臺灣博碩士論文加值系統

English |FB 專頁 |Mobile

免費會員登入| 註冊

功能切換導覽列

(216.73.216.110) 您好！臺灣時間：2025/09/29 04:52

字體大小：

:::

詳目顯示

第 1 筆 / 共 1 筆

/1頁

論文基本資料
摘要
外文摘要
目次
參考文獻
紙本論文
QR Code

本論文永久網址:

研究生:

陳勇志

研究生(外文):

Yung-Chih Chen

論文名稱:

IEEE802.11無線區域網路下具生物特徵隱私保護之擴展認證協定方法

論文名稱(外文):

An EAP Method with Biometrics Privacy Preserving in IEEE802.11 Wireless LANs

指導教授:

范俊逸

指導教授(外文):

Chun-I Fan

學位類別:

碩士

校院名稱:

國立中山大學

系所名稱:

資訊工程學系研究所

學門:

工程學門

學類:

電資工程學類

論文種類:

學術論文

論文出版年:

2009

畢業學年度:

語文別:

英文

論文頁數:

中文關鍵詞:

無線區域網路、認證機制、擴展認證協定、低計算成本、前推私密性、通行碼、生物特徵

外文關鍵詞:

Extensible Authentication Protocol (EAP)、Lightweight Computation、Wireless Local Area Networks (WLANs)、Three-Factor Authentication、Forward Secrecy

相關次數:

被引用:0
點閱:325
評分:
下載:0
書目收藏:0

當使用者想要在無線區域網路上取得服務，採取認證機制是必要的，擴展認證協定是
廣泛用在無線區域網路的一個認證架構，建立在擴展認證協定上的認證機制就叫做擴
展認證協定方法，在無線區域網路上的擴展認證協定方法之需求定義在RFC4017上，
此外，沒定義在RFC4017 上之需求如：低計算成本和前推私密性，在無線區域網路上
的認證也是相當重要的，然而到目前為止，所有為無線區域網路所設計的擴展認證協
定方法和認證協定都沒有達到上述的需求，因此我們提出了一個擴展認證協定方法，
利用三因子，儲存的秘密、通行碼和生物特徵來驗證使用者，我們所提出的方法完全
滿足RFC4017的需求、前推私密性和低運算量特性，此外，我們也對生物特徵的隱私
進行保護，使得認證伺服器並不知道使用者的生物特徵，另外，認證伺服器可以彈性
的決定是否通行碼和生物特徵在每個回合被認證。

It is necessary to authenticate users when they want to access services in WLANs. Extensible
Authentication Protocol (EAP) is an authentication framework widely used in WLANs. Authentication
mechanisms built on EAP are called EAP methods. The requirements for EAP
methods in WLAN authentication have been defined in RFC 4017. Besides, low computation
cost and forward secrecy, excluded in RFC 4017, are noticeable requirements in WLAN authentication.
However, all EAP methods and authentication schemes designed for WLANs so
far do not satisfy all of the above requirements. Therefore, we will propose an EAP method
which utilizes three factors, stored secrets, passwords, and biometrics, to verify users. Our
proposed method fully satisfies 1) the requirements of RFC 4017, 2) forward secrecy, and
3) lightweight computation. Moreover, the privacy of biometrics is protected against the authentication
server, and the server can flexibly decide whether passwords and biometrics are
verified in each round or not.

List of Tables iii
List of Figures iv
Acknowledgments v
Chapter 1 Introduction 1
Chapter 2 Related Works 4
2.1 Park-Park Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.2 Juang-Wu Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2.1 The First Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2.2 The Second Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.3 Yoon-Yoo Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.4 Introduction to the Three-Factor Authentication . . . . . . . . . . . . . . . . 12
Chapter 3 IEEE 802.11, 802.1x and EAP 14
3.1 The IEEE 802.11 Standard . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.1.1 802.11 Security Mechanisms . . . . . . . . . . . . . . . . . . . . . . 16
3.2 The IEEE 802.1X Standard . . . . . . . . . . . . . . . . . . . . . . . . . . 16
3.2.1 The IEEE 802.1x Framework . . . . . . . . . . . . . . . . . . . . . 17
3.3 Extensible Authentication Protocol . . . . . . . . . . . . . . . . . . . . . . . 20
3.3.1 Legacy EAP Methods . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.3.2 Certificate-Based EAP Methods . . . . . . . . . . . . . . . . . . . . 21
3.3.3 Password-Based EAP Methods . . . . . . . . . . . . . . . . . . . . . 23
3.3.4 Strong Password-Based EAP Methods . . . . . . . . . . . . . . . . 24
Chapter 4 EAP Method Requirements for Wireless LANs 25
Chapter 5 The Goals of Our Proposed EAP Method 28
Chapter 6 The Proposed EAP Method 30
6.1 Authentication Mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . 30
6.2 Fast Reconnect Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Chapter 7 Security Analysis and Discussions 35
Chapter 8 Comparisons 40
Chapter 9 Conclusions 45

