(3.238.186.43) 您好!臺灣時間:2021/02/25 01:48
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:廖冠捷
研究生(外文):Kuan-Chieh Liao
論文名稱:RSA自我驗證公開金鑰密碼系統設計及應用
論文名稱(外文):On Design of Self-Certified RSA Public Key Cryptosystem with Applications
指導教授:李維斌李維斌引用關係
指導教授(外文):Wei-Bin Lee
學位類別:博士
校院名稱:逢甲大學
系所名稱:資訊工程所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2007
畢業學年度:95
語文別:英文
論文頁數:86
中文關鍵詞:可逆易碎浮水印密碼學RSA自我驗證公開金鑰
外文關鍵詞:Reversible Fragile WatermarkingRSASelf-certified Public KeyCryptography
相關次數:
  • 被引用被引用:0
  • 點閱點閱:522
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:90
  • 收藏至我的研究室書目清單書目收藏:2
為了在網路上達到通訊之保密性、驗證性、完整性、或不可否認性等相關安全需求,公開金鑰密碼系統已被廣泛應用至現今的日常生活中。然而,由於公開金鑰必須被公開在網路上,因此若沒有一個有效的認證機制,將使惡意攻擊者有機會盜用他人之公開金鑰而不被察覺。為了處理公開金鑰之驗證問題,普遍的解決方法是使用金鑰憑證來確保公開金鑰之正確性。但由於使用者的公開金鑰是隨機選取之亂數,本身不具有任何意義。因此,想要在網路上進行安全通訊的所有使用者皆需保有一個龐大的目錄檔用來存放所需的金鑰資訊。
也因為這個缺點,以身份為基礎的密碼系統之概念因而被提出。其最大的特點就是公開金鑰與私密金鑰組不再是由亂數選取,而是直接以使用者的名稱做為公開金鑰。由於使用者的名稱為已知項目,因此公開金錀則不再需要以額外檔案存放。然而,以身份為基礎的密碼系統卻又面臨另一項問題,即憑證機構可以得到使用者的密秘金鑰進而假冒該使用者。
有鑑於此,1991年,學者Girault提出了自我驗證公開金鑰密碼系統的概念,雖然該方法中使用者的公開金鑰是由憑證中心產生,但卻可確保其對應的密秘金鑰就只有使用者自己知道。此外,其標榜不需配合憑證即可進行公開金鑰的驗證動作,也省去了檢驗憑證所需的儲存、通訊及計算等負擔。這些優勢亦成了它主要的貢獻。其後,植基於Girault的自我驗證公開金鑰密碼系統,許多學者亦紛紛提出了多種相關的密碼系統應用。
本論文首先將針對Ghodosi與Saeednia兩位學者所提出之不須整合者角色的群體導向自我驗驗證公開金鑰密碼系統進行探討。我們將指出該方法可能遭受到共謀攻擊之威脅。此外,亦提出一個改良的方法成功地避免了共謀攻擊。再者,這項改進方法能更進一步確認加密訊息之來源,使其功能性更加完備。
另外,由於學者Girault所提出之自我驗證系統已遭學者Seadnia指出其安全上之弱點。因此,在此論文的第二部份將提出一個自我驗證的RSA公開金鑰系統,將自我驗證系統的優勢引入目前已被廣泛使用的RSA密碼系統中。如此一來,該架構讓所有以RSA為基礎之相關密碼學應用(諸如:加解密及數位簽章等)享有自我驗證密碼系統所帶來的好處。
本論文的第三部份將提出一個視覺驗證之RSA密碼系統之新概念。在該方法中,公開金鑰的驗證過程將會產生一張可辨視的圖像,且該公開金鑰之合法性驗證亦需搭配人類視系統才能完成。因此,原本晦澀難懂的公開金鑰密碼系統在有了該視覺驗證策略的配合將可以大幅提高民眾使用上的接受程度,且亦能鼓勵民眾善用資訊科學技術為日常生活帶來更多的便利性。
最後,一個植基於視覺驗證RSA密碼系統之可逆易碎浮水印方法更進一步在此篇論文中被提出用來解決過去一些相關浮水印方法所面臨之缺點。
Nowadays Public key cryptosystem has been applied to daily life to achieve confidentiality, authentication, integrity, and non-repudiation in network communication. However, since public keys are exposed to the public, an adversary can successfully enter a corresponding fake public key without being detected if there is no effective authentication method. To deal with the public key authentication issue, a commonly used solution is that the public key held by each user must be accompanied with a certificate. However, in the certificate-based public key cryptosystems, the user’s public key is a random-like integer that is nonsense. In addition, any pair of users which want to communicate securely need to keep a large public file directory.
