跳到主要內容

臺灣博碩士論文加值系統

(18.97.14.81) 您好!臺灣時間:2025/01/15 03:15
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:楊富丞
研究生(外文):Fu-Chen Yang
論文名稱:行動IPv6網路路由最佳化安全性之研究
論文名稱(外文):Security of Route Optimization in Mobile IPv6 Networks
指導教授:陳彥錚陳彥錚引用關係
指導教授(外文):Yen-Cheng Chen
學位類別:碩士
校院名稱:國立暨南國際大學
系所名稱:資訊管理學系
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2009
畢業學年度:97
語文別:英文
論文頁數:58
中文關鍵詞:行動IPv6連結更新路由最佳化返回路由程序無狀態式幾何計算
外文關鍵詞:Mobile IPv6Binding UpdateRoute OptimizationReturn Routability ProcedureStatelessGeometric Computation
相關次數:
  • 被引用被引用:0
  • 點閱點閱:452
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
現今許多無線應用程式和行動通訊多是透過IP網路所提供服務,因而增加廣大的行動使用者數量,但IP位址的短缺與行動支援等問題隨之而來。因此IETF組織在IPv6網路中詳細定義行動支援的部份,稱為行動IPv6 (Mobile IPv6),它允許行動使用者在IPv6網路中隨意移動並仍保持連線。當行動使用者移動到不同的網路,它仍然可以就由原屬網路所轉送的封包來保持通訊。然而,溝通對象並未得知行動使用者的移動,故持續將封包傳送至使用者的原屬網路,再由原屬網路透過tunnel方式傳送至行動使用者目前的位址,而此非直接封包傳送方式稱為三角路由。三角路由雖可提供行動性,但卻大幅增加節點中通訊延遲,為了避免三角路由所帶來的問題,IETF組織利用連結更新訊息使得節點間能夠直接通訊,該方式稱為路由最佳化。
為了確保連結更新訊息的完整性,返回路由程序則被採用來防範連結更新過程中所可能遇到的威脅。然而,返回路由程序卻遭受許多攻擊。故在此論文中,我們介紹兩個不同的IPv6驗證環境並分別提出兩個確保連接更新訊息的機制。環境一是無基礎式架構,在該環境中並無任何信認第三方或是驗證中心,我們利用無狀態式、輕量運算與CGA等特點分別依據Diffie Hellman金鑰協議與幾何計算為基礎提出兩個協定。環境二是基礎式架構,在該環境中存有信任第三方與AAA伺服器於各網路領域中,我們依據不同的隱私需求分別提出以pairing為基礎之多PKG身分識別多簽章與加密機制來確保連結更新訊息的不可否認性與機密性。
Many wireless applications and mobile communication services are provided through IP networks. This brings the increased popularity of mobile users, but also introduces the problems of IP address shortage and demands for mobility support in IP networks. Therefore, IETF defines mobility support in IPv6, i.e. MIPv6, to allow nodes to remain reachable while moving around in the IPv6 internet. When a node moves and visits a foreign network, it is still reachable through the indirect packet forwarding from its home network. This triangular routing feature provides node mobility but increases the communication latency between nodes. In order to further eliminate triangular routing, IETF proposes a binding update (BU) scheme, which enables nodes communicate directly. This process of enabling direct packet delivering is called Route Optimization.
To protect the security of BU message, a Return Routability (RR) procedure was proposed. However, it was found that RR is vulnerable to many attacks. In this thesis, we consider two different mobile IPv6 authentication architectures and propose two securing Binding Update message schemes for each architecture. In the infrastructureless environment, neither trusted third party nor certificate authority exists. We adopt CGA (Cryptographic Generated Address) scheme to propose two solutions based on Diffie Hellman key agreement and geometric computation respectively. In the infrastructure environment, there exists a third-party trusted Certificate Authority (CA) and different AAA servers, which also behave as PKGs (private key generators), distributed in different network domains. According to distinct privacy requirements, we present two secure BU schemes, adopting ID-based multi-signature and encryption respectively across multi-PKGs.
