跳到主要內容

臺灣博碩士論文加值系統

(98.84.18.52) 您好!臺灣時間:2024/10/03 23:56
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:陳皇車
研究生(外文):Huang-Jyu Chen
論文名稱:行動式網路電話環境下認證協定之研究
論文名稱(外文):A Study on Authentication Protocols for Mobile VoIP Environments
指導教授:黃志銘黃志銘引用關係
指導教授(外文):Jyh-Ming Huang
學位類別:碩士
校院名稱:逢甲大學
系所名稱:資訊工程所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2006
畢業學年度:94
語文別:英文
論文頁數:54
中文關鍵詞:無線安全認證網路電話議程啟動協定行動通訊協定
外文關鍵詞:SIPVoIPMobile IPwireless securityauthentication
相關次數:
  • 被引用被引用:0
  • 點閱點閱:198
  • 評分評分:
  • 下載下載:24
  • 收藏至我的研究室書目清單書目收藏:1
隨著無線通訊與網際網路技術的成熟,以及行動運算(Mobile Computing)應用需求的日趨迫切,透過無線傳輸結合網際網路進行資料存取的各種應用已屢見不鮮。配合行動通訊協定(Mobile IP)所提供的行動機能,再加上網際網路電話(Voice over IP, VoIP)的語音通訊能力,行動式網路電話(Mobile VoIP)即是明顯的實例之一。
然而,在無線網路的應用環境之中,由於所傳送的資料極為公開,且任何人都很容易透過無線網路接收並攻擊這些資料。行動式網路電話服務雖然提供了電話用戶可以無憂無慮地漫遊在不同的網域之間維持通訊,但對通訊過程中資料安全的防護措施並不十分嚴謹。因此,本論文即針對行動通訊協定,尤其是註冊部份提出一個有效率且安全的認證機制。設計過程中一方面透過結合對稱金鑰密碼學與公開金鑰密碼學的混合式認證方法來保障通訊雙方資料傳輸的安全性外,另一方面亦考慮到行動裝置的有限運算能力,盡量在認證過程中減輕其運算負擔。我們透過所提的註冊認證協定來完成秘密議程金鑰的傳送,再進一步將其應用於以議程啟動協定(Session Initiation Protocol,SIP)為基礎的網路電話服務上,以提供行動式網路電話通訊安全的防護措施。
為了驗證我們所提協定的實用性,我們藉由數種網路蓄意攻擊的安全性分析,諸如中間者(Man-in-the-Middle)攻擊、與重播(Replay)攻擊等,來證明所提的協定確實是安全且有效的。除此之外,我們亦與其他相類似的協定進行通訊過程中計算負荷的分析比較,並實際模擬其執行運算的時間,結果均證明我們的協定對降低施於行動節點(mobile node)上的通訊計算負擔及資源耗損有著正面的貢獻。
Technological advances in Internet and wireless communication have facilitated the rapid growth of mobile computing. Many applications have been proposed for accessing data through combining wireless transmission and Internet. Mobile Voice over IP (Mobile VoIP), which integrates the mobility features and telephony, is an obvious example.
Since wireless communications are broadcast in nature, anyone within the transmission range of a wireless device can easily intercept and attack the transmitted data. Although the Mobile VoIP allows mobile users to keep going to talk with each others while roaming across different networks, it is vulnerable to information security. In this thesis, we therefore present an efficient and secure authentication protocol for Mobile VoIP services, especially on registration process. With our approach, on the one hand, we first develop a secure authentication protocol that is based on symmetric/asymmetric cryptographies for Mobile IP registration procedure. And then, we apply the session key that was derived from registration process to a SIP-based VoIP service for achieving secure voice communications. On the other hand, the limited power consumption issue of mobile node is also taken into considerations during design phase.