To overcome this drawback, the concept of the ID-based cryptosystem was introduced. Instead of generating a random pair of public and private keys, the ID-based scheme permits each user to choose his name as his public key. Thus, a large public key file is not required, because the public key is assumed to be well known. However, this approach exhibits the problem that a dishonest authority may impersonate any user, since the authority has the ability to derive users’ private keys.
For this reason, in 1991, Girault proposed the concept of the self-certified public key cryptosystem, where each user’s public key is generated by an authority, while the corresponding private key is known only to the user. In addition, the authenticity of public keys is implicitly verified without the certificate. Thus, it contributes to reduce the amount of storage, communication and computation overheads brought from the certificate authentication. Much research has been devoted to constructing various kinds cryptosystems based on Girault’s self-certified model to derive the benefits inherited from self-certified public key system.
First of all, in this dissertation Ghodosi and Saeednia’s self-certified group-oriented cryptosystem without a combiner is firstly discussed. We will show that their scheme is insecure and probably suffers from the conspired attack. To remedy the weakness, an enhanced version is proposed while providing the new functionality to confirm the source of the encrypted message.
Second, motivated by Seadnia''s comment, which Girault’s self-certified model suffers from an important shortcoming, the dissertation presents the self-certified RSA cryptosystem, so that the attraction of the self-certified key can be introduced into RSA to benefit the widespread cryptosystem. Accordingly, the proposed model can benefit all the deployed RSA based solutions, such as encryption/decryption and digital signature, to adopt the advantages of the self-certified concept.
Third, the concept of the visual-certified RSA cryptosystem is further introduced in this dissertation, in which a recognizable image is self-constructed during the public key verification procedures and the validity of the public key is verified by human visual system. Consequently, the visual-certified public key verification strategy helps people to accept the obscure public key cryptosystem and encourages people to apply the technology to enhance their daily life.
Finally, a reversible fragile watermarking scheme based on our visual-certified RSA cryptography is further proposed in this dissertation to overcome some weaknesses obtained from some previous watermarking works.
中文摘要 I
Abstract III
Table of Contents V
List of Tables VII
List of Figures VIII
Chapter 1 Introduction 1
1.1 The History of the Public Key Cryptosystems 1
1.1.1 Certificate-Based Public Key Cryptosystems 1
1.1.2 ID-Based Public Key Cryptosystems 2
1.1.3 Self-Certified Public Key Cryptosystems 3
1.2 Motivations 5
Chapter 2 Self-Certified Group-Oriented Cryptosystem without a Combiner 7
2.1 Ghodosi and Saeednia’s Self-certified Group-oriented Cryptosystem without Combiner 8
2.2 Conspired Attack of Ghodosi and Saeednia’s scheme 11
2.3 Improved Self-Certified Group-Oriented Cryptosystem without a Combiner 12
2.4 Discussion 15
Chapter 3 Self-Certified RSA Cryptosystem 18
3.1 Proposed Self-Certified RSA Cryptosystem 18
3.1.1 The Initialization Phase 18
3.1.2 Key Generation Phase 19
3.1.3 Encryption/Decryption 20
3.1.4 Digital Signature 20
3.2 Security Analysis 21
3.3 Discussion 22
Chapter 4 Visual-Certified RSA Cryptosystem 25
4.1 Visible RSA Public Keys 25
4.1.1 Laih and Chen’s Visible RSA Public Keys for PKI 26
4.1.2 The Drawbacks of Laih and Chen’s Visible RSA Public Keys 27
4.2 Proposed Visual-Certified RSA Cryptosystem 27
4.2.1 Key Generation Phase 28
4.2.2 Key Verification Phase 29
4.3 Discussions 30
4.3.1 The impact on RSA 30
4.3.2 The Superiority 32
4.4 Experiment Results 32
Chapter 5 Reversible Fragile Watermarking Scheme Based on Visual-Certified Public Key 36
5.1 Remark on Lu et al.’s Pixel-wise Fragile Watermarking Scheme 36
5.1.1 Lu et al.’s Image Authentication Scheme 37
5.1.2 Possible Attack on Lu et al.’s Scheme 40
5.1.3 Experimental Results 41
5.1.4 Discussions 44
5.2 Remark’s on Lu et al.’s Block-wise watermarking scheme 45
5.2.1 Lu et al.''s Multipurpose Image Watermarking Algorithm 46
5.2.2 Our Comments 52
5.2.3 Discussion 53
5.3 Reversible Fragile Watermarking Using the Visual-Certified Public Key 57
5.3.1 Preparation 58
5.3.2 Proposed Scheme 62
5.4 Experimental Results and Discussions 65
Chapter 6 Summary 67
References 69
[1]M. Abe and T. Okamoto, “Delegation Chains Secure up to Constant Length,” IEICE Transactions Fundamentals, Vol. E85-A, No. 1, pp. 110-116, 2002.
