- 學位論文
無線通訊驗證協定之研究
A Research on Authentication Protocols for Wireless Communications
摘要
近幾年,隨著無線通訊科技的迅速發展,多樣化的無線通訊應用被提出,讓人們的生活更為便利。許多使用者藉由行動裝置的無線通訊功能去取得所需的資訊及資源;另一方面,無線射頻辨識、近場通訊等無線通訊技術也被企業所採用,以提供便利及多樣化的商業服務。然而,無線通訊裝置無法進行過於複雜的運算,且資料是透過公開且不安全的通道傳輸,故無線通訊傳輸的安全性為目前需解決的一項難題。. 為了確保被服務提供的對象為合法使用者,身分驗證便成為不可或缺的安全需求。在本研究中,我們針對無線通訊驗證的主題進行討論。Lu等學者在2015年指出Kuo等學者所提出之行動通訊網路驗證方法有安全性缺失後,提出應用於無線通訊的驗證方法並且宣稱此方法可確保安全、匿名性與使用者友善。在分析Lu等學者的方法後,我們發現此方法有三個缺失,(1) 使用者在驗證階段傳送固定的參數,會讓攻擊者可以重送參數,以取得使用者的資訊,(2) 同時也無法提供匿名性,(3) 因為在註冊階段並未將亂數儲存,會導致smart card 無法算出相同的參數。 另一方面,Dass和Om學者也提出應用於無線射頻辨識系統的驗證方法並且宣稱此方法是有效且安全的。在分析Dass和Om學者的方法後,發現此方法在驗證階段無法抵禦偽冒攻擊,攻擊者藉由產生新的亂數便可偽冒使用者。在本研究中,我們將詳細說明Lu等學者為無線通訊所設計之身分驗證方法所遭受的威脅。同時,指出Dass和Om學者所提出在無線射頻辨識系統中的驗證方法所遭受的安全威脅。
並列摘要
Recently, with the rapid growth of wireless communication technologies, various wireless communication applications are proposed to make people’s life more convenient. Many users utilize mobile devices’ wireless communication functions to obtain required information and resources. On the other hand, wireless communication technologies such as radio frequency identification (RFID) and near field communication (NFC) are adopted by enterprises to provide convenient and diverse commercial services. Unfortunately, wireless communication devices cannot execute complex computational operations, and data is transmitted through public but insecure channels. How to ensure the security of wireless communications is an urgent and tough issue to solve. To check the legality of the user, authentication is an essential security requirement. In this thesis, we make discussions on authentication schemes for wireless communications. In 2015, Lu et al. found that Kuo et al.’s mobility network authentication scheme suffers from some flaws and proposed an improvement to ensure security, anonymity, and user-friendly for wireless communications. After analyzing Lu et al.’s scheme, we find that it is vulnerable to three weaknesses. First, it cannot resist replay attack. Second, it cannot ensure user anonymity as claimed. Third, a mobile user may not be authenticated by the home agent because of the lack of one random number chosen in registration phase. On the other hand, Dass and Om proposed an authentication scheme for RFID systems by using pseudorandom number generators (PRNGs) and simple cryptographic operations. After analyzing Dass and Om’s scheme, we find that it suffers from masquerade attack in the authentication process such that an attacker can impersonate a user by generating a new random number. In this thesis, we first explicitly indicate how the found three weaknesses damage Lu et al.’s authentication scheme for wireless communications, and then we show why Dass and Om’s authentication scheme for RFID systems suffers from masquerade attack.
參考文獻
延伸閱讀
- 簡傳益(2011)。無線網路安全認證系統之研究與實作〔碩士論文,元智大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0009-2801201414583090
- (2011)。無線感測網路實作應用之研究。藥毒所專題報導,(101),4-6。https://doi.org/10.29952/YTSCTPT.201104.0003
- Lee, C. Y. (2006). 無線測試系統之測試協定設計及實作 [master's thesis, National Tsing Hua University]. Airiti Library. https://doi.org/10.6843/NTHU.2006.00600
- 游曜丞(2006)。無線感測網路中可靠傳輸協定之探討〔碩士論文,淡江大學〕。華藝線上圖書館。https://doi.org/10.6846/TKU.2006.00740
- Liu, C. S. (2014). A Study of User Authentication for Roaming Service in Wireless Communications [master's thesis, National Tsing Hua University]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0016-2912201413493381