在近年來資訊與網路技術的蓬勃發展,使得大眾得以透過網路在各伺服器端之間存取資源,如此便利的方式,當然吸引了更多使用者接觸且頻繁,而衍生出許多安全上的問題,身分驗證成為相當重要的考量,於是有許多學者提出了很多基於智慧卡的身分驗證機制來解決安全性的問題,然而要達到百分之百安全是十分困難的,因此希望能夠針對方法的缺點不斷地改善,盡量達到安全的需求。 由於多重伺服器的架構在近期應用的非常廣泛,所以在智慧卡中保護使用者隱私顯得更為重要,然而,部分的一些身分驗證機制可能在安全性上的考量不夠完善,因此,在本研究中,我們首先提出了改進Lee學者等人的方法,使其更適合於多重伺服器的環境,另一方面,基於橢圓曲線的密碼系統,我們提出更安全的身分驗證機制應用於多重伺服器的環境,以減少偽造伺服器端之問題及保護使用者隱私,來達到安全需求。
In recent years, the development of information and network technology are very well, it is easy to access resources from the server end over the network for any users. However, lots of users frequently get they wanted information from network, it is resulting in many security problem will be happened, the verification of identity is a very important issue. In previous, researcher proposed smart card-based authentication of identity schemes to solve those problems. With the widespread promotion in e-commerce, the number of service servers providing internet applications to the users is usually more than one and hence secure authentication protocols for multi-server environment are required. In this thesis, we will propose two authentication schemes in multi-server environment to remedy the weakness of previously proposed schemes. Compared with the previously proposed schemes, our protocols are more suitable for the user authentication for multi-server environment.