[2]M. U. Celik, G. Sharma, A. M. Tekalp, and E. Saber, “Reversible data hiding,” Proceedings of IEEE International Conference on Image Processing, Vol. 2, pp. 157-160, Sep. 2002.
[3]J. Camenisch and M. Michels, “Proving in zero-knowledge that a number is the product of two safe prime,” Proceedings of EUROCRYPT’99, Springer – Verlag, Vol. 1592, pp. 107-122, 1999.
[4]Y. F. Chang, C. C. Chang, and H. F. Huang, “Digital signature with message recovery using self-certified public keys without trustworthy system authority,” Applied Mathematics and Computation, Vol. 161, No. 1, pp. 211-227, 2005.
[5]Y. S. Chang, T. C. Wu, and S. C. Huang, “ElGamal-like digital signature and multisignature schemes using self-certified public keys,” Journal of Systems and Software, Vol. 50, No. 2, pp. 99-105, 2006.
[6]C. De Vleeschouwer, J. F. Delaigle, and B. Macq, “Circular interpretation on histogram for reversible watermarking,” Proceedings of IEEE Workshop on Multimedia Signal Processing, Cannes, France, pp. 345-350, 2001.
[7]N. Freed and N. Borenstein, “Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies,” RFC 2045, November 1996.
[8]J. Fridrich, M. Goljan, and R. Du, “Invertible authentication,” Proceedings of SPIE Security Watermarking Multimedia Contents, San Jose, CA, pp. 197-208, Jan. 2001.
[9]H. Ghodosi and S. Saeednia, “Modification to Self-certified Group-oriented Cryptosystem without Combiner,” IEE Electronics Letters, Vol. 37, No. 2, pp. 1453-1454, 2001.
[10]M. Girault, “Self-Certified Public Keys,” Eurocrypt ''91, Lecture Notes in Computer Science, Vol. 547, Springer, Berlin, 1991, pp. 490-497.
[11]M. Holliman and N. Memon, “Counterfeiting Attacks on Oblivious Block-wise Independent Invisible Watermarking Schemes,” IEEE Transactions on Image Processing, Vol. 9, pp. 432-441, 2000.
[12]C. W. Honsinger, P. Jones, M. Rabbani, and J. C. Stoffel, “Losseless Recovery of an Original Image Containing Embedded Data,” U.S. Patent 6278791 B1, Aug. 21, 2001.
[13]C. L. Hsu and T. S. Wu, “Efficient proxy signature schemes using self-certified public keys,” Applied Mathematics and Computation, Vol. 152, No. 3, pp. 807-820, 2004.
[14]C. L. Hsu and T. S. Wu, “Self-certified threshold proxy signature schemes with message recovery, nonrepudiation, and traceability,” Applied Mathematics and Computation, Vol. 164, No. 1, pp. 201-225, 2005.
[15]H. C. Huang, F. H. Wang, and J. S. Pan, “A VQ-Based Robust Multi-Watermarking Algorithm,” IEICE Transactions on Fundamentals, Vol. E85-A, No. 7, pp. 1719-1726, 2003.
[16]S. J. Hwang, and Y. H. Lee, “Repairing ElGamal-like multi-signature schemes using self-certified public keys,” Applied Mathematics and Computation, Vol. 156, No. 1, pp. 73-83, 2004.
[17]H. Imai, “Current trends of cryptology in Japan,” Proceedings of the 2nd international workshop for Asian public key infrastructure, National Taiwan University, Taipei, pp. 89, 2002.
[18]D. E. Knuth, The Art of Computer Programming: Volume 2 Seminumerical Algorithms, 2nd edition, Addison-Wesley, Chapter 4.5.2, Theorem D, pp. 324.
[19]C. S. Laih and K. Y. Chen, “Generating visible RSA public keys for PKI,” International Journal of Information Security, Vol. 4, No. 2, pp. 103-109, 2004.
[20]A. K. Lenstra, “Generating RSA moduli with a predetermined portion,” Proceedings of ASIACRYPT’98, Lecture notes in computer science, Vol. 1514, Springer, Berlin Heidelberg New York, pp 10-16, 1996.
[21]A. K. Lenstra, “Unbelievable security. Matching AES security using public key systems, “Proceedings of ASIACRYPT 2001, Lecture notes in computer science, Vol. 2248, Springer, Berlin Heidelberg New York, pp. 66-86, 2001.
