跳到主要內容

臺灣博碩士論文加值系統

(35.153.100.128) 您好!臺灣時間:2022/01/22 08:36
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:陳嘉宏
論文名稱:使用ElGamal加密機制的通行碼驗證與金鑰交換協定
論文名稱(外文):Password-Authenticated Key Exchange protocol using ElGamal Encryption Scheme
指導教授:曾文貴曾文貴引用關係
學位類別:碩士
校院名稱:國立交通大學
系所名稱:資訊科學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2002
畢業學年度:90
語文別:中文
論文頁數:50
中文關鍵詞:通行碼驗證金鑰交換
相關次數:
  • 被引用被引用:17
  • 點閱點閱:169
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
兩個人Alice和Bob共有一個通行碼(短,較不安全),欲用該通行碼來驗證對方身份並產生一把交談金鑰(長,較安全),之後利用這把交談金鑰來對欲傳送的資料做加密,避免資料在不安全的網路上傳送時被攻擊者擷取而得知內容。這個問題稱為通行碼驗證與金鑰交換問題。
由於雙方事先所共有的通行碼的長度要為人類所能輕易記住的大小,但這卻代表通行碼容易遭受到一些特殊攻擊法的攻擊,例如:竊聽攻擊法、重送攻擊法、字典攻擊法…等,而被攻擊者得到這珍貴的通行碼。
因此在本篇論文中,提出一個通行碼驗證與金鑰交換協定,能夠抵擋這些攻擊法,並對我們提出的協定做一個完整的安全性證明。
Alice and Bob have shared a password (short, insecure), they want to authenticate each other and generate a session key(long, secure) by this password; then using this session key to encrypt messages between them and avoiding the data or information been intercepted by attacker on the insecure internet transmission and cause the intruders get the substance. This problem is called "Password-authenticated key exchange problem".
Due to the length of their share password must be easy to remember for people, it means password can be attacked by some special facility approach. For example, Eavesdropping attack、Replay attack、Dictionary attack…etc. and then cause it lose the valuable password.
Therefore, in this paper, we propose a password-authenticated key exchange protocol that can be able to resist those attack, and moreover providing a complete and security proof of the protocol that we proposed.
中文摘要 i
英文摘要 ii
誌謝 iii
目錄 iv
第一章 引言 1
第一節 研究動機 2
第二節 研究目標與成果 3
第三節 各章節簡介 4
第二章 身份認證協定 5
第一節 相關研究 5
第二節 各種攻擊法 7
第三章 通行碼驗證與金鑰交換協定 19
第一節 數學符號與假設 19
第二節 四個回合的PAK-E 20
第三節 三個回合的PAK-E 22
第四章 證明模式和安全性定義 25
第一節 理想領域的介紹 25
第二節 真實領域的介紹 30
第三節 安全性定義 31
第五章 安全性分析 33
第一節 針對一般攻擊法的安全性討論 33
第二節 安全性證明 35
第六章 結論與未來工作方向 39
參考文獻 40
附錄 45
[1] R. Anderson and T. Lomas, “Fortifying key negotiation schemes with poorly chosen passwords,” Electronics Letters, vol.30, no.13, pp.1040-1041, 1994.
[2] M. Bellare and P. Rogaway, “Entity authentication and key distribution,” CRYPTO ’93, LNCS, vol.773, pp.232-249, 1993.
[3] M. Bellare, R. Canetti and H. Krawczyk, “A modular approach to the design and analysis of authentication and key exchange protocols,” STOC ’98, pp.419-428, 1998.
[4] M. Bellare, D. Pointcheval and P. Rogaway, “Authenticated key exchange secure against dictionary attack,” EUROCRYPT ’00, LNCS, vol.1807, pp.139-155, 2000.
[5] M. Bellare and P. Rogaway, “The AuthA protocol for password-based authenticated key exchange,” Contribution to the IEEE P1363 study group for Future PKC Standers, 2000.
[6] S. Bellovin and M. Merritt, “Encrypted key exchange:password-based protocols secure against dictionary attacks,” In Proceedings of the IEEE Symposium on Research in Security and Privacy, pp.72-84, 1992.
[7] S. Bellovin and M. Merriti, “Augmented encrypted key exchange:a password-based protocol secure against dictionary attacks and password-file compromise,” In Proceedings of the 1st ACM Conference on Computer and Communications Security, pp.244-250, 1993.
[8] D. Boneh, “The decision Diffie-Hellman problem,” In Proceedings of the Third Algorithmic Number Theory Symposium, LNCS, vol.1423, pp.48-63, 1998.
[9] M. Boyarsky, “Public-key cryptography and password protocols:the multi-user case,” In Proceedings of the 6th ACM Conference on Computer and Communications Security, 1999.
[10] V. Boyko, P. MacKenzie and S. Patel, “Provable secure password authenticated key exchange using Diffie-Hellman,” EUROCRYPT ’00, 2000.
[11] P. Buhler, T. Eirich, M. Steiner and M. Waidner, “Secure password-based cipher suite for TLS,” In Proceedings of the Year 2000 Network and Distributed System Security Symposium, 2000.
[12] D. Denning and G. Sacco, “Timestamps in key distribution protocols,” Communications of the ACM, vol.24, no.8, pp.533-536, 1981.
[13] W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, vol.22, no.6, pp.644-654, 1976.
[14] Y. Ding and P. Hoster, “Undetectable on-line password guessing attacks,” ACM Operating Systems Review, vol.29, no.4, pp.77-86, 1995.
[15] T. ElGamal, “A public-key cryptosystem and a signature scheme based on discrete logarithms,” IEEE Transactions on Information Theory, vol.31, no.4, pp.469-472, 1985.
