透過您的圖書館登入 IP:3.133.79.70
透過您的圖書館登入
IP:3.133.79.70
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

植基於智慧卡之高效率的遠端身份認證研究

A Study of Efficient Remote User Authentication with Smart Cards

陳惠芳(Hui-Fang Chen)
指導教授 : 黃慧鳳
國立臺中科技大學/資訊學群/資訊工程系碩士班/碩士(2011年)
https://doi.org/10.6826/NUTC.2011.00057
全文下載

摘要

近年來隨著電腦科技的蓬勃發展,網際網路技術快速的興起,帶動了智慧卡在網路上應用的普及,使得使用者對智慧卡使用的安全性也更加重視。因此,需要一個安全的身份驗證機制來確認通訊雙方之身份。 在先前多位學者所提出的方法,都設定智慧卡具有防篡改的功能。然而,目前許多研究指出,秘密訊息存放在智慧卡是有可能被取出的。本研究將計畫提出一個植基於亂數和智慧卡的相互驗證機制,在本研究裡,智慧卡不須具有防篡改的特性,因為即使智慧卡內的資料被取出來,要破解系統安全也是非常困難的,且本機制具有低成本運算、安全有效率,更適合實際應用的環境。 另一方面,為了保護使用者之認證資料不被有心人士追蹤及收集,本研究計畫將提出一個基於橢圓曲線加密(Elliptic curve cryptography,ECC)之動態ID遠端使用者驗證機制。本機制可以抵擋幾個常見的攻擊,例如偽造攻擊、重送攻擊與密碼猜測攻擊等等,並且滿足幾個重要的功能,包括使用者匿名、不需要儲存個人之密碼表、低運算量及會議金鑰的協調產生等特性。 整體而言,本研究將探討一些更有效率且具有低成本運算與低資訊傳輸量的技術應用於使用者端設備較差之環境。相信我們的研究,將更有益於如智慧卡或手機用戶之傳輸的安全。

關鍵字

智慧卡 相互驗證 匿名 動態ID 橢圓曲線

並列摘要

In recent years, the computer technology has developed rapidly, the application of smart card is becoming more and more universality and functionality. Hence, the remote user authentication scheme over an insecure channel has become a major interest. Therefore, the user authentication protocol is the essential security mechanism to create the trust relationship over networks. For the previously proposed schemes based on smart cards which have the tampered resistance assumption for the smart card. However, many researches have shown that the secrets stored in a smart card can be breaches by analyzing the leaked information or monitoring the power consumption. The proposed scheme will propose a new mutual authentication scheme based on nonce and smart cards. In the proposed scheme, the assumption of tampered resistance for smart cards is not essential. The low-computation cost, security, and efficiency of the proposed method are well suited to the practical applications environment. To protect user from tracing, our study will propose a new dynamic-ID remote user authentication based on elliptic curve cryptosystem (ECC). The new schemes can prevent several common attacks such as forgery attack, replay attack and password guessing attack. Overall, this thesis is to investigate more efficient and low communications in hardware-limited users. We want the result of proposed schemes will be more attractive to many electronic transactions.

並列關鍵字

Smart card Mutual authentication Anonymity Dynamic ID Elliptic curves

參考文獻

[21] M. Misbahuddin and C. S. Bindu, “Cryptanalysis of Liao–Lee–Hwang’s Dynamic ID Scheme”, International Journal of Network Security, Vol. 6, pp. 211-213, 2008.
[1] J. Y. Liu, A. M. Zhou, and M. X. Gao, “A New Mutual Authentication Scheme Based on Nonce and Smart Cards”, Computer Communications, Vol. 31, pp. 2205–2209, June 2008.
[2] D. Z. Sun, J. P. Huai, J. Z. Sun, and J. X. Li, “Cryptanalysis of a Mutual Authentication Scheme Based on Nonce and Smart Cards”, Computer Communications, Vol. 32, No. 6, pp. 1015-1017, April 2009.
[3] T. S. Messergers, E. A. Dabbish, and R. H. Sloan, “Examining Smart Card Security Under the Threat of Power Analysis Attacks”, IEEE Tran Transactions on Computer, Vol. 50, No. 1, pp. 541-552, 2002.
[4] M. L. Das, A. Saxena, and V. P. Gulati, “A Dynamic ID-Based Remote User Authentication Scheme,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 2, pp. 629-631, 2004.

延伸閱讀

全文下載