- 學位論文
建構適用於物聯網環境中無線感測網路之多因子匿名驗證機制的安全研究
A Research on Designing a Multi-factor Anonymous Authentication Scheme for Wireless Sensor Networks in Internet of Things Environments
摘要
物聯網(IoT)可在異質環境中實現遠端感測和控制,故可以應用於工業、交通、農業、醫療、軍事、公共安全等領域中。無線感測網路(WSN)為物聯網中重要基礎設施,其中感測節點將收集的數據提供給被授權之使用者。然而,感測節點的資源受限特質,例如傳輸和計算能力以及有限的能量,如何確保物聯網環境中無線感測網路的安全性和效率便成為一項挑戰。最近,Li等學者提出了一個三因子匿名身份驗證方法,該採用模糊承諾法和錯誤更正碼來處理使用者於物聯網環境中無線感測網路的生物特徵資料。他們聲稱他們的方法可以確保計算效率並確保更高的安全性和與更多的功能性。在分析了他們的認證方法後,我們發現該方法並無法如他們所宣稱地確保安全性。首先,惡意使用者可以取得感測節點的機密並偽裝成該感測節點。第二,惡意使用者可在沒有閘道節點的情況下獲取感測資料,即便他使用的是假造的辨別號。第三,惡意使用者可以取得另一個合法使用者的身份驗證資訊並冒充這個無辜的使用者。在本論文中,我們提出解決方案,以克服我們在Li等學者方法中發現的缺點,使惡意用戶無法獲取閘道節點和無線傳感器間共享的機密,及解決無線傳感器節點偽造等問題,且可確保計算效率並實現更多的安全性。
並列摘要
The Internet of Things (IoT) can be applied to applications in various fields such as industry, transportation, agriculture, medical care, military and public security because IoT enables remote sensing and control in heterogeneous environments. Wireless sensor networks (WSNs) are an important infrastructure in IoT, where a sensor node provides the collected data to authorized users. Because of the resource-constrained nature of sensor nodes such as transmission and computational capabilities and the limited energy, how to ensure both security and efficiency of WSNs in IoT environments becomes a challenge. Recently, Li et al. proposed a three-factor anonymous authentication scheme by adopting a fuzzy commitment scheme and an error correction code to handle the user’s biometric data for WSNs in IoT environments. They claimed their scheme could ensure computational efficiency and achieve more security and functional features. After analyzing their authentication scheme, we find that it cannot ensure security. First, a malicious user can retrieve a sensor node’s secret and impersonate the sensor node. Second, a malicious user can acquire the sensory data without the gateway node even with a forged identity. Third, the malicious user can retrieve another legal user’s essential information for authentication and impersonate this innocent user. In this thesis, we propose a solution to solve the shortcomings that Li et al.’s scheme suffers from. Our improvement can prevent a malicious user from obtaining the secret key shared between the gateway node and a sensor node and resist sensor node and user impersonation attacks. Moreover, the proposed scheme can ensure computational efficiency and achieve a higher security level at the same time.
參考文獻
延伸閱讀
- 李韋翰(2015)。於導入物聯網概念之異質性隨意無線感測網路中建立安全身分驗證暨金鑰協議方法之研究〔碩士論文,國立臺中科技大學〕。華藝線上圖書館。https://doi.org/10.6826/NUTC.2015.00103
- 陳憲廷(2010)。無線感測網路於即時結構安全監測系統之研發〔碩士論文,國立臺灣大學〕。華藝線上圖書館。https://doi.org/10.6342/NTU.2010.10547
- Lin, P. C. (2007). 無線感測網路試驗環境之分析和實作安全程式更新協定 [master's thesis, National Central University]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0031-0207200917351204
- Hsu, M. H. (2016). 建立適用於行動網路的匿名驗證方法之研究 [master's thesis, National Taichung University of Science and Technology]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0061-1507201619074300
- Tai, W. L., Chang, Y. F., & Hou, P. L. (2019). Security Analysis of a Three-factor Anonymous Authentication Scheme for Wireless Sensor Networks in Internet of Things Environments. International Journal of Network Security, 21(6), 1014-1020. https://doi.org/10.6633/IJNS.201911_21(6).15