臺灣博碩士論文加值系統

目前使用的加解密方法有很多種，以往的加解密只對對稱式密碼系統或是非對稱式密碼系統作分析研究及探討，而且很少將加解密方法應用於網路式門禁系統。本論文是主要針對網路通訊封包作資料傳輸之加密和解密，並用非對稱加密法（RSA）動態產生一種RC2、RC4、DES、Triple-DES等對稱式加密法，並再加入MD2、MD4、MD5、SHA-1等雜湊搜尋法演算法。而在資料傳送方面是採用ASCII和Byte兩種傳送方式，在所有的資料傳送時都會先建立一套共同規範，以用來做加解密資料傳輸的通訊內容，整個架構是先取編碼服務提供者存取編碼服務提供者內的鍵值資料庫做編碼的基礎，而且直接把金鑰與資料一起丟入編碼服務提供者作加解密運算。在硬體架構方面，利用有限的特性發展出不同的硬體架構，整合Saho讀卡機、非接觸式IC卡片、I-7060、7188e(網路控制模組)，系統在Windows XP的環境下以Boland C++ Builder 6.0開發程式。本論文中的方法可改善原先只用RSA去做加解密與解密的安全性及速度，並先以內部的終端機作資料傳輸及控制，此外提昇跨網域跨國企業在網路式門禁系統資料傳輸的安全性。

The ones that use add methods of deciphering there are many kinds of at present, the past one adds and deciphers and does analysing and researching and discussion only to the symmetrical type cryptography or the asymmetry type cryptography, and will seldom add the method of deciphering to apply to network type entrance guard''s system. This thesis does the encryption that is transmitted of materials to conciliate densly to the network communication package mainly, it produces symmetrical types , such as a kind of RC2 , RC4 , DES , Triple-DES ,etc. and encrypts the law dynamically and encrypt the law (RSA ) with the asymmetry, and join MD2 , MD4 , MD5 , SHA-1 ,etc. and knock together and search the law to perform algorithms again, for instance. It is to adopt ASCII and Byte two kinds of conveyance ways to convey the respect in the materials , will set up a set of common norms first when all materials are conveyed, in order to be used for doing the communication content transmitted with decipher the materials, the whole structure fetches and encodes the service provider to deposit and withdraw the foundation of doing code of key value database in the code service provider first , and throw the gold key together with materials and enter encoding the service provider and do it with decipher operation directly. In structure of the hardware , utilize the limited characteristic to develop out different hardware structure, utilize Saho to read the card machine, contact-type IC card , I-7060 , 7188e non- (whether network control mould group), system develop the procedure in order to Boland C ++ Builder 6.0 under environment of Windows XP. The method of the this thesis can be improved and originally done and added security and speed deciphered and deciphering only with RSA, and do the materials to transmit and control with the inside terminal machine first , in addition promote and step the security that transnational enterprises of network land transmit in network type entrance guard''s systematic materials.

摘要…….……………………………………………………………...i
Abstract..………………………………………………………………ii
誌謝……………………………………………………………………iv
目錄…………………………………………………………………….v
圖目錄……………………………………………………………….viii
表目錄..……………………………………………………………......x
第一章 緒論 1
1.1 研究背景 1
1.2 研究動機與目的 2
1.3 研究方法 2
第二章 文獻探討 4
2.1 傳統加密 4
2.2 RC2密碼系統 5
2.3 RC4密碼系統 8
2.4 DES密碼系統 9
2.5 Triple-DES 密碼系統 12
第三章 公開金鑰加密系統與雜湊函數分析 17
3.1 公開鑰匙密碼系統 17
3.2 RSA 演算法 27
3.3 雜湊函數 34
3.4 MD5訊息摘要演算法 34
3.5 MD4演算法 38
3.6 MD2演算法 40
3.7 SHA-1安全雜湊演算法 40
3.8 SHA-1 與 MD5的比較 44
第四章 軟體實現與硬體架構 46
4.1 硬體的架構 47
4.1.1 硬體設備 48
4.2 軟體架構及流程 49
4.2.1 保密應用程式介面 49
4.2.2 加密流程步驟 51
4.2.3 解密流程步驟 54
4.3 金鑰和憑證與系統協定 56
4.3.1 數位憑證X.509與憑證存放區 59
4.3.2 類別的演算法與對稱式演算法支援 59
4.3.3 非對稱式演算法支援 60
4.3.4 雜湊演算法支援 61
第五章 結果與分析 62
5.1 測試方法及程序 62
5.1.1 測試方法 62
5.1.2 傳送Byte方式 65
5.1.3 傳送ASCII方式 66
5.2 各測試的項目及測試內容和步驟 67
5.2.1 以RSA為基礎作RC2 Client與Server加解密 67
5.2.2 以RSA為基礎作RC4 Client與Server加解密 69
5.2.3 以RSA為基礎作RC2與RC4 Client與Server加解密 71
5.2.4 以RSA為基礎作DES、Triple-DES Client與Server加解密 72
5.2.5 以RSA為基礎作RC2、RC4、DES、Triple-DES Client與Server加解密 74
第六章 結論與未來展望 77
6.1 結論 77
6.2 未來展望 77
參考文獻 79
附錄一 加密/解密程式 81
附錄二 InitUser() 84
附錄三 加密/解密資料傳送 88

