臺灣博碩士論文加值系統

近年來，隨著無線通訊技術快速的發展，行動裝置被廣泛的使用。IETF提出了行動IP來支援IP的移動性，並且可以讓行動節點在不同的網域中，保持通訊連線。隨意型無線網路是一個新的網路型態，它是由一群有電量限制的行動裝置所組成的。此種網路，行動節點之間的通訊並不需要實體網路來幫忙傳送資料，因為每一個行動節點自己必須扮演路由器的角色，然後利用多重跳躍的機制來傳送資料。為了推動all-IP的網路環境，我們使用行動IP來提供隨意型無線網路的全域連接。
然而，安全問題也顯得越來越重要。我們必須避免繞路封包的攻擊，例如：繞路封包偽造攻擊和繞路封包竄改攻擊。除此之外，我們必須考慮認證的問題。在行動節點使用資源之前，它們必須被驗證是否為合法的使用者。
在本篇論文中，我們將在行動IP中提出一個有效率的認證機制，並在隨意型無線網路中提供一個安全繞路協定。最後，我們提出一個透過行動IP協助隨意型無線網路的認證機制，來達到安全繞路和使用者認證的目的。

In recent years, the wireless communication technology rapidly develops and the mobile devices are in widespread used. The Internet Engineering Task Force (IETF) Mobile IP working group has proposed the Mobile IP to support IP mobility, and it keeps a session connected when a mobile node roams from subnet to subnet. Novel network type is the mobile ad hoc network (MANET) which is formed by a set of mobile devices with limited power and using multi-hop communication capabilities without through any infrastructure. In order to move to an all-IP environment, we use mobile IP to provide global Internet connectivity for ad hoc networks.
However, the security problems are seemed more and more important. We must avoid routing packet attacks such as packet forgery attack and packet modification attack. In addition, we also must consider the authentication problem. Before using the resource, the mobile node must be verified whether legally or not.
In this thesis, we will propose an efficient authentication mechanism in mobile IP, and secure routing protocol in MANET. Finally, we propose an authentication mechanism in mobile ad hoc network which is aided with mobile IP. And we can achieve the security routing and verify the user.

中文摘要 I
Abstract II
List of Tables V
List of Figures VI
Chapter 1 Introduction 1
1.1 Motivation 1
1.2 Organization 3
Chapter 2 Background 4
2.1 Mobile IPv6 4
2.2 Hierarchical Mobile IPv6 4
2.3 Mobile IP Joins with AAA 6
2.4 Mobile Ad Hoc Network 8
2.4.1 Destination Sequence Distance Vector Routing Protocol (DSDV) 9
2.4.2 Ad hoc On-demand Distance Vector Routing Protocol (AODV) 9
2.4.3 Dynamic Source Routing Protocol (DSR) 11
2.5 Cryptography Principles 12
2.5.1 RSA Cryptosystem 12
2.5.2 ElGamal Cryptosystem 14
2.5.3 One-way Hash Function 15
Chapter 3 Authentication Mechanism with Mobile IP 17
3.1 Traditional Authentication Mechanism with Mobile IP 17
3.2 Proposed Authentication Mechanism with Mobile IP 17
3.2.1 Notations 18
3.2.2 Initial Step with Each AAA 19
3.2.3 First Roaming at a Foreign Domain 19
3.2.4 Micro-mobility within the Same Foreign Domain 22
3.3 Security Analysis 24
3.4 Performance Analysis 25
Chapter 4 Security Routing Protocol 27
4.1 Security Requirements in MANET 27
4.2 Network Architecture 27
4.3 Notations 29
4.4 Authentication Mechanism of MANET based on Mobile IPv6 29
4.4.1 Smart Card Issuing Phase 30
4.4.2 Session Key Generation and Verification Phase 31
4.5 Security Analysis 36
4.6 Comparisons 37
Chapter 5 Conclusions and Future Works 38
5.1 Conclusions 38
5.2 Future Works 39

[1]Men Long, Chwan-Hwa John Wu, Irwin, J.D., "Localized Authentication for Wireless LAN Inter-work Roaming," IEEE Wireless Communications and Networking Conference, Vol. 1, pp. 264-267, March 2004.
[2]J. Zao, S. Kent, J. Gahmb, G. Troxel,M. Condell, P. Helinek, N. Yuan, and I. Castineyra. "A public-key based secure Mobile IP," Wireless Networks5, 373-390, 1999.