[22]A. K. Lenstra, E. R. Verheul, “Selecting cryptographic key sizes,” Journal of Cryptology: The Journal of the International Association for Cryptologic Research, Vol. 14, pp. 255–293, 2001.
[23]H. Lu, R. Shen and F. L. Chung, “Fragile watermarking scheme for image authentication,” IEE Electronics Letters, Vol. 39, pp. 898-900, 2003.
[24]Z. M. Lu, D. G. Xu, and S. H. Sun, “Multipurpose Image Watermarking Algorithm Based on Multistage Vector Quantization,” IEEE Transactions on Image Processing, Vol. 14, No. 6, pp. 822-831, 2005.
[25]B. Macq and F. Deweyand, “Trusted headers for medical images,” DFG VII-D II Watermarking Workshop, Erlangen, Germany, Oct. 1999.
[26]A. Menezes, P. van Oorschot and S. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996, pp. 566.
[27]National Institute of Standards and Technology. http://csrc.nist.gov/encryption/aes.
[28]A. N. Netravali, B. G. Haskell, Digital pictures: representation, compression, and standards 2nd ed. Plenum Press, New York, 1995.
[29]Z. Ni, Y. Q. Shi, N. Ansari and W. Su, “Reversible Data Hiding,” IEEE Transactions on Circuits and System for Video Technology, Vol. 16, No. 3, pp. 354-362, 2006.
[30]Public-Key Infrastructure (X.509), http://www.ietf.org/html.charters/pkixcharter.html.
[31]RSA Laboratories, “Fast Variants of RSA,” Cryptobytes, Vol. 5, No. 1, pp. 1-9, 2002.
[32]S. Pohlig, and M. Hellman, “An improved algorithm for computing logarithms over GF(p) and its cryptographic significance,” IEEE Transactions on Information Theory, Vol. 24, pp. 106-110, 1978.
[33]S. Saeednia and H. Ghodosi, “A Self-Certified Group-Oriented Cryptosystem without a Combiner,” ACISP 99, Lecture Notes in Computer Science, Vol. 1587, pp. 192-201, 1999.
[34]S. Saeednia, “Improvement of Gunther’s identity-based key exchange protocol,” IEE Electronics Letters, Vol. 36, No. 18, pp. 1535-1536, 2000.
[35]S. Saeednia, “An identity-based society oriented signature scheme with anonymous signers,” Information Processing Letters, Vol. 83, No. 6, pp. 295-299, 2002.
[36]S. Saeednia, “A note on Girault’s self-certified model,” Information Processing Letters, Vol. 86, No. 6, pp. 323-327, 2003.
[37]A. Shamir, “Identity-based cryptosystem and signature schemes,” CRYPTO’84, Lecture Notes in Computer Science, Vol. 196, Springer, Berlin, 1984, pp. 47-53.
[38]A. Shamir, “RSA for Paranoids,” RSA Laboratories CryptoBytes, Vol. 1, No. 3, pp. 1-13, 1995.
[39]Z. Shao, “Improvement of digital signature with message recovery using self-certified public keys and its variants,” Applied Mathematics and Computation, Vol. 159, No. 2, pp. 391-399, 2004.
[40]Z. Shao, “Cryptographic systems using a self-certified public key based on discrete logarithms,” IEE Proceedings on Computers and Digital Techniques, Vol. 148, No. 6, pp. 233-237, 2001.
[41]W. Susilo and R. Safavi-Naini, “Remark on Self-Certified Group-Oriented Cryptosystem without Combiner,” IEE Electronics Letters, Vol. 35, No. 18, pp. 1539-1540, 1999.
[42]Y. W. Tsai and T. Hwang, “ID-based public key cryptosystems based on Okamoto and Tanaka’s ID-based one Way communication scheme,” IEE Electronics Letters, Vol. 26, No. 10, pp. 666-668, 1990.
[43]Y. M. Tseng and J. K. Jan, “ID-based cryptographic schemes using a non-interactive public-key distribution system,” Proceedings of the 14th Annual Computer Security Applications Conference, Phoenix, Arizona, Dec. 1998, PP.237-243.
[44]Y. M. Tseng, J. K. Jan, and H. Y. Chien, “Digital signature with message recovery using self-certified public keys and its variants,” Applied Mathematics and Computation, Vol. 136, No. 2-3, pp. 203-214, 2003.
[45]S. Tsujii, J. Chao and K. Araki, “A simple ID-based scheme for key sharing,” IEEE Journal on Selected Areas in Communications, Vol. 11, No. 5, 730-734, 1993.
