研究生: |
鍾佳欽 Chung, Chia-Chin |
---|---|
論文名稱: |
基於後量子密碼學的物聯網資安強化技術 An IoT Security Enhancement using Post-Quantum Cryptography |
指導教授: |
陳伶志
Chen, Ling-Jyh 王超 Wang, Chao |
口試委員: |
陳伶志
Chen, Ling-Jyh 王超 Wang, Chao 楊柏因 Yang, Bo-Yin 賀耀華 Ho, Yao-Hua |
口試日期: | 2022/06/20 |
學位類別: |
碩士 Master |
系所名稱: |
資訊工程學系 Department of Computer Science and Information Engineering |
論文出版年: | 2022 |
畢業學年度: | 110 |
語文別: | 中文 |
論文頁數: | 33 |
中文關鍵詞: | 物聯網 、後量子密碼學 、MQTT 、TLS |
英文關鍵詞: | Internet of Things, Post-Quantum Cryptography, MQTT, TLS |
DOI URL: | http://doi.org/10.6345/NTNU202200999 |
論文種類: | 學術論文 |
相關次數: | 點閱:166 下載:52 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
隨著科技的發展愈加進步、成熟,物聯網的應用也逐漸邁向多元化,於此同時,物聯網安全性的問題也漸漸浮出檯面。物聯網系統中有許多安全性問題有待解決,有鑑於此,物聯網安全需更加重視。如今,由於量子電腦的技術逐漸成熟,對於現有的公鑰密碼系統產生威脅,進而直接影響到TLS協定的安全性,導致物聯網的安全性降低。理想的解決方法是找到一種適用於物聯網且能夠抵抗量子電腦攻擊的輕量級演算法,目前學術界以後量子密碼學 (Post-Quantum Cryptography, PQC) 為主要趨勢,是一種能夠抵抗量子電腦攻擊的公鑰加密演算法。
本研究將支援PQC演算法的TLS協定整合到物聯網常見的MQTT協定上,使得PQC演算法能在物聯網中使用,以強化物聯網安全性。我們進行了PQC演算法在物聯網情境下的性能測試,透過數據分析來比較演算法之間的差異,評估PQC演算法在物聯網的可行性。實驗結果顯示,大多數PQC演算法都保持在可承受的延遲和封包開銷範圍內,一些PQC演算法的表現甚至不遜於傳統的非對稱加密演算法。在應用方面,我們將PQC演算法應用在真實的物聯網系統--空氣盒子上,使得空氣盒子的傳輸通訊更加安全。我們希望這項研究能夠鼓勵更多人將PQC應用到物聯網裝置中,在量子電腦攻擊之前盡快部署。
Internet of Things (IoT) technologies diversify into many aspects of our life due to the development of science and technology. While IoT brings much convenience, security issues have also become drastically more critical. With the growth of quantum computing technology, many commonly used asymmetric encryption algorithms are at stake, which directly affects the security of the TLS protocol. Therefore, it is crucial to find algorithms resilient to quantum computer attacks, namely Post-Quantum Cryptography (PQC).
In this research, we integrate the TLS protocol that supports PQC into the MQTT protocol, which enables IoT devices to utilize PQC to strengthen their security. We conducted a series of performance tests on many different PQC algorithms. The results show that most PQC algorithms can stay within an affordable latency and packet overhead range, and some can perform better than conventional asymmetric encryption algorithms. Finally, to put the PQC algorithms to the test, we apply them to a real-world IoT system, the AirBox. We hope this research will encourage more people to adapt PQC to their IoT devices before quantum computer attacks.
[1] Mekuria, D. N., Sernani, P., Falcionelli, N., & Dragoni, A. F. (2021). Smart home reasoning systems: a systematic literature review. Journal of Ambient Intelligence and Humanized Computing, 12(4), 4485-4502.
[2] Wang, J., Spicher, N., Warnecke, J. M., Haghi, M., Schwartze, J., & Deserno, T. M. (2021). Unobtrusive health monitoring in private spaces: The smart home. Sensors, 21(3), 864.
[3] Friha, O., Ferrag, M. A., Shu, L., Maglaras, L. A., & Wang, X. (2021). Internet of Things for the Future of Smart Agriculture: A Comprehensive Survey of Emerging Technologies. IEEE CAA J. Autom. Sinica, 8(4), 718-752.