[3]C. Perkins. "Mobile-IP Local Registration with Hierarchical Foreign Agents," Internet Draft, February 1996.
[4]S. Chung and K. Chae. "An efficient Public-Key based authentication with Mobile-IP in E-commerce," Proceedings of The International Conference on Parallel and Distributed
[5]M. Gerla G. Pei and T.-W. Chen, “Fisheye state routing: A routing scheme for ad hoc wireless networks,” in IEEE International Conference on Communications (ICC 2000), Vol. 1, pp. 70-74, June 2000.
[6]C.E. Perkins and P. Bhagwat, "Highly Dynamic Destination-Sequenced Distance-Vector Routing for Mobile Computers" Comp. Comm, pp.234-244, Oct.1994.
[7]S. Murthy and J.J. Gercia-Lunca-Aceves, “An efficient routing protocol for wireless networks,” ACM Mobile Networks and Applications Journal, pp.183-197, Oct. 1996.
[8]David B. Johnson, David A. Maltz, and Yih-Chun Hu. “The dynamic source routing protocol for mobile ad hoc networks,” IEEE Internet Draft, April, 2003.
[9]Charles E. Perkins and Elizabeth M. Belding-Royer. “Ad hoc on-demand distance vector (aodv) routing,” IEEE Internet Draft, Feb., 2003.
[10]V. D. Park and M. S. Corson, “A highly adaptive distributed routing algorithm for mobile wireless networks,” in Proceedings of the 16th Annual Joint Conference of the IEEE Computer and Communications Societies, Vol. 3, pp. 1105-1413, Kobe, Japan, April, 1997.
[11]Zygmunt J. Haas and Marc R. Pearlman, “The performance of query control schemes of the zone routing protocol,” IEEE/ACM Transactions on Networking, Vol. 9, pp.427-438, Aug. 2001.
[12]D. B. Johnson and C. Perkins, "Mobility Support in IPv6," http://www.ietf.org/internet-drafts/draft-ietf-mobileip-ipv6-15.txt, 2 July 2001
[13]E. Gustafsson, A. Jonsson, and C. Perkins, "Mobile IP regional registration," http://www.ietf.org/internet-drafts/draft-ietf-mobileip- regtunnel- 04.txt, Mar 2001, Work in Progress, 2001.
[14]Rajeev Koodli. "Fast Handovers for Mobile IPv6," http://www.ietf.org/ internet- drafts/ draft- ietf- mipshop-fast- mipv6-02.txt, Jan 2004.
[15]Claude Castelluccia. "HMIPv6: A hierarchical mobile IPv6 proposal," ACM SIGMOBILE Mobile Computing and Communications, Jan. 2000.
[16]S. Glass, T. Hiller, S. Jacobs, C. Perkins. "Mobile IP Authentication, Authorization, and Accounting Requirements," RFC 2977, Oct. 2000.
[17]R. L. Rivest, A. Shamir, and L. M. Adleman, “A Method for Obtaining Digital Signatures and Public Key Cryptosystems,” Communications of the ACM, Vol. 21, Feb., 1978, pp.120-126.
[18]R. L. Rivest, A. Shamir, and L. M. Adleman, “On Digital Signatures and Public Key Cryptosystems,” MIT Lab. for Computer Science, Technical Report, Jan 1979.
[19]T. ElGamal, “A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,” Advances in Cryptology: Proceedings of CRYPTO 84, 1985, pp.10-18.
[20]T. ElGamal, “A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,” IEEE Transactions on information Theory, 1985, pp.469-472.
[21]S. Blake-Wilson and A. Menezes. Authenticated Diffie-Hellman Key Agreement Protocols. In Proc. Of the 5th Annual Workshop on Selected Areas in Cryptography (SAC ’98), vol. 1556 of LNCS, pages 339–361. Springer, 1998.
[22]W. Diffie and M. Hellman. New Directions in Cryptography. In IEEE Transactions on Information Theory, vol. IT-22(6), pages 644–654, November 1976.
[23]Doo Ho Choi, Hyungon Kim, Kyoil Jung, “A secure mobile IP authentication based on identification protocol,” Intelligent Signal Processing and Communication Systems, 2004. ISPACS 2004. Nov. 18-19, 2004, Page(s):709 – 712.
[24]Byung-Gil Lee, Doo-Ho Choi, Hyun-Gon Kim, Seung-Won Sohn, Kil-Houm Park, “Mobile IP and WLAN with AAA authentication protocol using identity-based cryptography,” International Conference on Telecommunications, 2003. ICT 2003. 10th Volume 1, Feb. 2003. Page(s):597 – 603.
