- 學位論文
密碼學協定的安全分析之研究
A research on security analyses of cryptographic protocols
摘要
近年來,由於網際網路技術快速地發展,人們得以在網路上進行各種商業行為來提升生活品質與便利性,因此,如何保護在網路上進行商業行為的人以及確保這些商業行為的安全性儼然成為一個重要的議題,故許多電子商務應用及身分驗證機制陸續被提出。在本研究中,首先將介紹近年已發表具代表性的應用研究,針對電子商務應用層面,我們將介紹Chen等人於2011年所提出之具匿名廢除機制的電子現金方法,他們的方法著重於使用者具有匿名性以及公正第三方可以在特定時刻找出電子現金的擁有者以防止電子現金遭到濫用。以及Parakh和Kak於2011年所提出之具隱含資料安全的機密分享方法,Parakh和Kak表示他們的方法實現了隱含的資料安全,同時也提供了潛在的空間效率;而在身分驗證機制方面,我們則介紹2011年Kim等人所提出之植基於Rabin密碼系統的遠端使用者身分驗證方法,Kim等人宣稱他們所提出的方法可抵抗常見的攻擊。 然而,我們發現Chen等人的電子現金方法中,潛藏了一個致命的缺失,透過這個缺失,惡意的商人可以濫用顧客的電子現金且不會被公正第三方發現,相反的,合法的顧客將會被認為是濫用電子現金的人,因為只有顧客的身分被嵌入在電子現金裡而且付費時也沒有確保相互認證。而Parakh和Kak的機密分享方法遭受分支度退化的威脅,這個威脅將危害他們的方法,因為當擁有部份機密的人數不到門檻值時,仍然可以導回原本的機密;另一方面,在Kim等人的相互身分驗證方法中,當使用者想要更改密碼,惡意人士可以在不被使用者與伺服器發現的情況下竄改伺服器傳回給使用者的密碼變更資訊,這個情況將會導致使用者變更密碼之後無法通過伺服器的驗證,於是,使用者將無法登入伺服器。在本研究中,我們將詳細說明所發現的安全缺失,並針對缺失提出改進或是改進建議。
並列摘要
With the rapid development of the Internet technologies recently, various kinds of business activities are done via the Internet for convenience. How to protect the security of users and these activities becomes an important issue. As a result, many e-commerce applications and user authentication schemes have been proposed. In this study, we first introduce three representative schemes for e-commerce applications and user authentication schemes, respectively. The first scheme is an electronic cash scheme providing anonymity revocation proposed by Chen et al. in 2011. Chen et al.’s scheme provides user anonymity and makes a trusted third party able to find the e-cash owner for some special issues to prevent e-cash from being misused. Second, Parakh and Kak proposed two secret sharing schemes for implicit data security in 2011. Parakh and Kak claimed that their secret sharing schemes achieved implicit data security while providing potential space efficiency. The third scheme is a Rabin-cryptosystem-based remote user authentication scheme proposed by Kim et al. in 2011. Kim et al. claimed that their scheme could resist various attacks. However, we find that Chen et al.’s electronic cash scheme suffers from a fatal flaw. Via the security flaw, a malicious merchant can abuse a payer’s e-cash easily and will not be traced by the trustee. Instead, the legal payer’s identity will be traced because only the customer’s identity is embedded in the e-cash and mutual authentication is not ensured in payment phase. Parakh and Kak’s secret sharing schemes suffer from degree degeneration. This flaw may fatally damage their schemes because the shared secret can be retrieved when the number of involved shareholders is less than the legality threshold. On the other hand, when a user wants to change his/her password in Kim et al.’s authentication scheme, an attacker can intercept the message and send a fabricated message to user without being noticed. After password change phase, a legal user cannot be authenticated by the remote server successfully. Thereupon, the legal user cannot login to the server. In this study, the found security flaws will be shown in detail, and some suggestions and an improvement will be given.
參考文獻
延伸閱讀
- Wang, M. Y. (2009). 密碼演算法與網路安全協定之可擴充性架構 [doctoral dissertation, National Tsing Hua University]. Airiti Library. https://doi.org/10.6843/NTHU.2009.00708
- Shen, C. C. (2009). 通訊系統之密碼學秘密分享應用機制研究 [master's thesis, National Tsing Hua University]. Airiti Library. https://doi.org/10.6843/NTHU.2009.00581
- Chen, L. T. (2018). 密碼學在通行碼、GSM與模糊協定之應用 [master's thesis, Chung Yuan Christian University]. Airiti Library. https://doi.org/10.6840/cycu201800516
- Kao, W. H. (2021). 密碼學在交互式零知識證明協定之應用 [master's thesis, Chung Yuan Christian University]. Airiti Library. https://doi.org/10.6840/cycu202100511
- 李洋漢(2021)。A Study of Fault Injection Attacks on Modern Cryptographic Algorithms〔碩士論文,國立臺灣大學〕。華藝線上圖書館。https://doi.org/10.6342/NTU202100776