مشاهداتی روی یک طرح احراز اصالت سبک‌وزن با قابلیت گمنامی و اعتماد در اینترنت اشیا

پروتکل‌های احراز اصالت و توافق کلید (aka)  نقش مهمی در امنیت اینترنت اشیا (iot) دارند. شبکه‌های حسگر بی‌سیم (wsn) یک مولفه مهم در برخی کاربردهای iot هستند. در سال 2019، جانبابائی و همکاران یک پروتکل aka سبک‌وزن برای wsn ارائه و ادعا کردند ویژگی‌های امنیتی مانند گمنامی و محرمانگی را تامین می‌کند. در این مقاله، چند آسیب‌پذیری مهم و غیر بدیهی از این طرح ارائه می‌شود. دقیق‌تر اینکه نشان داده می‌شود هنگام برقراری نشست با استفاده از این پروتکل، یک حسگر بدخواه می‌تواند پارامترهای محرمانه یک حسگر دیگر را به دست آورد. علاوه بر این نشان داده می شود یک مهاجم با داشتن تنها یک کلید نشست شناخته شده، می تواند هر کلید نشست دیگر توافق شده میان حسگرها را به دست آورد. با توجه به این ضعف ها، حملاتی مانند حمله جعل گره حسگر و مردی در میانه روی پروتکل جانبابائی و همکاران عملی است و می توان نشان داد این طرح، بر خلاف ادعای مولفان، نمی تواند ویژگی گمنامی گره های حسگر را تامین کند. ضعف مهم این طرح مربوط به انتقال کلید نشست بدون استفاده از تابع چکیده‌ساز روی آن است که برای رفع آن یک پیشنهاد ساده ارائه می شود.

some observations on a lightweight authentication scheme with capabilities of anonymity and trust in internet of things (iot)

over the last years‎, ‎the concept of internet of things (iot) leads to a revolution in the communications of humans and things. ‎security and efficiency could be the main challenges of that communication‎‎. ‎‎on the other hand, ‎ authenticity and confidentiality are two important goals to provide desired security in an information system‎, including iot-based applications. an authentication and key agreement (aka) protocol is a tool to ‎achieve authenticity and agree on a secret key to reach confidentiality. therefor using a secure aka protocol, one can establish the mentioned security. ‎in the last years‎, ‎several articles have discussed aka protocols in the wsn‎. ‎for example‎, ‎in 2014‎, ‎turkanovic et al‎. proposed a new aka scheme for the heterogeneous ad-hoc wsn. ‎in 2016‎, ‎sabzinejad et al‎. presented an improved one. ‎in 2017‎, ‎jiang et al‎. introduced a secure aka protocol‎. ‎some other aka protocols have presented in the last three years. ‎all the mentioned protocols are lightweight ones and need minimum resources and try to decrease the computation and communication costs in the wsn context‎.‎in 2019‎, ‎janababaei et al. proposed an aka scheme in the wsn for the iot applications, in the journal of signal and data processing (jsdp)‎. ‎in the context of efficiency‎, ‎the protocol only uses a hash function‎, ‎bitwise xor‎, ‎and concatenation operation‎. ‎hence‎, ‎it can be  considered as a lightweight protocol‎. ‎the authors also discussed the security of their scheme and claimed that the proposed protocol has the capability  to offer anonymity and trust and is secure against traceability‎, ‎impersonation‎, ‎reply and man in the middle attacks‎. ‎however, despite their claims‎, ‎this research highlights some vulnerabilities in that protocol, for the first time to the best of our knowledge‎. more precisely, we showe that a malicious sensor node can find the secret parameters of another sensor node when it establishes a session with the victimized sensor. besides, an adversary can determine any session key of two sensor nodes, given only a known session key of them. we also show that the protocol could not satisfy the anonymity of the sensor nodes. other attacks which influence the janababaei et al.’s scheme, are impersonation attack on the sensor nodes and cluster heads and also the man in the middle attack.in this paper we find that the main weaknesses of the janababaei et al.’s protocol are related to computation of the session key, . we also propose a simple remedy to enhance the security of the janababaei et al.’s protocol. ‎an initial attempt to improve the protocol is using a hash function on the calculated key, . this suggestion is presented to enhance the security of the protocol against the observed weaknesses in this paper; but it does not mean that there are no other security issues in the protocol. therefore, modification and improvement of the janababaei et al.’s protocol such that it provides other security features can be considered in the future research of this paper. besides, since in this paper we focus on the security of the protocol, then the efficiency of it was not discussed. therefore one can consider the modification of the message structure of the protocol to reduce the computational and telecommunication costs of it as another future work in the context of this paper.