跳到主要內容

臺灣博碩士論文加值系統

(44.221.73.157) 您好!臺灣時間:2024/06/17 20:41
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:張鴻泰
研究生(外文):Hung-Tai Chang
論文名稱:UMTS認證協定之研究
論文名稱(外文):A Study on Authentication Protocol for UMTS
指導教授:涂世雄涂世雄引用關係黃景東黃景東引用關係
指導教授(外文):Shih-Hsiung TwuJiing-Dong Hwang
學位類別:碩士
校院名稱:中原大學
系所名稱:電機工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2000
畢業學年度:88
語文別:英文
論文頁數:73
中文關鍵詞:認證協定全球行動電信系統對稱性金匙密碼系統認證邏輯第三代
外文關鍵詞:Authentication ProtocolUMTSsymmetric-key cryptosystemlogic of authentication3g
相關次數:
  • 被引用被引用:8
  • 點閱點閱:220
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:1
摘要
在本論文中,我們提出一種新的認證協定流程的表示法和兩個基於對稱性金匙密碼系統的認證協定。這兩個協定是根據UMTS第三代行動通訊系統的安全需求所設計的。
在以往發表過有關認證協定論文中,我們發現到設計者通常把認證協定中每一步驟傳輸的訊息都放在一起且把訊息中所代表的意義以暗喻的方式表達。通常這些訊息是代表系統中參與者的信念或是其身分,而傳統表示法使得我們當自行淬取訊息所傳達的意義,甚至誤解其意。因此,我們提出了一個新的表示法可以清楚的描繪認證協定中傳輸訊息所代表的意義。這種表示方式使得我們在歸納舊的認證協定及設計新的認證協定方面均有莫大的幫助。
在設計新的認證協定方面,我們參考了UMTS的安全需求及行動通訊環境下使用者在硬體方面的限制,我們提出了基於對稱性金匙密碼系統的兩個認證協定。這兩個認證協定的特點為運算快速且保有其應有的安全性。在第一個認證協定中,我們提出以現有對稱性金匙密碼系統 (DES、IDEA、RC5) 為基本加解密函數,我們在設計硬體時,只需用到一種加解密函數來產生並可以降低其硬體電路的複雜度且節省成本。在第二個認證協定中,我們只用了少量的互斥或邏輯運算和線性同餘運算及加法運算來做為加解密的函數,成功達成用戶個人資料在傳輸過程中的隱密性,並且大量減少了運算時間和增進認證協定的安全性。
本論文中我們主要的研究結果如下:(一) 提出一個新的認證協定流程的表示法。(二) 兩個運算快速的認證協定。
Abstract
In this thesis, we propose a new representation of message flow of the authentication protocol and two new authentication mechanisms based on symmetric-key cryptosystems. These two authentication protocols are designed by following the security requirements of UMTS, which is one of the 3rd generation mobile systems.
For easily realizing the relationships between the messages involved in an authentication protocol, our new representation of message flow defines two notations representing the relationship between a challenge message and its corresponding response message. Our new presentation of message flow is a supplementary to the original one. With this new presentation of message flow, we can easily identify the meanings of the messages involved in the protocol.
In the process of designing mechanisms of authentication protocol, we consult with the limitations of mobile unit, like power and computation ability. According to these considerations, we first use symmetric-key cryptosystems as a basic encryption/decryption tool for the authentication protocol. Among the symmetric-key based authentication protocol (e.g., GSM, DECT), we found that the designer had to use different encryption functions to provide the requirements of the protocol such as a session key, secret data, etc. In our first mechanism, we use only one of the common symmetric-key encryption functions to provide all the requirements of the protocol. The complexity of hardware design and the cost can be significantly reduced.
In the mobile communication circumstance, the user usually has a temporary identity, which is applied to conceal user’s true identity, when user requests for a service provision from network operator. However, the temporary identity has to be updated every time when the user roams into a new domain. In the second mechanism, International Mobile User Identity (IMUI) is used to represent user’s true identity. By applying some simple operations, the IMUI can be hidden to request for service without disclosing the user’s identity. It means that we don’t need a temporary identity throughout the authentication protocol. Besides, we use only basic operations to provide the requirements of the protocol. With above two features, our protocol is much simpler in computation and better in security consideration than other existent authentication protocols.