[4] Senthil Kumar, A., Suresh, G., Lekashri, S., Babu Loganathan, G., & Manikandan, R. (2021). Smart agriculture system with E–carbage using IoT. International Journal of Modern Agriculture, 10(1), 928-931.
[5] Vishnu, S., Ramson, S. R., Senith, S., Anagnostopoulos, T., Abu-Mahfouz, A. M., Fan, X., ... & Kirubaraj, A. A. (2021). IoT-Enabled solid waste management in smart cities. Smart Cities, 4(3), 1004-1017.
[6] Kondoro, A., Dhaou, I. B., Tenhunen, H., & Mvungi, N. (2021). Real time performance analysis of secure IoT protocols for microgrid communication. Future Generation Computer Systems, 116, 1-12.
[7] Ghazal, T. M., Hasan, M. K., Alshurideh, M. T., Alzoubi, H. M., Ahmad, M., Akbar, S. S., ... & Akour, I. A. (2021). IoT for smart cities: Machine learning approaches in smart healthcare—A review. Future Internet, 13(8), 218.
[8] Khan, M. A., & Salah, K. (2018). IoT security: Review, blockchain solutions, and open challenges. Future generation computer systems, 82, 395-411.
[9] Hassan, W. H. (2019). Current research on Internet of Things (IoT) security: A survey. Computer networks, 148, 283-294.
[10] Shor, P. W. (1999). Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM review, 41(2), 303-332.
[11] Bernstein, D. J. (2009). Introduction to post-quantum cryptography. In Post-quantum cryptography (pp. 1-14). Springer, Berlin, Heidelberg.
[12] Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018
[13] Open Quantum Safe (OQS) project, [Online]. Available: https://openquantumsafe.org (visited on 1/20/2022)
[14] OQS-OpenSSL, [Online]. Available: https://github.com/open-quantum-safe/openssl (visited on 1/20/2022)
[15] Eclipse Mosquitto, [Online]. Available: https://mosquitto.org (visited on 1/25/2022)
[16] liboqs, [Online]. Available: https://github.com/open-quantum-safe/liboqs (visited on 1/20/2022)
[17] Douglas Stebila, Michele Mosca. Post-quantum key exchange for the Internet and the Open Quantum Safe project. In Roberto Avanzi, Howard Heys, editors, Selected Areas in Cryptography (SAC) 2016, LNCS, vol. 10532, pp. 1–24. Springer, October 2017.
[18] MQTT, [Online]. Available: https://mqtt.org (visited on 1/25/2022)
[19] NIST. Post-Quantum Cryptography Standardization, [Online]. Available: https://csrc.nist.gov/Projects/post-quantum-cryptography/post-quantum-cryptography-standardization (visited on 1/20/2022)
[20] BIKE, [Online]. Available: https://bikesuite.org/ (visited on 2/25/2022)
[21] HQC, [Online]. Available: https://pqc-hqc.org (visited on 2/25/2022)
[22] FrodoKEM, [Online]. Available: https://frodokem.org/ (visited on 2/25/2022)
[23] Kyber and Dilithium, [Online]. Available: https://pq-crystals.org (visited on 2/25/2022)
[24] NTRU, [Online]. Available: https://ntru.org (visited on 2/25/2022)
[25] NTRU Prime, [Online]. Available: https://ntruprime.cr.yp.to (visited on 2/25/2022)
[26] SABER, [Online]. Available: https://www.esat.kuleuven.be/cosic/pqcrypto/saber/ (visited on 2/25/2022)
[27] SIKE, [Online]. Available: https://sike.org (visited on 2/25/2022)
[28] Picnic, [Online]. Available: https://microsoft.github.io/Picnic/ (visited on 2/25/2022)
[29] SPHINCS+, [Online]. Available: https://sphincs.org/ (visited on 2/25/2022)
[30] Falcon, [Online]. Available: https://falcon-sign.info (visited on 2/25/2022)
[31] Rainbow, [Online]. Available: https://www.pqcrainbow.org/ (visited on 2/25/2022)
[32] Crockett, E., Paquin, C., & Stebila, D. (2019). Prototyping post-quantum and hybrid key exchange and authentication in TLS and SSH. Cryptology ePrint Archive.
[33] Chen, L. J., Ho, Y. H., Lee, H. C., Wu, H. C., Liu, H. M., Hsieh, H. H., ... & Lung, S. C. C. (2017). An open framework for participatory PM2. 5 monitoring in smart cities. Ieee Access, 5, 14441-14454.