摘要 I
Abstract II
Contents IV
Figure Contents VI
Table Contents VII
Chapter 1 Introduction 1
1.1 Background 1
1.2 Motivation and Solution 2
1.3 Thesis Organization 4
Chapter 2 Related Works 5
2.1 Mobile IPv6 5
2.1.1 Terminology 5
2.1.2 Mobility Header 6
2.1.3 Address Configuration 7
2.1.4 Basic Operation 8
2.1.5 Return Routability Procedure 10
2.1.6 Security Threats in Mobile IPv6 13
Chapter 3 The Proposed Infrastructureless Protocols 15
3.1 Preliminary and Background 15
3.1.1 Environment Description 15
3.1.2 Cryptographic Generated Address 16
3.2 Review of CAM-DH protocol 18
3.3 Proposed Scheme 1 20
3.3.1 Protocol Overview 21
3.3.2 Security Analysis 23
3.4 Proposed Scheme 2 25
3.4.1 Protocol Overview 26
3.4.2 Security and Performance Analysis 29
Chapter 4 The Proposed Infrastructure-based Protocols 32
4.1 Preliminary and Background 32
4.1.1 Environment Description 33
4.1.2 Bilinear Pairings 34
4.1.3 ID-based Cryptography 35
4.1.3.1 ID-based Encryption 36
4.1.3.2 ID-based Signature 37
4.1.3.3 ID-based Signcryption 39
4.2 Review of HCBU 40
4.3 Proposed Scheme 1 42
4.3.1 Protocol Overview 44
4.3.2 Security Analysis 46
4.4 Proposed Scheme 2 48
4.4.1 Protocol Overview 49
4.4.2 Security Analysis 50
4.4.3 Evaluation 51
Chapter 5 Conclusion and Future Work 53
5.1 Conclusion 53
5.2 Future Work 54
Reference 55
Appendix 58
1.D. Johnson, C. Perkins, J. Arkko, “Mobility Support in IPv6,” Request for comments 3775, IETF, June 2004
2.Feng Yong, Wu Zhongfu, Zhong Jiang, Ye Chunxiao, Wu Kaigui, “A Novel Authentication Mechanism Based on CGA for BU Message Disposal in Mobile IPv6,” International Conference on Networking, Architecture, and Storage
3.Fu-Chen Yang, Yen-Cheng Chen, “A stateless Return Routability Scheme in Mobile IPv6,” International Conference on E-Business and Information System Security 2009, IEEE, Wuhan, China.
4.Yen-Cheng Chen, Fu-Chen Yang, “An Efficient MIPv6 Return Routability Scheme Based on Geometric Computations,” Inter. Conf. on Computer Network and System Security, Proceedings of WASET, Vol. 39, 2009, HK
5.M. Roe, T. Aura, G.O’Shea, J. Arkko, “Authentication of Mobile IPv6 Binding Updates and Acknowledgements”, IETF internet draft, February 2002
6.Tuomas Aura, Michael Roe, “Designing the Mobile IPv6 Security Protocol,” Technical Report, April 2006.
7.T. Aura, “Cryptographically generated addresses (CGA),” Request for Comments 3972, IETF, 2005.
8.Kui Ren, Wenjing Jou, Kai Zeng, Feng Bao, Jianying Zhou, Robert H. Deng, “Routing optimization security in mobile IPv6,” Computer Network, 2006, pp: 2401-2419
9.Khaled Elgoarany, Mohamed Eltoweissy, “Security in Mobile IPv6: A survey,” Information Security Technical Report, ELSEVIER, March 2007.
