- 學位論文
可抵擋旁路攻擊具有洩漏存活特性之免憑證可認證式金鑰交換協定
A Leakage-Resilient Certificateless Authenticated Key Exchange Protocol Withstanding Side-channel Attacks
摘要
免憑證公鑰密碼學(Certificateless public-key cryptography)已經克服了傳統公鑰密碼學的憑證使用及以身份為基礎公鑰密碼學(ID-based public-key cryptography)的金鑰託管問題。免憑證可認證式金鑰交換(Certificateless authenticated key exchange,以下簡稱CLAKE)協定是免憑證公鑰密碼學的一個重要基礎,它可以讓兩個參與者建立一把會話金鑰(session key)並互相認證。而目前現有的公鑰密碼學都會遭遇到一種新型的攻擊,即旁路攻擊(side-channel attacks)。幸運的是,具有洩漏存活特性之密碼學是一個能夠有效抵擋旁路攻擊的方法。到目前為止,已經有許多具有洩漏存活特性的密碼機制或協定被提出,而且同時保留了他們的原始功能。最近,兩種具有洩漏存活特性的免憑證公鑰密碼機制被提出,即洩漏存活免憑證簽章(leakage-resilient certificateless signature,簡稱LR-CLS)和加密(leakage-resilient certificateless encryption,簡稱LR-CLE)。然而,洩漏存活免憑證可認證式金鑰交換協定(即LR-CLAKE)的設計仍未被提出。在本論文中,藉著擴展著名的extended-Canetti–Krawczyk(eCK)模型,我們首先定義了一個新型的攻擊者模型,稱為連續洩漏存活(continual-leakage-resilient eCK,簡稱CLReCK)模型;同時,提出第一個可抵擋旁路攻擊的LR-CLAKE協定,以填補洩漏存活免憑證公鑰密碼學中的空缺。最後,藉著使用generic bilinear group(GBG)模式進行安全性分析,證明所提出的協定在CLReCK模型下是安全的。
並列摘要
Certificateless public-key cryptography has conquered both the certificate management problem in the traditional public-key cryptography and the key escrow problem in the ID-based public-key cryptography. Certificateless authenticated key exchange (CLAKE) protocol is an important primitive of the certificateless public-key cryptography. A CLAKE protocol is employed to provide both mutual authentication and establishing a session key between two participators. Indeed, all conventional public-key cryptographies have encountered a new kind of attack, named “side-channel attacks”. Fortunately, leakage-resilient cryptography is a flexible approach to withstand such attacks. Numerous leakage-resilient cryptographic mechanisms withstanding side-channel attacks have been proposed while remaining the original functionalities of these cryptographic mechanisms. Very recently, two primitive schemes of the leakage-resilient certificateless public-key cryptography, namely, several leakage-resilient certificateless signature (LR-CLS) or encryption (LR-CLE) schemes were proposed. However, the design of leakage-resilient CLAKE (LR-CLAKE) protocols is not studied. In the thesis, by extending the well-known extended-Canetti–Krawczyk (eCK) model, we present the security notions of LR-CLAKE protocols, called continual-leakage-resilient eCK (CLReCK) model. The first LR-CLAKE protocol withstanding side-channel attacks is proposed. By employing the proof technique of the generic bilinear group (GBG) model, we formally prove the security of our protocol in the CLReCK model.
參考文獻
延伸閱讀
- Lin, I. H. (2010). 一種動態的金鑰管理及備用雙層資料匯集網格無線感測網路之研究 [master's thesis, Chaoyang University of Technology]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0078-2611201410130881
- Chen, J. L. (2020). 在物聯網環境下具有輕量化及洩漏存活特性之以身分為基礎的相互認證及金鑰交換協定 [master's thesis, National Changhua University of Education]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0035-2712202116052105
- 李正吉、吳秉憲、李俊達(2011)。一具匿名性及安全性金鑰交換協定於網路電視廣播系統之研究。載於中華民國資訊安全學會(主編),全國資訊安全會議(頁449-458)。中華民國資訊安全學會。https://doi.org/10.29615/CISC.201105.0449
- WEI, F. S., JIANG, Q., ZHANG, R. J., & MA, C. G. (2017). A Privacy-Preserving Multi-Factor Authenticated Key Exchange Protocol with Provable Security for Cloud Computing. Journal of Information Science and Engineering, 33(4), 907-921. https://doi.org/10.6688/JISE.2017.33.4.3
- Mohamed, M., Wang, X., & Zhang, X. (2018). Adaptively-Secure Authenticated Key Exchange Protocol in Standard Model. International Journal of Network Security, 20(2), 345-358. https://doi.org/10.6633/IJNS.201803.20(2).16