Jin-Ze Du Jin-Ze Du, Jun-Wei Liu Jin-Ze Du, Tao Feng Jun-Wei Liu, Zhan-Ting Yuan Tao Feng
{"title":"Z-Wave协议的形式化分析与改进","authors":"Jin-Ze Du Jin-Ze Du, Jun-Wei Liu Jin-Ze Du, Tao Feng Jun-Wei Liu, Zhan-Ting Yuan Tao Feng","doi":"10.53106/199115992023083404003","DOIUrl":null,"url":null,"abstract":"\n In order to verify the security of the Z-Wave communication protocol, the possible attacks in the protocol are analyzed to reduce user privacy security vulnerabilities. For the communication process and key exchange process between the controller and the node, this paper uses CPN tools to model the Z-Wave S2 protocol, and introduces the Dolev-Yao attack model to verify the security behavior of the protocol. The results show that there is a man-in-the-middle attack when using S2 authentication for device inclusion. In response to this vulnerability, we propose a lightweight static authentication scheme based on HKDF function and XOR operation, which performs authentication between Z-Wave controller and slave device. Secondly, we formally verify the security objectives of the improved scheme, and prove that the optimization scheme can effectively prevent man-in-the-middle attacks in the S2 security mode. \n \n","PeriodicalId":345067,"journal":{"name":"電腦學刊","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Formal Analysis and Improvement of Z-Wave Protocol\",\"authors\":\"Jin-Ze Du Jin-Ze Du, Jun-Wei Liu Jin-Ze Du, Tao Feng Jun-Wei Liu, Zhan-Ting Yuan Tao Feng\",\"doi\":\"10.53106/199115992023083404003\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"\\n In order to verify the security of the Z-Wave communication protocol, the possible attacks in the protocol are analyzed to reduce user privacy security vulnerabilities. For the communication process and key exchange process between the controller and the node, this paper uses CPN tools to model the Z-Wave S2 protocol, and introduces the Dolev-Yao attack model to verify the security behavior of the protocol. The results show that there is a man-in-the-middle attack when using S2 authentication for device inclusion. In response to this vulnerability, we propose a lightweight static authentication scheme based on HKDF function and XOR operation, which performs authentication between Z-Wave controller and slave device. Secondly, we formally verify the security objectives of the improved scheme, and prove that the optimization scheme can effectively prevent man-in-the-middle attacks in the S2 security mode. \\n \\n\",\"PeriodicalId\":345067,\"journal\":{\"name\":\"電腦學刊\",\"volume\":\"21 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"電腦學刊\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.53106/199115992023083404003\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"電腦學刊","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.53106/199115992023083404003","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Formal Analysis and Improvement of Z-Wave Protocol
In order to verify the security of the Z-Wave communication protocol, the possible attacks in the protocol are analyzed to reduce user privacy security vulnerabilities. For the communication process and key exchange process between the controller and the node, this paper uses CPN tools to model the Z-Wave S2 protocol, and introduces the Dolev-Yao attack model to verify the security behavior of the protocol. The results show that there is a man-in-the-middle attack when using S2 authentication for device inclusion. In response to this vulnerability, we propose a lightweight static authentication scheme based on HKDF function and XOR operation, which performs authentication between Z-Wave controller and slave device. Secondly, we formally verify the security objectives of the improved scheme, and prove that the optimization scheme can effectively prevent man-in-the-middle attacks in the S2 security mode.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
