近年來,物聯網(IoT)的技術迅速發展,在透過使用無線射 頻識別(RFID)和無線感測網路與雲端運算相結合,將可利用物 聯網建設各種智慧環境,如智慧醫療及智慧交通系統等,另一 方面,在考量 IoT 裝置有限計算能力下,如何提供一個輕量且 安全的 IoT 遠端認證機制維持資訊安全的環境就益顯重要。 已有許多學者提出 IoT 認證機制的研究成果,其中 2018 年 Amin 等人指出 Xue 等人及 Chuang 等人所提出的認證機制有不 具使用者匿名性及內部攻擊等的弱點,並提出一個改良新機 制。Li 等人亦於同年指出 Jiang 等人提出的機制,具有無法檢測 未經授權登錄及會期金鑰易被攻擊等弱點,並提出一個改良新 機制。但經本研究發現,Amin 等人的機制仍存在內部攻擊及使 用者匿名性等問題, Li 等人機制亦有類似問題。因此,本研究 藉由上述機制弱點分析的結果,提出一個增強的輕量 IoT 認證 機制,並經由安全性及效能分析,證明所提機制符合 IoT 認證 的安全需求,將更適用於真實環境中。
In recent years, the technology of the Internet of Things (IoT) develops rapidly. By combining radio frequency identification (RFID) and wireless sensing networks with cloud computing, the Internet of Things can be used to build smart environments such as intelligent health and transportation system, etc. On the other hand, cosidering the limited computing capability of IoT devices, it is essential to provide a lightweight and secure IoT remote authentication scheme to satisfy the security requirement. Many scholars have proposed the research results of the IoT authentication mecha-nism. In 2018, Amin et al. pointed out that the authentication scheme proposed by Xue et al. and Chuang et al. has weaknesses such as user anonymity and internal at-tacks, and proposes an improved scheme. In the same year, Li et al. pointed out the Jiang et al.’s scheme, which has the weakness of being unable to detect unauthorized login and the vulnerability of the session key and also proposes a new mechanism. However, we find the schemes of Amin et al. still has internal attacks and user ano-nymity, and Li et al. have similar problems. Therefore, this study proposes an en-hanced lightweight IoT authentication mechanism based on the results of the security analysis of previous schemes and proves the proposed scheme provides the security requirements of IoT authentication through security and efficient analysis and will be more suitable for the real world.
