- 學位論文
智慧卡下有效率具不可追蹤性之密碼認證機制
An Efficient and Untraceable Password-Authenticated Key Agreement Using Smart Cards
摘要
近年來,隨著智慧卡在身分敏感的登入認證系統之應用,有效率的互相認證與會議鑰匙產生協議皆是重要的安全議題。2010年,Li et al.研究提出了對JCL演算法的修正版,以滿足匿名性及不可追蹤性,加強了使用者身分的保護,但Li et al.及JCL方法中,在雙方通訊過程所伴隨的高溝通和運算成本,與智慧卡晶片處理器的處理限制不符。且為了達到不可追蹤性之安全水準,必須符合在Li et al.演算法認證資訊的設計條件下,降低了登入認證系統彈性,因此本論文針對Li et al.演算法加以改進,讓智慧卡登入認證系統在滿足不可追蹤性下,並具有更好的效能與系統彈性。 本論文提出一個以亂數方式產生動態密碼的演算法,結合了線性反饋位移暫存器(LFSR)的虛擬亂數(Pseudorandom)演算法之概念,將每回合產生具不可追蹤性之亂數作為認證資訊。在登入階段,以動態密碼作為互相認證的因子,通過互相認證協議出會議鑰匙減少了三分之一的通訊回合。 在效能評估上,透過認證過程所需消耗的溝通成本與運算成本,以及各階段實際執行時間進行比較。實驗結果顯示,本論文相較於Li et al.演算法,不僅同樣滿足匿名性和不可追蹤性,在登入階段減少了通訊回合數,降低溝通和運算成本,如此,可達到效率及效能兼具的智慧卡登入認證系統。
並列摘要
Mutual Authentication and session key agreement based smart card became a strong security way in remote login authentication system. In 2010, Li et al. remedy JCL scheme provides initiator untraceable property to strength the identity protection. Owing to Li et al. scheme accompany high computation and communication cost over the communication channel, this was a conflict with smart cards embedded processors capability. Furthermore, the proposed mechanism for untraceability property lack some sort of flexibility in authentication message configuration and encryption algorithms chosen. In this paper, we proposed an One Time Password (OTP) mechanism embedded on both the smart card and the login server. Linear Feedback Shift Register (LFSR) algorithm was used as an OTP generator to produce pseudo-randomness sequences. In each authentication session, activated by on the same initial seed, smart card/severs generate the corresponding one time password for mutual authentication usage. Analysis results show that, when compared with Li et al. remedy JCL scheme, the number of communication session in the login phase decrease by one-third. And if both run under the same chosen functions, the overall computation cost in login phase decrease by two-thirds. Furthermore, we “remedy” the Li et al. scheme by changing the order of message not only achieved untraceability property but also increase the flexibility within the authentication system.
參考文獻
延伸閱讀
- 廖鴻圖、林建福、蕭麗齡、鄭惠菱(2007)。使用智慧卡之通行碼身分鑑別協定。資訊管理學報,14(3),179-196。https://doi.org/10.6382/JIM.200707.0179
- Wei, W. C. (2007). 高效率之遠端身份認證協定應用於智慧卡之研究 [master's thesis, National Taichung University of Science and Technology]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0061-1811200915323636
- Chen, T. H. (2010). 智慧卡密碼驗證機制通訊協定之應用與研究 [doctoral dissertation, National Tsing Hua University]. Airiti Library. https://doi.org/10.6843/NTHU.2010.00619
- Wu, S. T., & Chieu, B. C. (2002). 以智慧卡實現門檻方法之橢圓曲線密碼系統. 宜蘭技術學報, (9), 1-10. https://doi.org/10.6179/nit.eec.2002.09.11
- Ramasamy, R., & Muniyandi, A. P. (2012). An Efficient Password Authentication Scheme for Smart Card. International Journal of Network Security, 14(3), 180-186. https://doi.org/10.6633/IJNS.201205.14(3).07