透過您的圖書館登入 IP:3.133.141.6
透過您的圖書館登入
IP:3.133.141.6
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

在行動主從式架構下使用者認證和金鑰協議協定之研究

The Study on Some User Authentication and Key Agreement Protocols for Mobile Client-Server Environment

吳佳盈(Chia-Ying wu)
指導教授 : 黃秀園 李正吉
亞洲大學/資訊學院/光電與通訊學系/碩士(2011年)
若您是本文的作者,可授權文章由華藝線上圖書館中協助推廣。
未授權

摘要

隨著網際網路和主從式架構不斷的快速發展,人與人之間即使在不同的地方也可以透過網路舉行會議,利用電子信箱等服務進行溝通、交換訊息。然而,網際網路是一個共享的媒介,可能受到惡意的攻擊者監聽或試圖利用偽冒的方式來欺騙合法的使用者。因此,在主從式環境中,資訊安全是一個很重要的議題。至今,各種通訊協定被提出來並應用在不同的環境中。而大部分的通訊協定都必須滿足兩個最基本的安全標準:第一個是使用者身分認證,系統必須確認雙方的合法性。其次便是金鑰協議,使用者必須共同協議出一把金鑰,並且使用這把金鑰來加/解密所要傳輸的訊息,以防止被竄改或竊聽。 在本論文中,我們將討論三種在行動主從式架構下使用者認證和金鑰協議的協定,並且分別指出他們的安全性弱點。最後我們提出改善的方法。並且,相較於他們提出來的協定,我們的方法更安全、更有效率。

關鍵字

使用者認證 資訊安全 金鑰協議協定 使用者匿名 雙線性 混沌系統

並列摘要

With the rapid development of Internet service the client/server architecture, a lot of people use the Internet to organize a conference or to communicate with each other such as e-mail even though they located in different places in the world. However, the network is a shared medium, so that it’s full of weakness security attacks such as eavesdropping and modification attack. Hence, information security becomes an important issue in the client/server environment. So far, many protocols have been proposed to achieve different purpose. Most of them have to achieve two basic security standards. The first one is user authentication; it allows a server and a login user to authenticate each other over public channels. The second one is key agreement; it is used to derive a shared secure session key by two or more parties, but no party can predetermine the resulting value. Users can securely exchange information over an open network by using the shared session key to encrypt/decrypt secure information. In this study, we will discuss three user authentication and key agreement protocols and point out that their protocols have some security weaknesses. Then we propose our improvement to eliminate the security weakness of their protocols. As compared with their protocols, our proposed schemes are more secure and efficient.

並列關鍵字

User authentication security key agreement protocol user anonymity bilinear pairings chaotic maps

參考文獻

[13] S. Cui, P. Duan, and C. W. Chan, "An efficient identity-based signature scheme with batch verifications," International Conference on Scalable Information Systems, ACM, vol. 152, no. 22, 2006.
[21] G. Fang and G. Huang, "Improvement of recently proposed remote user authentication schemes," http://eprint.iacr.org/2006/200.pdf.
[67] S. Wang, Z. Cao, and F. Cao, "Efficient identity-based authenticated key agreement protocol with PKG forward secrecy," International Journal of Network Security, vol. 7, no. 2, pp. 181-186, 2008.
[1] E. Bresson, O. Chevassut, and D. Pointcheval, "Provably authenticated group Diffie-Hellman key exchange-the dynamic case," Lecture Notes in Computer Science, vol. 2248, pp. 290-309, 2001.
[3] M. Burmester and Y. Desmedt, "A secure and efficient conference key distribution system," Lecture Notes in Computer Science, Springer, Berlin, vol. 950, pp. 275-286, 1994.

延伸閱讀

未授權