fa روشی جدید برای احراز هویت دوطرفه در اینترنت اشیا مقالات گروه امنیت اطلاعات Paper پژوهشي Research <div style="text-align: justify;"><span style="font-size:12pt"><span style="direction:rtl"><span style="unicode-bidi:embed"><span new="" roman="" style="font-family:" times=""><b><span lang="FA" style="font-size:10.0pt"><span b="" nazanin="" style="font-family:">امروزه شاهد گسترش خدمات مختلف اینترنت اشیا در حوزه‌های مختلف از قبیل نظارت و سلامت هستیم. این خدمات از طریق دستگاه‌های هوشمند در هر مکان و زمانی می‌تواند در دسترس کاربران قرار گیرند. این در حالی است که این دسترسی‌ها می‌تواند مسأله امنیت و حریم خصوصی را به امری حساس و حیاتی تبدیل کند. گزارش‌های دریافتی نشان می‌دهد که تعداد دستگاه‌های اینترنت اشیا تا سال 2030 به عدد 44/25 بیلیون خواهد رسید و این در حالی است که 26% حملات اینترنت اشیا در سال 2019 مربوط به عدم احراز هویت بوده است. به همین دلیل احراز هویت کاربران در اینترنت اشیا به یکی از حساس‌ترین مفاهیم امنیتی تبدیل شده است. در این مقاله یک پروتکل احراز هویت دوطرفه دستگاه‌به‌دستگاه برای شبکه‌های خانگی هوشمند، ارائه شده است. این پروتکل بر اساس رمزنگاری نامتقارن برای احراز هویت دستگاه‌های موجود در شبکه طراحی شده و در آن تمامی دستگاه‌ها یک کلید جلسه خصوصی مشترک دارند. برای حصول اطمینان از امنیت ارتباط‌ها در هر جلسه، کلیدهای جلسه پس از هر جلسه ارتباطی، تغییر می‌کنند. برنامه‌نویسی طرح پیشنهادی به‌وسیله </span></span></b><b><span dir="LTR" style="font-size:8.0pt"><span bold="" new="" roman="" style="font-family:" times="">HLPSL</span></span></b><b><span lang="FA" style="font-size:10.0pt"><span b="" nazanin="" style="font-family:">، شبیه‌سازی و ارزیابی بهینگی با ابزار </span></span></b><b><span dir="LTR" style="font-size:8.0pt"><span bold="" new="" roman="" style="font-family:" times="">SPAN</span></span></b><b><span style="font-size:10.0pt"><span b="" nazanin="" style="font-family:"> و </span></span></b><b><span dir="LTR" style="font-size:8.0pt"><span bold="" new="" roman="" style="font-family:" times="">AVISPA</span></span></b><b><span style="font-size:10.0pt"><span b="" nazanin="" style="font-family:"> انجام شده است. تحلیل‌های امنیتی نشان می‌دهد که پروتکل پیشنهادی در مقابل حملات امنیتی، پایداری خود را حفظ می‌کند.</span></span></b></span></span></span></span></div> <div style="text-align: justify;"><span style="font-size:12pt"><span new="" roman="" style="font-family:" times=""><b><span style="font-size:10.0pt"><span bold="" new="" roman="" style="font-family:" times=""><span style="color:black">Today, we are witnessing the expansion of various Internet of Things (IoT) applications and services such as monitoring and health. These services are delivered to users via smart devices anywhere and anytime. Forecasts show that the IoT, which is controlled online in the user environment, will reach 25 billion devices worldwide by 2020. </span></span></span></b></span></span><br> <span style="font-size:12pt"><span new="" roman="" style="font-family:" times=""><b><span style="font-size:10.0pt"><span bold="" new="" roman="" style="font-family:" times=""><span style="color:black">Data security is one of the main concerns in the IoT. The IoT is supposed to deal with a population of about billions of objects, so the number of malicious attacks can be very high and alarming given the global connection (anyone access) and the wide availability (access to any place at any time). However, these accesses can make security and privacy critical. Reports show that 26% of IoT attacks in 2019 were related to non-authentication, which is why IoT authentication has become one of the most sensitive security concepts. IoT devices are usually left unattended and this makes it easy for an attacker to target such equipment. For example, security breaches and unwanted changes in patient&#39;s health parameters in smart health care systems can cause wrong treatments or even lead to his death. The fact that each device in the IoT knows who it is communicating with and at what level of access is one of the important aspects of security, especially in cases where various devices with different capabilities have to perform common tasks and cooperate with each other. IoT authentication is a trust model to protect control access and data when information travels between devices.</span></span></span></b></span></span><br> <span style="font-size:12pt"><span new="" roman="" style="font-family:" times=""><b><span style="font-size:10.0pt"><span bold="" new="" roman="" style="font-family:" times=""><span style="color:black">So far, different methods have been proposed for authentication in the IoT network. These methods are usually based on the public key, private key, random key distribution, and hash function. A point that should be taken into account in IoT authentication is that IoT networks and devices have limited bandwidth, low memory, low processing power, and energy limitations. Therefore, the proposed method should pay special attention to such limitations. In addition, IoT authentication needs to ensure enhanced security features such as confidentiality, data integrity, reliability, maintainability, scalability, and privacy to their consumers. </span></span></span></b></span></span><br> <b><span style="font-size:10.0pt"><span bold="" new="" roman="" style="font-family:" times=""><span style="color:black">This paper proposes a two-way or mutual authentication protocol in which both devices authenticate each other without human intervention in a smart home network. The proposed protocol is based on asymmetric encryption for authentication of devices, which have a shared private session key, along with hashing operations in the network. Also, to ensure the security of communications at each session, each device has a one-time private session key. The session keys are changed regularly to ensure the security of sessions between devices. The proposed protocol is programmed by HLPSL and simulated and verified by the SPAN and AVISPA tools. The security analysis results show the proposed protocol is extremely practical, and secure against potential attacks.</span></span></span></b></div> اینترنت اشیا, پروتکل احراز هویت, رمزنگاری, امنیت, AVISPA Internet of Things, Authentication protocol, Cryptography, Security,AVISPA 73 86 http://jsdp.rcisp.ac.ir/browse.php?a_code=A-10-854-6&slc_lang=fa&sid=1 Payam Mahmoudi-Nasr پیام محمودی نصر p.mahmoudi@umz.ac.ir 100319475328460011235 100319475328460011235 Yes University of Mazandaran دانشکده مهندسی و فناوری، دانشگاه مازندران Hossein Kimia حسین کیمیا hosseinkimia@gmail.com 100319475328460011236 100319475328460011236 No 2Mazandaran Institute of Technology مؤسسه آموزش عالی صنعتی مازندران