跳到主要內容

臺灣博碩士論文加值系統

(35.153.100.128) 您好!臺灣時間:2022/01/19 04:38
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:林國良
研究生(外文):Kou Liang Lin
論文名稱:手持式裝置在無線傳輸環境中的委任式身份認證安全機制
論文名稱(外文):An Authentication Framework Using Delegation for Handheld Devices in Wireless Communications Networks
指導教授:羅濟群羅濟群引用關係
指導教授(外文):Chi-Chun Lo
學位類別:碩士
校院名稱:國立交通大學
系所名稱:資訊管理所
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2002
畢業學年度:90
語文別:中文
論文頁數:65
中文關鍵詞:SSL委任式身份認證手持式裝置無線通訊
外文關鍵詞:SSLauthentication framework using delegationhandheld deviceswireless communication
相關次數:
  • 被引用被引用:2
  • 點閱點閱:358
  • 評分評分:
  • 下載下載:93
  • 收藏至我的研究室書目清單書目收藏:0
在近來隨著手持式裝置的盛行,行動商務也成為電子商務的新寵,只要搭配上行動電話,就可以輕易的達成行動計算(Mobile Computing)的目的;但因受限於手持式裝置的計算能力,所以在透過無線環境來傳輸資料時,無法為機密的商業資料提供足夠安全的環境。雖然現今已出現了適用於手持式裝置的安全模組,但因為在加密的過程需要使用極為大量的計算來進行加密,不但費時而且其安全的強度也無法與個人電腦相提並論。在本文中提出一個委任式身份認證安全機制,設計一個新的架構,這個架構是針對無線傳輸平台的特性來改良現行的SSL(Secure Socket Layer)與TLS(Transport Layer Security)安全協定,使得在手持式裝置上也能夠享受安全的資料傳輸,而另一方面又與現行的SSL及TLS安全協定完全相容。本文設計的委任式身份認證安全機制,在標準的SSL及TLS傳輸協定中加入了身份認證伺服器,身份認證伺服器有線線端與標準的SSL及TLS傳輸協定連線而無線端則是使用在本文中所設計的lite SSL協定,在這樣的架構中,不僅可以與現行的安全協定相容,也可以透過lite SSL協定來提升加密的速度,增進加密安全強度。這種委任式身份認證安全機制比起現行的各種安全協定更加適合使用在手持式裝置無線傳輸的環境中。

While handheld devices prevail during recent years, mobile commence becomes popular new favor media. Mobile computing may easily be accomplished via cooperating with mobile phone. While transmitting data over wireless networks, handheld devices can’t provide safe enough transmission channel for secure commence data due to the computing power problem. Though there are secure modules provided by many companies for handheld devices, encryption process need more computing power. This kind of module wastes a lot of computing time and comparing with personal computer is too weak. In this thesis, we propose a new framework, named “Delegation Authentication Framework”. It is described in this thesis and increases an authentication server in standard SSL and TLS protocol. The protocol in wireless side is a lite SSL protocol. The framework is not only compatible with SSL and TLS, but also increases encryption speed and enhances security strength. The delegation authentication framework is more appropriate than current security protocol for handheld devices in wireless communications networks.

目次
第一章 緖論 1
1.1 研究動機與背景 1
1.2 研究目的 2
1.3 論文架構 3
第二章 文獻探討 5
2.1 相關密碼學演算法 5
2.1.1 對稱式加密演算法 (Symmetric Cipher Algorithm) 5
2.1.2 非對稱式加密演算法 (Asymmetric Cipher Algorithm) 7
2.1.3 單向雜湊函數 (One Way Hash Function) 8
2.2 SSL與TLS安全協定 9
2.3 X.509 v3數位憑證 12
第三章 委任式身份認證安全機制 14
3.1 委任式身份認證安全機制 14
3.2 運作流程 15
3.3 lite SSL協定 17
3.3.1 建立安全通訊-handshake 17
3.3.2 結束安全通訊 23
3.3.3 中斷後繼續先前的通訊 24
3.3.4 小結 25
第四章 lite SSL資料格式與密碼學演算法 27
4.1 lite SSL資料結構 27
4.1.1 Record Layer 28
4.1.2 Alert Protocol 30
4.1.3 Handshake Protocol 31
4.2 lite SSL所使用的各種密碼學演算法 37
4.2.1 訊息鑑別碼 38
4.2.2 加密 40
4.2.3 產生各種加密演算法的參數 41
4.3 相關安全性問題 47
4.3.1 加強身份認證伺服器安全 48
4.3.2 保護記憶體中的機密資料 48
4.3.3 使用良好的亂數產生函數 49
第五章 系統實作環境、實例測試與效能評估 50
5.1 系統實作環境 50
5.1.1 認證伺服器 50
5.1.2 手持式裝置 51
5.2 實例測試 51
5.2.1 實例一(無效的數位憑證) 52
5.2.2 實例二(有效的數位憑證) 55
5.3 效能評估 58
第六章 結論與未來展望 60
6.1 結論 60
6.2 末來研究方向 61
參考文獻 63

