ETRI-Knowledge Sharing Plaform



논문 검색
구분 SCI
연도 ~ 키워드


학술지 Two-Factor Fuzzy Commitment for Unmanned IoT Devices Security
Cited 26 time in scopus Download 10 time Share share facebook twitter linkedin kakaostory
최두호, 서승현, 오윤석, 강유성
IEEE Internet of Things Journal, v.6 no.1, pp.335-348
18HH1300, 사물인터넷 디바이스 안전한 키은닉 기술 연구, 강유성
To create an environment for IoT devices, securely, it is necessary to establish a cryptographic key for those devices. Conventionally, this key has been stored on the actual device, but this leaves the key vulnerable to physical attacks in the IoT environment. To solve this problem, several research studies have been conducted on how best to conceal the cryptographic key. Recently, these studies have most often focused on generating the key dynamically from noisy data using a fuzzy extractor or providing secure storage using a fuzzy commitment. Thus, far, all of these studies use only one type of noisy source data, such as biometric data or physical unclonable function (PUF). However, since most IoT devices are operated in unmanned environments, where biometric data is unavailable, the method using biometric data cannot be utilized for unmanned IoT devices. Although the method using PUF is applied to these unmanned devices, these are still vulnerable against physical attacks including unintended move or theft. In this paper, we present a novel way to use the fuzzy commitment on such devices, called two-factor fuzzy commitment scheme. The proposed method utilizes two noisy factors from the inside and outside of the IoT device. Therefore, although an attacker acquiring the IoT device can access the internal noisy source, the attacker cannot extract the right key from that information only. We also give a prototype implementation for ensuring the feasibility of our two-factor fuzzy commitment concept by utilizing the image data and PUF data for two noisy factors.
KSP 제안 키워드
Fuzzy extractor, Image data, IoT Devices, IoT environment, Noisy data, Physical attack, Prototype implementation, biometric data, cryptographic key, fuzzy commitment scheme, physical unclonable function(PUF)