[16] W. Ford and B. Kaliski, “Server-assisted generation of a strong secret from a password,” In Proceeding s of the IEEE 9th International Workshops on Enabling Technologies:Infrastructure for Collaborative Enterprises, 2000.
[17] O. Goldreich and Y. Lindell, “Session key generation using human password only,” CRYPTO ’01, 2001.
[18] L. Gong, M. Lomas, R. Needham and J. Saltzer, “Protecting poorly chosen secrets from guessing attacks,” IEEE Journal on Selected Areas in Communications, vol.11, no.5, pp.648-656, 1993.
[19] L. Gong, “Optimal authentication protocols resistant to password guessing attacks,” In Proceedings of the 8th IEEE Computer Security Foundations Workshop, pp.24-29, 1995.
[20] S. Halevi and H. Krawczyk, “Public-key cryptography and password protocols,” In Proceedings of the 5th ACM Conference on Computer and Communications Security, pp.122-131, 1998.
[21] D. Jablon, “Strong password-only authenticated key exchange,” ACM Computer Communication Review, vol.26, no.5, pp.5-26, 1996.
[22] D. Jablon, “Extended password key exchange protocols immune to dictionary attack,” In Proceedings of the WETICE’97 Workshop on Enterprise Security, 1997.
[23] D. Jablon, “Password authentication using multiple servers,” CT-RSA, LNCS, vol.2020, pp.344-360, 2001.
[24] J. Kats, R. Ostrovsky and M. Yung, “Efficient password-authenticated key exchange using human-memorable passwords,” EUROCRYPTO ’01, LNCS, vol.2045, pp.475, 2001.
[25] T. Kwon and J. Song, “Efficient key exchange and authentication protocols protecting weak secrets,” IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol.E81-A, no.1, pp.156-163, 1998.
[26] T. Kwon and J. Song, “Efficient and secure password-based authentication protocols against guessing attacks,” Computer Communications, vol.21, no.9, pp.853-861, 1998.
[27] T. Kwon and J. Song, “Secure agreement scheme for gxy via password authentication,” Electronics Letters, vol.35, no.11, pp.892-893, 1999.
[28] T. Kwon, M. Kang, S. Jung and J. Song, “An improvement of the password-based authentication protocol (K1P) on security against replay attacks,” IEICE Transactions on Communications, vol.E82-B, no.7, pp.991-997, 1999.
[29] T. Kwon, “Ultimate solution to authentication via memorable password,” Contribution to the IEEE P1363 study group for Future PKC Standers, 2000.
[30] T. Kwon, “A study on the Generalized key agreement and password authentication protocol,” IEICE Transactions on Communications, vol.E83-B, no.9, pp.2044-2050, 2000.
[31] T. Kwon, “Authentication and key agreement via memorable passwords,” NDSS 2001 Symposium Conference Proceedings, 2001.
[32] M. Lomas, L. Gong, J. Saltzer and R. Needham, “Reducing risks from poorly chosen keys,” ACM Operating System Review, pp.14-18, 1989.
[33] S. Lucks, “Open key exchange:how to defeat dictionary attacks without encrypting public keys,” The Security Protocols Workshop, 1997.
[34] P. MacKenzie and R. Swaminathan, “Secure network authentication with password identification,” Presented to IEEE P1363a, 1999.
[35] P. MacKenzie, “On the security of the SPEKE password-authenticated key exchange protocol,” Cryptology ePrint Archive:Report 2001/057, 2001.
[36] P. MacKenzie, “More efficient password-authenticated key exchange,” CT-RSA, LNCS, vol.2020, pp.361-377, 2001.
[37] S. Patel, “Number theoretic attacks on secure password schemes,” IEEE Symposium on Security and Privacy, 1997.
[38] R. Perlman and C. Kaufman, “Secure password-based protocol for downloading a private key,” In Proceedings of the 1999 Network and Distributed System Security, 1999.
[39] R. Perlman and C. Kaufman, “Analysis of the IPsec key exchange standard,” In Proceedings of the IEEE 10th International Workshops on Enabling Technologies:Infrastructure for Collaborative Enterprises, MIT, Cambridge, MA, 2001.
[40] N. Provos and D. Mazieres, “A future-adaptable password scheme,” 1999 USENIX Annual Technical Conference, 1999.
[41] M. Roe, B. Christianson, D. Wheeler, “Secure sessions from weak secrets,” Technical report from University of Cambridge and University of Hertfordshire, 1998.
[42] V. Shoup, “On formal models for secure key exchange,” Technical report, IBM Zurich Research Lab, 1999.
[43] W. Simpson, “PPP challenge handshake authentication protocol (CHAP),” RFC1994, 1996.
[44] M. Steiner, G. Tsudil and M. Waidner, “Refinement and extension of encrypted key exchange,” ACM Operating System Review, vol.29, no.3, pp.22-30, 1995.
[45] G. Tsudik, E.van Herreweghen, “Some remarks on protecting weak keys and poorly-chosen secrets from guessing attacks,” In Proceedings of the 12th IEEE Symposium on Reliable Distributed Systems, pp.136-141, 1993.
[46] T. Wu, “Secure remote password protocol,” Internet Society Symposium on Network and Distributed System Security, 1998.
[47] T. Wu, “A real-world analysis of Kerberos password security,” Proceedings of the 1999 Network and Distributed System Security Symposium, 1999.
[48] H. Yen, H. Sun and T. Hwang, “Security analysis of the generalized key agreement and password authentication protocol,” IEEE Communications, vol.5, no.11, 2001.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top