[01] Anderson, R., Biham, E., Knudsen, L. "Serpent: A Proposal for the Advanced Encryption Standard" URL: http://www.cl.cam.ac.uk/~rja14/serpent.html, June 1998.
[02] Boe, M., “TLS-based Telnet Security,” Internet Draft, October, 1999.
[03] Daemen, J.,Rijmen, V. "AES Proposal: Rijndael", version 2. URL: http://www.esat.kuleuven.ac.be/~rijmen/rijndael/, March 1999
[04] Eric Rescorla, “SSL and TLS — Designing and Building Secure Systems”, Addison-Wesley, 2000.
[05] Freier, A. O. Karlton, P., and Kocher, P.C., “The SSL Protocol Version 3.0”, Internet Draft, November, 1996.
[06] Harkins, D., and Carrel, D., “The Internet Key Exchange (IKE)”, RFC 2409, November 1998.
[07] Housley, R., Ford, W., Polk, W., and Solo, D., “Internet X.509 Public Key Infrastructure Certificate and CRL Profile”, RFC 2459, January 1999.
[08] Housley, R., “Cryptographic Message Syntax”, RFC 2630, June 1999.
[09] Jablon, D., “Strong Password-only Authenticate Key Exchange”, ACM Computer Communication Review, 26, 5, October 1996.
[10] Kaliski, B., and Staddon, J., “PKCS#1: RSA Cryptography Specifications Version 2.0”, RFC 2437, October 1998.
[11] Kaufman, C., Perlman, R., and Speciner, M., “Network Security: Private Communications in a Public World”, Pretice-Hall, Englewood Cliffs, NJ, 1995.
[12] Kent, S., and Atkinson, m R., “Security Architecture for the Internet Protocol”, RFC 2401, November 1998.
[13] Keung, S., “CryptoSwift Performance under SSL with file transfer”, URL: http://isglabs.rainbow.com/isglabs/SSLperformance/SSL+file%20performance.html, 1996.
[14] Krawczyk, H., “SKEME: A Versatile Secure Key Exchange Mechanism for Internet”, RFC 2401, November 1998.
[15] Krawczyk, H., Bellare, M., and Canetti, R., “HMAC: Keyed-Hashing for Message Authentication”, RFC 2104, February 1997.
[16] Dierks, T., and Allen, C., “The TLS Protocol Version 1.0”, RFC 2246, January 1999.
[17] Rescorla, E., “HTTP over TLS”, RFC 2818, May 2000
[18] Rivest, R., Shamir, A., and Adleman, L.M., “Cryptographic communications system and method”, US patent 4405829, September 1983
[19] Rivest, R. “The MD5 Message-Digest Algorithm”, RFC 1321, April 1992
[20] Rivest, R., Robshaw, M.J.B., Sidney, R., and Yin, Y.L., “The RC6TM Block Cipher”, Algorithm Specification, August 1995
[21] Rivest, R., “A Description of RC2 Encryption Algorithm”, RFC 2268, January 1998
[22] RSA Laboratories, “RSA Encryption Standard, PKCS”, PKCS#1, November 1993
[23] Schneier, B., “Applied Cryptograhpy, 2ed”, John Wiely & Sons, New York, N. Y., 1996
[24] Schneier, B., and Wagner, D., “Analysis of the SSL 3.0 Protocol,” The Second USENIX workshop on Electronic Commerce Proceedings, p. 29-40 USENIX Press, November 1996
[25] Stevens, W.R., “TCP/IP Illustrated, Volume 1: The Protocols”, Addison-Wesley, Reading, MA, 1994
[26] Stphen A. Thomas, “SSL and TLS Essentials- Securing the Web”, John Wiely & Sons, Inc. 2000
[27] Goldberg, I., and Wagner, D., “Randomness and the Netscape Browser,” Dr. Dobb’s Journal, January 1996

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top