For verifying our contributions, we demonstrate our proposed protocol secure by conducting security analysis on the aspects of data integrity, confidentiality, and several common network attacks, such as replay and man-in-the-middle attacks. Furthermore, we also compare the overheads imposed on the mobile node with other existing protocols. The simulation results show that our protocol is superior to other existing protocols, in terms of the communication and computation overheads.
中文摘要 i
Abstract ii
Table of Contents iii
List of Figures v
List of Tables vi
Chapter 1 Introduction 1
1.1 Motivation 1
1.2 Sketch of Our Research 3
1.3 Contributions of Our Research 4
1.4 Organization of the Thesis 4
Chapter 2 Background and Previous Work 6
2.1 Mobile IP Review 6
2.1.1 Terminology 6
2.1.2 Operations of Mobile IP 7
2.2 SIP Review 9
2.3 Security Background 11
2.3.1 Fundamental Security Issues 11
2.3.2 Security Threats 12
2.3.3 Authentication Strategies 12
2.4 Mobile IP Authentication Schemes Review 18
2.4.1 Mobile IP Registration Authentication Schemes 19
2.4.2 Certificate-based Authentication Protocol 20
2.4.3 Smart Card Based Authentication Protocol 21
2.4.4 Minimal Public Key Based Authentication Protocol 21
Chapter 3 Design of Our Protocol 24
3.1 System Model 24
3.2 Authentication Protocol for Mobile IP Registration 25
3.3 Communication of Mobile VoIP 29
3.4 Differences between our protocol and Sufatrio and Lam’s approach 31
Chapter 4 Security Analysis and Performance Comparison 33
4.1 Security Analysis 33
4.2 Performance Comparison 35
Chapter 5 Concluding Remarks 38
5.1 Summary 38
5.2 Future Work 39
References 40
Acknowledgements 46
Vita 47
[1]L. Adleman and R. Rivest, “The use of public key cryptography in communication system design,” IEEE Communications Magazine, Vol. 16, Issue 6, Nov. 1978, pp. 20-23.
[2]B. Braden, L. Zhang, S. Berson, S. Herzog, S. Jamin, “Resource ReSerVation Protocol (RSVP)-version 1 Functional Specificaton,” IETC RFC 2205, 1997.
[3]A. De Carolis et al., “QoS-Aware handover for Mobile IP: Secondary Home Agent,” from http://www.watersprings.org/pub/id/draft-decarolis-qoshandover-02.txt, 2002.
[4]CCITT, “Recommendation X.509: The Directory – Authentication Framework,” 1988.
[5]S. Deering, “ICMP Router Discovery Messages,” IETF RFC 1256, 1991.
[6]W. Diffie and M. Hellman, “New Directions in Cryptography,” IEEE Transactions on Information Theory, Vol. 22, Issue 6, Nov. 1976, pp. 644-654.
[7]W. Diffie and M. Hellman, “Privacy and Authentication: An Introduction to Cryptography,” Proceedings of the IEEE, Vol. 67, Issue 3, March 1979, pp. 397-427.
[8]H. Dobbertin, A. Bosselaers, and B. Preneel, “RIPEMD-160: A Strengthened Version of RIPEMD,” Fast Software Encryption, LNCS 1039, Springer-Verlag, 1996, pp. 71-82.
[9]D. Eastlake, S. Crocker and J. Schiller, “Randomness Requirements for Security,” IETF RFC 1750, 1994.
[10]H. Fathi, R. Prasad, and S. Chakraborty, “Mobility Management for VoIP in 3G Systems: evaluation of low-latency handoff schemes,” IEEE Wireless Communications, Vol. 12, Issue 2, April 2005, pp. 96-104.
[11]M. Handley, H. Schulzrinne, E. Schooler, and J. Rosenberg, “SIP: Session Initiation Protocol,” IETF RFC 2543, 1999.
[12]M. Hellman, “An overview of public key cryptography,” IEEE Communications Magazine, Vol. 16, Issue 6, Nov. 1978, pp. 24-32.
