在這篇論文中我們討論在認證的機制中加入〝金鑰更新〞的概念。為了達到UMTS所規範第三代行動通訊系統的安全需求,我們分別針對對稱加密系統與非對稱加密系統提出了新的認證機制。這兩種加密系統都有各自的優點:在對稱加密系統中,整個過程我們只需要一把秘密金匙;而非對稱加密系統則提供了金匙分配的解決方法。但這兩種方法應用在行動通信認證協定時,共同的缺點就是金鑰是永遠不變的,只要入侵者有心就可盜取或推算出金鑰。因此,我們的想法是在加密認證的過程中不斷更新鑰匙,這樣就可以防止駭客的竊取而提供給使用者更安全的通訊環境。我們提出的認證機制的特點就在於認證的過程中同時執行金鑰的更新。在本文中,我們針對第三代行動通訊系統所提出的認證機制,經分析確實能夠達到安全性的需求,符合威脅的準則與目標,同時也是方便而安全的。
The thesis presents the application of Key-Refreshment to the authentication mechanisms. We propose two different authentication mechanisms based on Symmetric-Key and Asymmetric-Key in order to meet the security requirements of the third generation mobile communication system, which is proposed by UMTS. The characteristic of the schemes is that when we go through the authentication process, it also performs Key-Refreshment mechanism. The users will use different key to encrypt their private messages every time when they access to the network for authentication request. It will prevent users’ private information from eavesdropping and grabbing by intruders, so it will provide more secure communication channel for users. The proposed authentication protocols will be analyzed that it achieves the critical goals of the requirements of security and threat, meanwhile, these protocols are efficient and secure enough.