- 學位論文
多因子驗證機制之研究
A Research on Multi-Factor Authentication Schemes
摘要
遠程醫療系統是醫生透過網路對病患進行診斷和醫療建議的一種系統。因為病患與醫生在使用這種系統時,通信的通道是使用公開且不安全的通道,所以需要安全機制來保護通信的安全性。最近Qi學者等人對遠程醫療系統提出了一種基於生物特徵的多重驗證方案。在分析了他們的驗證方案後,我們發現他們的方案會遭受偽造攻擊及阻斷服務攻擊。在本論文中,首先說明這些安全缺失如何攻擊Qi等學者的身分驗證方案,接著提出改善這些缺失的方法。在詳細分析本論文所提出方案後,確信所提出方法可以抵擋常見攻擊,如偽造攻擊及阻斷服務攻擊,且其具備更高的計算效率及安全性。
並列摘要
Telecare medical information system (TMIS) is system for a doctor to make diagnoses and provide treatment advice to a patient via the Internet. Because a patient and a doctor are communicating over a public and insecure channel, security mechanisms are required to protect the security of communication. Recently, Qi et al. proposed a biometrics-based mutual authentication scheme for TMIS. But after analyzing their scheme, we find that their scheme suffers from forgery attack and denial-of-service attack. In this thesis, we show how these found security flaws damage Qi et al.’s scheme and propose an improvement to overcome the flaws. After analyzing our scheme thoroughly, it is ensured that the proposed scheme can resist common attacks such as forgery attack and denial-of-service attack. Moreover, it possesses higher computational efficiency and achieves a higher security level.