[13]R. Housley, W. Ford, W. Polk, and D. Solo, “Internet X. 509 Public Key Infrastructure Certificate and CRL Profile,” IETF RFC 2459, 1999.
[14]ITU-T Recommendation H.225.0, “Call Signaling Protocols and Media Stream Packetization for Packet-based Multimedia Communication Systems,” 1996.
[15]ITU-T Recommendation H.245, “Control Protocol for Multimedia Communication,” 1996.
[16]ITU-T Recommendation H.261, “Video Codec for Audiovisual Services at p x 64 kbit/s,” 1993.
[17]ITU-T Recommendation H.323, “Packet-Based Multimedia Communications Systems,” 1998.
[18]ITU-T Recommendation Q.931, “ISDN User-network Interface Layer 3 Specification for Basic Call Control,” 1998.
[19]S. Jacobs, “Mobile IP Public Key Based Authentication,” Internet draft, , 1998.
[20]S. Jacobs and G. Cirincione, “Security of Current Mobile IP Solutions,” Proceedings of MILCOM’97, Vol. 3, 2-5 Nov. 1997, pp. 1122-1128.
[21]J. K. Jan and Y. H. Chen, “A New Efficient MAKEP for Wireless Communications,” Proceedings of the 18th International Conference on Advanced Information Networking and Application, Vol. 2, 2004, pp. 347-350.
[22]R. Juenuman, S. Matyas, and C. Meyer, “Message Authentication,” IEEE Communications Magazine, Vol. 23, Issue 9, Sept. 1985, pp. 29-40.
[23]H. Krawczyk, M. Bellare, and R. Canetti, “HMAC: Keyed-Hashing for Message Authentication,” IETF RFC 2104, 1997.
[24]C. C. Li, M. S. Hwang, and W. P. Yang, “A Flexible Remote User Authentication Scheme Using Smart Cards,” ACM SIGOPS Operating Systems Review, Vol. 36, Issue 3, July 2002, pp. 46-52.
[25]C. W. Liao, “Movable Subnet Enhancement in Mobile IPv4 Environment,” Master thesis, Department of Electrical Engineering, Feng Chia University, 2002.
[26]W. Liao, “Mobile Internet Telephony Protocol: An Application Layer Protocol for Mobile Internet Telephony Service,” Proceedings of the IEEE International Conference on Communications (ICC), Vol. 1, 6-10 June 1999, pp. 339-343.
[27]M. H. Lin and C. C. Chang, “A Secure One-time Password Authentication Scheme with Low-Computation for Mobile Communications,” ACM SIGOPS Operating Systems Review, Vol. 38, Issue 2, April 2004, pp. 76-84.
[28]K. E. Malki, “Low Latency Handoffs in Mobile IPv4,” Intetnet draft, , 2004.
[29]G. A. Mills-Tettey and D. Kotz, “Mobile Voice over IP (MVOIP): An Application-level Protocol for Call Hand-off in Real Time Applications,” Proceedings of the 21st IEEE International Conference on Performance, Computing, and Communications, 3-5 April 2002, pp. 271-279.
[30]M. Moh, G. Berquin, and Y. J. Chen, “Mobile IP Telephony: Mobility Support of SIP,” Proceedings of the 8th International Conference on Computer Communications and Networks, 11-13 Oct. 1999, pp. 554-559.
[31]M. Mufti, and A. Khanum, “Design and Implementation of a Secure Mobile IP Protocol,” Proceedings of the International Conference on Networking and Communication (INCC), 11-13 June 2004, pp. 53-57.
[32]National Institute of Standards and Technology, “Secure Hash Standard,” Federal Information Processing Standards Publication 180-1, April 1995.
[33]S. Ohzahata, S. Kimura and Y. Ebihara,” A Fast Authentication Method for Secure and Seamless Handoff,” Proceedings of the 6th International Conference on Information Networking, Wireless Communications Technologies and Network Applications, LNCS 1039, Springer-Verlag, Jan.-Feb. 2002, pp. 243-252.
