Journal of Information Security Research ›› 2019, Vol. 5 ›› Issue (10): 918-923.

Previous Articles     Next Articles

Security Analysis of IoT Device Identity Authentication


  • Received:2019-10-08 Online:2019-10-15 Published:2019-10-08



  1. 1. 国民技术股份有限公司
    2. 国民技术股份有限公司
  • 通讯作者: 杨威
  • 作者简介:杨威 硕士,安全分析工程师,主要研究方向为物联网安全. 王宇建 硕士,国民技术股份有限公司安全技术中心总监,主要研究方向为侧信道攻击与防御. 吴永强 学士,安全分析工程师,主要研究方向为物联网安全.

Abstract: The development of the Internet of things (IoT) has led to the emergence of a large number of smart home devices on the market, which greatly improved the quality of our lives. As the key entry device in smart home and the first line of defense for home security, smart door locks have become the focus of security researchers. Smart door locks are essentially fixed devices that require authentication credentials to be opened, and integrate multiple digital authentication technologies. They are also an excellent object to study the security of identity authentication for IoT devices. In this paper, smart door lock is taken as an example to analyze the security of identity authentication through attack experiments. According to the analysis results, several security risks faced by identity authentication are summarized, and security recommendations are given for these security risks.

Key words: Internet of things (IoT), identity authentication, information security, smart door lock, authentication method

摘要: 物联网的发展使得市场上涌现了大量智能家居设备,极大地提升了人们的生活质量.智能门锁作为智能家居中的关键入口设备和家庭安全的第1道防线,成为安全研究人员十分关注的对象.智能门锁本质上是需要身份认证的凭据才能开启的固定装置,且集成了多种数字化身份认证技术,也是研究物联网设备身份认证安全性的绝佳对象.以多款智能门锁为例,通过攻击实验分析了其身份认证的安全性,根据分析的结果,总结了几种身份认证技术面临的安全风险,并针对这些安全风险给出了安全防范的建议.

关键词: 物联网, 身份认证, 信息安全, 智能门锁, 认证方法