Contents
Abstract I
List of Figures III
Chapter 1.Introduction 1
1.1 Authentication Protocols and UMTS 1
1.2 Our Main Results 6
1.3 Organization of This Thesis 7
Chapter 2.Review of the 2nd Generation Mobile Systems & Security Considerations for UMTS 9
2.1 Terminology 9
2.2 Previous Researches on Authentication Protocol of the 2nd Generation Mobile Systems 10
2.2.1 GSM Authentication Protocol 10
2.2.2 Analysis Tool for the Authentication Protocol-Logic of Authentication 12
2.3 Security Threats and Considerations for the UMTS 15
Chapter 3.New Results of Study on Authentication Protocol for UMTS 16
3.1 A New Representation of Message Flow of Authentication Protocol 16
3.2 The First Authentication Mechanism for UMTS with Security Analysis 22
3.3 The Second Authentication Mechanism for UMTS with Security Analysis 35
Chapter 4.Conclusion and Future Research 47
Appendix A. Simple Logic of Authentication Protocol 48
Appendix B. Security threats & requirements 52
Appendix C. General objectives for 3G security features 67
Reference 69
References
[1] 3G TS 33.102: 3G Security; Security Architecture, http://www.etsi.org
[2] 3G TS 33.120: 3G Security; Security Principles and Objectives, http://www.etsi.org
[3] 3G TS 21.133: Security Threats and Requirements, http://www.etsi.org
[4] Abadi M., Tuttle M.R., “A semantics for a logic of authentication”, Proceedings of the tenth Annual ACM Symposium on Principles of Distributed Computing, 1991, Page(s): 201-216.
[5] Askwith B., Merabti M., Qi Shi, Whiteley K., “Achieving user privacy in mobile networks”, Proceedings of the 13th Annual Computer Security Applications Conference, 1997, Page(s): 108-116.
[6] Bird R., Gopal I., Herzberg A., Janson P.A., Kutten S., Molva R., Yung M., “Systematic design of a family of attack-resistant authentication protocols”, IEEE Journal on Selected Areas in Communications, Volume: 115, June 1993, Page(s): 679-693.
[7] Burrows M., Abadi M., Needham R., “A logic of authentication”, ACM Transactions on Computer Systems, 8, 1990, Page(s): 18-36.
[8] Buttyan L., Staamann S., Wilhelm U., “A simple logic for authentication protocol design”, Proceedings of the 11th IEEE Computer Security Foundations Workshop, 1998, Page(s): 153-162.
[9] Brutch T.G., Brutch P.C, “Mutual Authentication, Confidentiality, and Key MANagement (MACKMAN) system for mobile computing and wireless communication”, Proceedings of the 14th Annual Computer Security Applications Conference, 1998, Page(s): 308-317.
[10] Chang-Seop Park, “On certificate-based security protocols for wireless mobile communication systems”, IEEE Network, Volume: 115, Sept-Oct. 1997, Page(s): 50-55.
[11] Coffey T., Saidha P., “Logic for verifying public-key cryptographic protocols”, IEE Proceedings of the Computers and Digital Techniques, Volume: 1441, Jan 1997, Page(s): 28-32.
[12] Debbabi M., Mejri M., Tawbi N., Yahmadi I., “Formal automatic verification of authentication cryptographic protocols”, Proceedings of the First IEEE International Conference on Format Engineering Methods, 1997, Page(s): 50-59.
[13] Diffie W., Hellman M., “New directions in cryptography”, IEEE Transactions on Information Theory, 22, 1976, Page(s): 644-654
[14] ETSI ETR 332: Security Techniques Advisory Group; Security requirements capture, http://www.etsi.org
[15] Gligor V.D., Kailar R., Stubblebine S., Gong L., “Logics for cryptographic protocols-virtues and limitations”, Proceedings of the Computer Security Foundations Workshop IV, 1991, Page(s): 219-226.