[34]C. Perkins, “IP Mobility Support,” IETF RFC 2002, 1996.
[35]C. Perkins, “IP Mobility Support version 2,” Internet draft, , 1997.
[36]C. Perkins, “Mobile IP Support for IPv4,” IETF RFC 3344, 2002.
[37]C. Perkins, “Mobile IP: Design Principles and Practices,” Addison-Wesley wireless communications series, 1998.
[38]C. Perkins, “Mobile Networking through Mobile IP,” IEEE Internet Computing, Vol. 2, Issue 1, Jan.-Feb. 1998, pp. 58-69.
[39]C. Perkins, “Mobile IP and security issue: an overview,” Proceedings of the 1st IEEE/Popov Workshop on Internet Technologies and Services, 1999, pp. 131-148.
[40]C. Perkins and Kuang-Yeh Wang, “Optimized Smooth Handoffs in Mobile IP,” Proceedings of the 4th IEEE Symposium on Computers and Communications, 6-8 July 1999, pp. 340.
[41]C. Perkins et al., “Route Optimization in Mobile IP,” IETF Internet Draft, , 2001.
[42]R. Rivest, “The MD5 Message-Digest Algorithm,” IETF RFC 1321, 1992.
[43]R. Rivest, A. Shamir, and L. Adleman, “A Method for Obtaining Digital Signatures and Public Key Cryptosystems,” Communications of the ACM, Vol. 21, Issue 2, Feb. 1978, pp. 120-126.
[44]H. Schulzrinne and J. Rosenberg, “The Session Initiation Protocol: Internet-Centric Signaling,” IEEE Communications Magazine, Vol. 38, Issue 10, Oct. 2000, pp. 134-141.
[45]G. Simmons, “Contemporary Cryptology: The Science of Information Integrity,” Piscataway, NJ: IEEE Press, 1992.
[46]A. Sinkov, “Elementary Cryptanalysis: A Mathematical Approach.” Washington, DC: The Mathematical Association of America, 1966.
[47]W. Stallings, “Cryptography and Network Security: Principles and Practices Third Edition,” Pearson Education Inc., 2003.
[48]SlavaSoft QuickHash Library: http://www.slavasoft.com/quickhash/, visited 2006.
[49]Sufatrio and K. Y. Lam, “Mobile IP Registration Protocol: A Security Attack and New Secure Minimal Public-Key Based Authentication,” Proceedings of the International Symposium on Parallel Architectures, Algorithms, and Networks, 23-25 June 1999, pp. 364-369.
[50]X. Wang and H. Yu, “How to Break MD5 and Other Hash Functions,” Advances in Cryptology -- Eurocrypt''2005, LNCS, Springer-Verlag, 2005, pp. 19-35.
[51]E. Wedlund and H. Schulzrinne, “Mobility Support Using SIP,” Proceedings of the 2nd ACM International Workshop on Wireless and Mobile Multimedia, 1999, pp. 76-82.
[52]C. H. Wu, A. T. Cheng, S. T. Lee, J. M. Ho, and D T. Lee, “Bi-Directional Route Optimization in Mobile IP over Wireless LAN,” Proceedings of the 56th IEEE Vehicular Technology Conference, Vol. 2, 24-28 Sept. 2002, pp. 1168-1172.
[53]J. Zao, J. Gahm, G. Troxel, M. Condell, P. Helinek, N. Yuan, I. Castineyra, and S. Kent, “A Public-key Based Secure Mobile IP,” Wireless Networks, Vol. 5, Issue 5, Oct. 1999, pp. 373-390.
[54]J. Zhu and J. Ma, “A New Authentication Scheme with Anonymity for Wireless Environments,” IEEE Transactions on Consumer Electronics, Vol. 50, Issue 1, Feb. 2004, pp. 231-235.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