[46]C. H. Wang and T. Hwang, “(t,m) Threshold and generalized ID-based conference key distribution system,” Applied Mathematics and Computation, Vol. 112, No. 2-3, pp. 181-191, 2000.
[47]P. W. Wong, “A watermark for image integrity and ownership verification,” IS&T’s 1998 Image Processing, Image Quality, Image Capture, Systems Conference, Portland, Oregon, pp. 374-379, 1998.
[48]P. W. Wong and N. Memon, “Secret and Public Key Image Watermarking Schemes for Image Authentication and Ownership Verification,” IEEE Transactions on Image Processing, Vol. 10, pp. 1593-1601, 2002.
[49]T. S. Wu and C. L. Hsu, “Threshold signature scheme using self-certified public keys,” The Journal of Systems and Software, Vol. 67, No. 2, pp. 89-97, 2003.
[50]T. C. Wu, Y. S. Chang, and T. Y. Lin, “Improvement of Saeednia’s self-certified key exchange protocols,” IEE Electronics Letter, Vol. 34, No. 11, pp. 1094-1095, 1998.
[51]T. S. Wu and C. L. Hsu, “ID-based multisignatures with distinguished signing authorities for sequential and broadcasting architectures,” Applied Mathematics and Computation, Vol. 131, No. 2-3, pp. 349-356, 2002.
[52]S. Xia, and J. You, “A group signature scheme with strong separability,” The Journal of System and Software, Vol. 60, No. 3, pp. 177-182, 2002.
[53]G. Xuan, J. Zhu, J. Chen, Y. Q. Shi, Z. Ni, and W. Su, “Distortionless data hiding based on integer wavelet transform,” IEE Electronics Letters, Vol. 38, No. 25, pp. 1646-1648, Dec. 2002.
[54]X. Yi, C. H. Tan, C. K. Siew and M. R. Syed, “ID-Based Key Agreement for Multimedia Encryption,” IEEE Transactions on Consumer Electronics, Vol. 48, No. 2, pp. 298-303, 2002.
[55]A. Young, and M. Yung, “The dark side of “Black-Bos” cryptography, or: should we trust Capstone?” Crypto’96 Lecture Notes in Computer Science, Vol. 1109. Springer-Verlag, Berlin Heidelberg New York, 1996, pp. 89-103.
[56]P. Zimmerman, PGP Source Code and Internals, MIT Press 1995.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
1. 朱松柏、蔡文熙,1990,<三個分裂國家的統一智庫>,《中國論壇》31:2=362,頁81-96
2. 朱松柏,2002,<現階段南北韓統一政策之比較>,《問題與研究》,第41卷,第5期,9-10月,頁1-12
3. 任孝琦,1993,<難彈同調-陸委會 VS.海基會>,《遠見雜誌》,第85期
4. 李毓峰,2012,<論「兩岸治理」機制之建構:結構、路徑和制度化>,全球政治評論,第38期,頁85-108。
5. 初國華,2012,<美國的中國觀點及其對台政策:從柯林頓、小布希到歐巴馬>,《育達科大學報》,第 33 期,民國 101 年 12 月,第 65-84頁
6. 林正義,2009,<臺灣防衛性公投與美國對臺政策調整>,《歐美研究》,第39卷第二期,頁333-388
7. 高朗,2004,<後冷戰時期中共外交政策之變與不變>,《政治科學論叢》,第21期,頁19-48
8. 袁鶴齡,2009,<兩岸協商談判之回顧與展望>,研習論壇月刊,98:3-14。
9. 陳延輝,2006,<德國人國家認同的建構>,《臺灣國際研究季刊》,第2卷第3期,頁91-118
10. 陳德昇,2015,<中國大陸經濟發展與挑戰>,《展望與探索》,第13卷第三期,頁1-5
11. 翁明賢,2009,<對歐巴馬兩岸政策的反思-臺灣觀點>,《臺灣國際研究季刊》,第五卷,第1期,頁1-20
12. 許光泰,2005,<從法律層面評中國『反分裂國家法』>,《展望與探索》,第3卷第四期,頁10-14
13. 童振源,2003,<中共「十六大」後對臺政策分析>,《中國大陸研究》,第46卷第2期,頁41-56
14. 葉陽明,2006,<西德因應德國分裂時期(1949-1990)之憲政安排>,《國際關係學報》,第22期,頁11-44
15. 葉陽明,1996,<德國聯合政府之研究>,第41卷,《問題與研究》,第35卷第1期,1月,頁30-55
 
系統版面圖檔 系統版面圖檔