Institute of Internet Broadcasting and Communication(JIIBC), Vol 15, No 4, pp 33-41, Aug 2015. https://doi.org/10.7236/JIIBC.2015.15.4.33
  3. G. Lawton, "Machine-to-Machine technology ge ars up for growth," IEEE Computer Society, Vol 37, No 9, pp 12-15, Sep 2004.
  4. KISA, "Internet Threat Trend things", Korea Internet & Security Agency, 2014.
  5. Jeongin Kim, Namhi Kan, "Secure Configuration Scheme of Pre-shared Key for Lightweight Devices in Internet of Things," The Journal of The Institute of Internet, Broadcasting and Communication(JIIBC), Vol 15, No 3, pp 1-6, Jun 2015. https://doi.org/10.7236/JIIBC.2015.15.3.1
  6. oneM2M-TS-0001, "oneM2M Functional Archi tecture Technical Specification" v0.2.1, 2013.
  7. Kim Zongheon, Kim Jaeu, Yoo Seok, Lee Jaeyong, "Wireless technology for M2M/IoT services," Korea Institute of Communications and Information Sciences(KICS), Vol 30, No 8, pp 11-19, 2013.
  8. Lee Junseop, "A Study on the M2M service layer in ITU-T and oneM2M," Conf. of Korea Information and Communications Society, pp 1381-1382, Jan 2015.
  9. oneM2M-TR-0008, "Analysis of security solution s for oneM2M system", v0.2.1, 2013.
  10. Yoo Heekyung, Sung Kyung, "Analysis and implementation of Digital Signature Algorithm using Hash function," Journal of The Korea Knowledge Information Technology Society (KKITS), Vol 6, No 3, pp 129-142, Jun 2011.
  11. KISA, "The Trend of Project related to Tech nology for Personal Information protection", Korea Internet and Security Agency, 2006.
  12. Ateniese Giuseppe, De Medeiros Breno, "Iden tity-based chameleon hash and applications," Financial Cryptography. Springer Berlin Heidelberg, pp 164-180, 2004.
  13. Krawczyk H., Rabin T., "Chameleon signatures," Proceedings of NDSS, pp 143-154, 2000.