[1] 嚴漢偉，中央研究院計算中心 http://www.ascc.net/netsrv/security/procedures.html
[2] IBM Introduction to cryptography,Part2:Symmetric cryptography http://www-106.ibm.com/developerworks/security/library/s-crypt02.html
[3] R. Rivest, A. Shair, 1997.Description of the RC2(r) Encryption Algorithm. Iternet Draft-rivest-rc2desc-00.txt, June.
[4] 巫坤品、曾志光 譯，2001年，初版，“密碼學與網路安全原理與實務(CRYPTOGRAPHY AND NETWORK SECURITY Principles and Practice-Second Edition)”碁峰資訊股份有限公司，第三章85-86，第四章126-132，第四章166-169，第六章220-240，第九章358-372，九月。
[5] RC4 Cipher http://www.free-definition.com/RC4-cipher.html
[6] 葉乃菁、李順仁，2004年，出版“資訊安全理論與實務”文魁圖書，04月。
[7] RSA Company, http://www.rsasecurity.com/
[8] K. Campbell and M. Wiener, 1992 “Proof that DES Is Not a Group.” Proceeding,Crypto's 92;published by Springer-Verlag.
[9] W. Diffie and M. Hellman , 1997, “New Exhaustive Cryptanalysis of the NBS Data Encryption Standard.” Computer,June.
[10] W. Tuchman, 1979, “Hellman Present No Shortcut Solutions to DES.”IEEE Spectrum,July.
[11] D. Coppersmith, 1994, “The Data Encryption Standard(DES) and It's Strength Against Attacks.”IBM Journal of Research and Development, May.
[12] B. Kaliski and M. Robshaw, 1996,“Mulitiple Encryption: Weighing Security and Performance.”Dr.Dobb's Journal,January.
[13] W. Diffie and M. Hellman, 1976, “New Directions in Cryptography.”IEEE Transaction on Information Theory,November.
[14] R. Rivest, A. Shair and L. Adleman, 1978, “A Method for Obtaining DigitalSignatures and Public-Key Cryptosystems, ”Communications of theACM,Vo1.21,No.2,pp.120-126,Feb.
[15] P. Ribenboin, 1996, “The New book of Prime Number Records.” New York:Springer-Verlag.
[16] B. Kaliski and M. Robshow, 1995, “The Secure Use of RSA. ”CryptoBytes, Autumn.
[17] H. Feistal, 1973, “Cryptography and Computer Privacy.”Scientific American,May.
[18] R. L. Rivest, 1992, RFC 1321: The MD5 Message-Digest Algorithm, Internet Activities Board.
[19] R. Rivest, 1990, “The MD4 Message Digest Algorithm.”Proceedings,Crypto;published by Spriger-Verlag,August.
[20] R. L. Rivest, 1992, RFC 1320: The MD4 Message-Digest Algorithm, Network Working Group.
[21] B. S. Kaliski Jr, 1992, RFC 1319: The MD2 Message-Digest Algorithm, RSA Laboratories, April.
[22] Microsoft Msdn , http://msdn.microsoft.com/default.aspx
[23] C++ Builder原碼任務, http://home.kimo.com.tw/bruce0829/
[24] 商合行股份有限公司, http://www.saho.com.tw