摘要
使用者認證的安全性乃是建立於密碼的強度,密碼長度夠大則可提供電腦更多安全性上依靠。一個安全的密碼字數長度必須夠長且具有亂數特性,但記憶此種的密碼對於使用者而言是困難的。因此,使用者傾向選擇長度短或者簡單的密碼。圖型密碼是藉由點擊圖像的方式來取代以打字方式輸入密碼的方法,此方法也許可以幫助使用者更容易建立與記憶一個具有安全性的密碼。然而圖型密碼是建立在以圖像為密碼的基礎上雖能提供更多的密碼長度,但圖片過多的問題卻會造成資料庫容量上的負擔。在此篇論文中,我們改進一套名為「PassPoints」的圖型密碼系統,使用資訊隱藏學的方法來克服資料容量負擔的問題。所有資料隱藏的方法都能使用在我們所提出的方法中,並在使用者與提供服務端,兩方建立一個私密金鑰,藉此解決資料庫容量負擔的問題並提出一個安全的通訊協議來抵禦網路各種的攻擊。
並列摘要
The security of authentication is based on password strength, and computer security depends on largely passwords to provide security. A secure password must be long and random, but it is difficult for users to remember passwords. Thus, users tend to choose short or simple passwords. Graphical password is a scheme consisting of clicking on image instead of typing password, it may help users to create easy, memorize easy and have a secure passwords. However, graphical password system is based on the images which can provide large password space; however, too many images will become a big problem to database storage. In this thesis, we improve a graphical system called “PassPoints” and use the steganoaphy techniques to overcome the problem of database storage and provide more secure graphical password scheme than PassPoints. All the information hiding scheme can realize our scheme to build a secret key between users and server to solve the problem of database storage and propose a secure communication protocol to resist attacks on the internet.