Machine-to-machine (M2M) is an important part of Internet of Things (IoT), and is used to describe those technologies applied in wireless communication automatically between mechanics or electronics instruments. With the rapid development and wide application of the Internet of Things, IETF is assigned to design IPv6 over low power wireless personal area network (6LoWPAN). The address of IPv6 is indefinite, which means it can satisfy addressing requirements for M2M. The 6LoWPAN standard has clarified important issues in M2M, but communication security has not been effectively resolved. In this article, we analyzed the existing security protocol for M2M communication in 6LoWPAN. The analysis result shows that the protocol has the defect of data leakage after the node is captured. In addition, the EAKES6Lo protocol is also vulnerable to sinkhole attacks and plaintext-chosen attacks. Based on the above analysis, an M2M communication mutual authentication protocol based on 6LoWPAN in unattended operation is proposed. The protocol establishes a reasonable secret key distribution mechanism and designs an anti-capture attack detection method for unattended nodes to resist attacks, such as replay attacks, sinkhole attacks, plaintext-chosen attacks, and physical capture attacks. Finally, the security of the protocol is proved by BAN.

机器对机器（M2M）是物联网（IoT）的重要组成部分，用于描述机械或电子仪器之间自动进行无线通信的那些技术。随着物联网的飞速发展和广泛应用，IETF被指派在低功耗无线个人局域网（6LoWPAN）上设计IPv6。IPv6的地址是不确定的，这意味着它可以满足M2M的寻址要求。6LoWPAN标准阐明了M2M中的重要问题，但是通信安全性尚未得到有效解决。在本文中，我们分析了6LoWPAN中用于M2M通信的现有安全协议。分析结果表明，该协议在捕获节点后存在数据泄漏的缺陷。此外，EAKES6Lo协议也容易受到漏洞攻击和明文选择攻击的攻击。基于以上分析，提出了一种基于6LoWPAN的无人值守的M2M通信互认证协议。该协议建立了合理的密钥分发机制，并设计了一种针对无人值守的节点的防捕获攻击检测方法，以抵抗诸如重播，沉陷，明文选择和物理捕获攻击等攻击。最后，通过BAN证明了协议的安全性。该协议建立了合理的密钥分发机制，并设计了一种针对无人值守的节点的防捕获攻击检测方法，以抵抗诸如重播，沉陷，明文选择和物理捕获攻击等攻击。最后，通过BAN证明了协议的安全性。该协议建立了合理的密钥分发机制，并设计了一种针对无人值守的节点的防捕获攻击检测方法，以抵抗诸如重播，沉陷，明文选择和物理捕获攻击等攻击。最后，通过BAN证明了协议的安全性。