[16] Gong L., Lomas M.A., Needham R.M., Saltzer J.H., “Protecting poorly chosen secrets from guessing attacks”, IEEE Journal on Selected Areas in Communications, Volume: 11 5, June 1993, Page(s): 648-656
[17] Gong L., Needham R., Yahalom R., “Reasoning about belief in cryptographic protocols”, Proceedings of the IEEE Symposium on Research in Security and Privacy, 1990, Page(s): 234-248
[18] Jefferies N, “Security in third-generation mobile systems”, IEE Colloquium on Security in Networks (Digest No. 1995/024), 1995, Page(s): 8/1-8/5
[19] Keung S., Kai-Yeung Siu, “Efficient protocols secure against guessing and replay attacks”, Proceedings of the Fourth International Conference on Computer Communications and Networks, 1995, Page(s): 105-112.
[20] Kwon T., Song J., “Authenticated key exchange protocols resistant to password guessing attacks”, IEE Proceedings of Communications, Volume: 1455, Oct. 1998, Page(s): 304-308.
[21] Li Gong, “Optimal authentication protocols resistant to password guessing attacks”, Proceedings of the Eighth IEEE Computer Security Foundations Workshop, 1995, Page(s): 24-29.
[22] Metz C., “AAA protocols: authentication, authorization, and accounting for the Internet”, IEEE Internet Computing, Volume: 36, Nov.-Dec. 1999, Page(s): 75-79.
[23] Putz, S., Schmitz R., Tonsing F., “Authentication schemes for third generation mobile radio systems”, The Ninth IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, Volume: 1, 1998, Page(s): 126-130.
[24] Sung-Ming Yen, “Cryptanalysis of an authentication and key distribution protocol”, IEEE Communications Letters, Volume: 31, Jan. 1999, Page(s): 7-8.
[25] Shiuh-Pyng Shieh, Wen-Her Yang, Hun-Min Sun, “An authentication protocol without trusted third party”, IEEE Communications Letters, Volume: 13, May 1997, Page(s): 87-89.
[26] Syverson P.F., “Formal semantics for logics of cryptographic protocols”, Proceedings of the Computer Security Foundations Workshop, III, June 1990, Page(s): 32-41.
[27] Syverson P.F., van Oorschot P.C., “On unifying some cryptographic protocol logics”, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy, 1994, Page(s): 14-28.
[28] Taekyoung Kwon, Jooseok Song, “Security and efficiency in authentication protocols resistant to password guessing attacks”, Proceedings of the 22nd Annual Conference on Local Computer Networks, 1997, Page(s): 245-252.
[29] Taekyoung Kwon, Jooseok Song, “Tutorial efficient and secure password-based authentication protocols against guessing attacks”, Computer Communication, 21, 1998, Page(s): 853-861.
[30] UMTS 22.00: Universal Mobile Telecommunications System (UMTS): UMTS Phase 1, http://www.etsi.org
[31] UMTS 22.01: Universal Mobile Telecommunications System (UMTS): Service aspects; service principles, http://www.etsi.org
[32] UMTS 23.01: Universal Mobile Telecommunications System (UMTS): General UMTS Architecture, http://www.etsi.org
[33] UMTS 30.01: Universal Mobile Telecommunications System (UMTS): UMTS Baseline Document; Positions on UMTS agreed by SMG, http://www.etsi.org
[34] UMTS 33.20: Universal Mobile Telecommunications System (UMTS): Security Principles, http://www.etsi.org
[35] Varadharajan V, Yi Mu, “Preserving privacy in mobile communications: a hybrid method”, IEEE International Conference on Personal Wireless Communications, 1997, Page(s): 532-536.
[36] Walker M, “Security features for DECT”, IEE Colloquium on CT2/CAI and DECT Cordless Telecommunications, 1990, Page(s): 11/1-11/6.
[37] Wenbo Mao, “An augmentation of BAN-like logics”, Proceedings of the Eighth IEEE Computer Security Foundations Workshop, 1995, Page(s): 44-56.
[38] William Stallings, Cryptography and network security principles and practice, 2nd ed., Prentice Hall, Inc, 1999.
[39] Zhu Yujun, Wang Bai, Chen Junliang, “Trusted third party based mutual authentication in UPT system”, Proceedings of ICCT ''98 International Conference on Communication Technology, Vol.1, 1998, Page(s): 5 pp.
[40] 賴溪松, 韓亮, 張真誠, 近代密碼學及其應用, 松崗電腦圖書, 1994.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