[1] C.I. Fan, Y.H. Lin and R.H. Hsu, ”Remote password authentication scheme with smart
cards and biometrics,” IEEE Telecommunications Conference, 2006
[2] C.H. Lin and Y.Y. Lai, ”A flexible biometrics remote user authentication Scheme, ”Computer
Standards & Interfaces, Vol. 27, No. 1, pp. 19-23, 2004.
[3] E. J. Yoon and K. Y. Yoo, ”An Optimized Two Factor Authenticated Key Exchange
Protocol in PWLANs,” ICCS 2006, Part II, LNCS 3992, pp. 1000-1007, 2006.
[4] F. Hao, R. Anderson, and J. Daugman, ”Combining Crypto with Biometrics Effectively,”
IEEE Transactions on Computers, Vol 55, No. 1, pp. 1081-1088, 2006
[5] J. C. Chen, M. C. Jiang, and Y. W. Liu, ”Wireless LAN Security and IEEE 802.11i,”
IEEE Wireless Communications, vol. 12, pp. 27-36, 2005
[6] J. Chen and Y. Wang, ”Extensible authentication protocol (EAP) and IEEE 802.1x tutorial
and empirical experience,” IEEE Communications Magazine, vol. 43, no. 12, pp.
26-32, 2005
[7] W. S. Juang, and J. L. Wu, ”Two efficient two-factor authenticated key exchange protocols
in public wireless LANs,” Computers and Electrical Engineering, pp. 33-40, 2009.
[8] Y. Lee and T. Kwon, ”An Improved Fingerprint-Based Remote User Authentication
Scheme Using Smart Cards,” ICCSA 2006, Lecture Notes in Computer Science, Vol.
3981, pp. 915-922, 2006.
[9] Y. M. Park and S. K. Park, ”Two factor authenticated key exchange (TAKE) protocol in
public wireless LANs,” IEICE Transaction on Communication, vol. E87-B, no. 5, pp.
1382-1385, 2004.
[10] ANSI/IEEE Standard 802.11, ”Wireless LAN Medium Access Control (MAC) and
Physical Layer (PHY) Specifications,” December 1999
[11] IEEE Standard 802.1X-2001, ”Port-Based Network Access Control,” June 2001
[12] B. Adoba, L. Blunk, J. Vollbrecht, J. Carlson, and E. Levkowetz, ” Extensible Authentication
Protocol (EAP),” RFC 3748, June 2004.
[13] B. Adoba, D. Simon, and R. Hurst, ”The EAP-TLS Authentication Protocol,” RFC 5216,
March 2008.
[14] D. Stanley, J.Walker, and B. Aboba, ”Extensible Authentication Protocol (EAP) Method
Requirements for Wireless LANs,” RFC 4017, March 2005.
[15] E. Rescorla, ”Diffie-Hellman Key Agreement Method,” RFC 2631, June 1999.
[16] N. Cam-Winget, D. McGrew, J. Salowey, and H. Zhou, ”The Flexible Authentication
via Secure Tunneling Extensible Authentication Protocol Method (EAP-FAST),” RFC
4851, May 2007.
[17] P. Congdon, B. Aboba, A. Smith, G. Zorn, and J. Roese, ”IEEE 802.1X Remote Authentication
Dial In User Service (RADIUS),” RFC 3580, September 2003.
[18] T. Dierks and C. Allen, ”The TLS Protocol Version 1.0,” RFC 2246, January 1999.
[19] W. Simpson, ”PPP Challenge Handshake Authentication Protocol (CHAP),” RFC 1994,
August 1996.
[20] D. Jablon: draft-jablon-speke-02.txt, ”The SPEKE Password-Based Key Agreement
Methods,” IETF Draft, October 2003.
[21] H. Andersson, S. Josefsson, G. Zorn, D. Simon, and A. Parlekar: draft-josefsson-pppexteap-
tls-eap-04.txt, ”Protected EAP Protocol (PEAP),” IETF Draft, September 2002.
[22] P. Funk and B. W. Simon: draft-funk-eap-ttls-v0-00.txt, ”EAP Tunneled TLS Authentication
Protocol Version 0 (EAP-TTLSv0),” IETF Draft, February 2005.
[23] Matthew Gast, 802.11 Wireless Network: The Definitive Guide, O’REILLY, 2002
[24] Cisco SAFE, ”WLAN security in Depth,” available at http://www.cisco.com/warp
/public/cc/so/cuso/epso/sqfr/safwl wp.pdf
[25] Dictionary Attack on Cisco LEAP available at http://www.cisco.com/warp/public
/707/cisco-sn-20030802-leap.shtml
[26] IEC On-Line Education, ”EAP Methods for 802.11 Wireless LAN Security,” available
at http://www.iec.org/online/tutorials/eap methods/index.asp

國圖紙本論文

推文
網路書籤
推薦
評分
引用網址
轉寄

top

相關論文
相關期刊
熱門點閱論文

1.	植基於智慧卡及生物特徵之通行碼遠端身份認證機制
2.	植基於標準轉換與模型檢測之可證明安全用戶端高效率認證協定
3.	無線區域網路認證機制之研究

無相關期刊

1.	植基於對稱式密碼系統且具前推私密性及位置隱私性之單回合無線網路雙向認證機制
2.	以PAM架構分析伊甸基金會高高屏地區落實早療公共政策之研究
3.	以耗散粒子動力學觀察不同比例PE與奈米碳管混合之奈米複材結構
4.	摻鉻晶體光纖製程之溫度場與應力場數值模擬
5.	外包策略與組織溝通關係-以S公司為例
6.	利用交互式多模演算法抑制非視線誤差之無線定位
7.	具快速撤銷匿名性於雙重花費使用者之電子貨幣協定
8.	行政程序法中陳情法制作業之研究
9.	警察人員防制人口販運法制之研究
10.	現代詩人中的仙、聖、鬼──論徐志摩、聞一多、戴望舒詩及其詩論
11.	創造力與創意風格對創意產品之影響
12.	澎湖與大陸「海西區」區域合作策略社會面之分析
13.	澎湖與大陸「海西區」區域合作策略經濟面之分析
14.	喉頭罩麻醉與傳統氣管內插管麻醉之成本效益比較
15.	利用三階段整治列車系統處理受NAPL污染之土壤及地下水

簡易查詢 | 進階查詢 | 熱門排行 | 我的研究室