[25]Chou-Chen Yang, Jian-Wei Li, Ting-Yi Chang, “A novel mobile IP registration scheme for hierarchical mobility management,” International Conference on Parallel Processing Workshops, 2003. 2003 6-9 Oct. 2003 Page(s):367 – 374.
[26]Y. C. Hu, D. B. Johnson, A. Perrig, “SEAD: secure efficient distance vector routing in mobile wireless ad hoc networks,” in proceedings of the 4th IEEE Workshop on Mobile Computing Systems and Applications, pp.3-13, 2002.
[27]P. Papadimitratos, Z.J. Haas, P. Samar, “The Secure Routing Protocol (SPR) for Ad Hoc Networks”, drail-papadimitratos-secure-routing-protocol-00.txt 2002-12-1 I.
[28]Yih-Chun Hu, Adrian Perrig, David B. Johnson, “Ariade: A Secure on Demand Routing Protocol for Ad hoc Network”, MobiCom 2002, Sept. 23-28, 2002, Atlanta, Georgia, USA.
[29]Kimaya Sanzgiri, Bridget Dahill, Brian Neil Levine, Clay Shields, Elizabeth M. Belding-Royer, “A Secure Routing Protocol for Ad Hoc Network”, In Proceedings of 2002 IEEE ICNP, November 2002.
[30]Venkatraman, L., Agrawal, D.P., "A novel authentication scheme for ad hoc networks," IEEE International Conference on Wireless Communications and Networking Conference, Vol.3, 23-28, pp.1268-1273, Sept. 2000.
[31]Xinjun Du, Ying Wang, Jianhua Ge, Yumin Wang, "A group key establishment scheme for ad hoc networks," IEEE International Conference on Advanced Information Networking and Applications, 17th, pp.518-520, March 2003.
[32]Xiang-Yang Li, Yu Wang, Frieder, O., "Efficient hybrid key agreement protocol for wireless ad hoc networks," IEEE International Conference on Computer Communications and Networks, pp.404-409, Oct. 2002.
[33]Tzu-Chiang Chiang, Yueh-Min Huang, "Group keys and the multicast security in ad hoc networks," IEEE International Conference on Parallel Processing Workshops, Oct. 2003, pp.385-390
[34]Lamont, L., Wang, M., Villasenor, L., Randhawa, T., Hardy, S., "Integrating WLANs & MANETs to the IPv6 based Internet," IEEE International Conference on Communications, Vol. 2 , 11-15, pp.1090 - 1095, May 2003.
[35]Ryuji Wakikawa, Jari T. Malinen, Charles E. Perkins, Anders Nilsson, Antti J. Tuominen "Global connectivity for IPv6 mobile ad hoc Networks," http://www.ietf.org/internet-drafts/draft-wakikawa-manet-globalv6-02.txt, 03 Nov 2002.
[36]Byung-Gil Lee, Hyun-gon Kim, Sung-Won Sohn, Kil-Houm Park, “Concatenated wireless roaming security association and authentication protocol using ID-based cryptography,” IEEE International Conference on Vehicular Technology, Vol.3, 22-25 ,pp.1507-1511, April 2003.
[37]Bellare, M., Canetti, R., and Krawczyk, H. “Keying Hash Functions for Message Authentication,” Proceedings, CRYPTO ’96, August 1996.
[38]MaoJane, and Yangbo, “Anonymous and dynamic conference key distribution system,” IEEE Proceedings on Personal, Indoor and Mobile Radio Communications, 2003. 14th Volume 3, 7-10 Sept. 2003. Page(s):2784 - 2788 vol.3
[39]Ren-Junn Hwang, Sheng-Hua Shiau, and Chih-Hua Lai, “An enhanced authentication key exchange protocol,” International Conference on Advanced Information Networking and Applications, 2003. 17th 27-29 March 2003. Page(s):202 - 205
[40]C. L. Hsu and T. C. Wu, “Authenticated encryption scheme with (t,n) shared verification,” IEE Proceeding Computer and Digital Techniques, Vol. 145, No. 2, pp. 117-120, 1998.
[41]Ching-Te Wang, Chin-Chen Cheng, and Chu-Hsing Lin, “Generalization of threshold signature and authenticated encryption for group communications,” IEICE Transaction on Fundamentals, Vol. E83-A, No. 6, pp. 1228-1237, 2000.