- 期刊
ID-based Tripartite Multiple Key Agreement Protocol Facilitating Computer Auditing and Transaction Refereeing
便於線上稽核及交易仲裁之身分基礎式三方金鑰協定
摘要
為了便於電腦稽核或交易仲裁,系統需要保存真實資料。然而,通常通訊雙方會將通訊內容予以加密以防止不法份子之竊聽或攻擊;如此將造成稽核者或仲裁者無法線上即時予以監控或直接介入通訊。此一惱人的問題自從Joux設計出第一個高效率之三方式金鑰協定後,將得以有效的解決。一個三方式金鑰協定允許通訊的三方可以高效率的進行金鑰協議進而對彼此通訊做安全之加密,如此仲裁者或稽核者便可以安全地加入通訊雙方。然而,現今已發表之三方金鑰協定仍存在著諸多的安全弱點。此篇論文將檢視一些近日發表論文之弱點,並提出一新的機制以改善安全功能及效率。我們將在修訂之Bellare-Pointcheval-Rogaway模型中證明此協定的安全。
並列摘要
Computer auditing and transaction refereeing require the system to keep genuine records. However, it is difficult for an auditor or a referee to on-line audit the contents or involve in the communication while the communication is kept confidential from others. This problem has a promising solution, when Joux proposed the first efficient tripartite key agreement protocol that enables three parties (that might include one referee) to establish a secure session key. However, several published schemes are not secure. This paper examines the weaknesses, and then proposes an ID-based tripartite multiple key agreement protocol to raise the level of security and improve the efficiency. The security is proved in a modified Bellare-Pointcheval-Rogaway model.
參考文獻
延伸閱讀
- Tseng, S. F. (2013). 三方驗證金鑰協議協定之研究 [master's thesis, National Taichung University of Science and Technology]. Airiti Library. https://doi.org/10.6826/NUTC.2013.00015
- Lee, C. F., Chien, H. Y., & Lai, C. S. (2011). 安全的三方式STS金鑰協訂. 資訊管理學報, 18(2), 215-235. https://doi.org/10.6382/JIM.201104.0215
- Chen, J. L. (2020). 在物聯網環境下具有輕量化及洩漏存活特性之以身分為基礎的相互認證及金鑰交換協定 [master's thesis, National Changhua University of Education]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0035-2712202116052105
- 駱政宏(2010)。三方金鑰交換協定的研究〔碩士論文,朝陽科技大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0078-0601201112113286
- Lin, C. H. (2012). 行動環境下基於雙線性配對之具效率且安全的群體金鑰交換協定 [master's thesis, National Tsing Hua University]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0016-2002201315411719