10.Ruidong Li, Jie Li, Kui Wu, Yang Xiao, Jiang Xie, “An Enhanced Fast handover with Low Latency for Mobile IPv6,” IEEE Transaction on Wireless Communications, Vol. 7, No. 1, Jan 2008
11.Warodom Werapun, Apinetr Unakul, “Secure Mobile IPv6 Binding Updates with Identiy-based Signature,” international conference on Electronics Packaging, Jan 2004
12.Jung-Doo Koo, Dong-Chun Lee, “Extended Ticket-based Binding Update(ETBU) Protocol for Mobile IPv6(MIPv6) Networks,” IEICE TRANS. COMMUN., VOL.E90-B, NO. 4, APRIL 2007
13.Tzong-Chen Wu, “Remote login authentication scheme based on a geometric approach,” Computer Communications, Vol 18, No. 12. december 1995
14.Hung-Yu Chien, Jinn-Ke Jan, Yuh-Min Tseng, “A modified remote login authentication scheme based on geometric approach” The journal of Systems and Software 55, 2001 (287-290)
15.Benoit Libert, J.J. Quisquater, “A new identity based signcryption scheme from pairings”, Proceeding of the IEEE information Theory Workshop, ITW2003, Paris, France, March 31-Apri 4, 2003
16.Liqun Chen, Keith Harrison, “Multiple Trusted Authorities in Identifier Based Cryptography from Pairings on Elliptic Curves”, HP laboratories Bristol, March 19, 2003
17.Liqun Chen, Keith Harrison, David Soldera, Nigel Smart, “Application of Multiple Trusted Authorities in Pairing Based Cryptosystems”, HP Laboratories Bristol, Feb. 6, 2003
18.Yong Yu, Bo Yang, Ying Sun, Sheng-Lin Zhu, “Identity based signcryption scheme without random oracles,” Computer Standards & Interface 31 (2009) 56-62
19.Boneh, M. Franklin, “Identity-Based Encryption from the Weil Pairing,” Proceedings of Crypto 2001, volume 2139 of Lecture Notes in Computer Science, pages 213-229, Springer-Verlag, 2001.
20.Z. Jin, H. Zuo, H. Du, Q. Wen, “ An Efficient and Provably-Secure Identity-based Signcryption Scheme for Multiple PKGs,” International Conference on Computer Science and Information Technology 2008.
21.J.C. Cha and J.H. Chen, “An identity-based signature from gap Diffie-Hellman groups,” Proceeding of Practice and Theory in Public key Cryptography-PKC 2003, LNCS 2567, pp:18-30.
22.Antom Larsson, “Authentication, Authorization and Accounting within an Access Network using Mobile IPv6 and Diameter”, Master thesis, Department of Computer Science and Electrical Engineering in Lulea University of Technology, 2003
23.Mobile IP and WLAN with AAA authentication Protocol using Identity-based Crytography” 10th International Conference on Telecommunications, Volume 1, 23 Feb.-1 March 2003 Page(s):597 – 603
24.R.C. Wang, R.Y. Chen, and Han-Chieh Chao, “AAA architecture for Mobile IPv6 based on WLAN,” International Journal of Network Management, 2004, 14:305-313
25.A. Georgiades, Y. Luo and A. Lasebae, R. Comley "Binding Update Security for Mobile Ipv6 using the Distributed Authentication Protocol". WSEAS Transactions on Communications, Issue 9, volume 4, September 2005, ISSN 1109-2742.
26.Jun Jiang, Chen He, Ling-ge, Jiang, “A novel mix-based location privacy mechanism in Mobile IPv6,” Computer & Security (2005) 24, 629-641
27.Hanane Fathi, Shyam S. Chakraborty, Ramjee Prasad, “Optimization of Mobile IPv6-based Handovers to Support VoIP Service in Wireless Heterogeneous Networks,” IEEE transaction on vehicular technology, vol. 56, No.1, Jan. 2007
28.Ruidong Li, Jie Li, Kui Wu, Yang Xiao, Jiang Xie, “An Enhanced Fast Handover with Low Latency for Mobile IPv6,” IEEE transaction on vehicular technology, vol. 7, No.1, Jan. 2008
29.Yen-Wen Chen, Chih-Min Shih, “Binding Update Scheme of Mobile Networks in IPv6 environment,” Journal of Internet Technology, vol. 8, No.3 , pp:291-298, 2007
30.H.S. Yoon, R.H. Kim, S.B. Hong, H.Y. Youm, “PAK-based Binding Update Method for Mobile IPv6 route optimization,” International Conference on Hybrid Information Technology 2006 (ICHIT’06)
31.Jiann-Liang Chen, Yu-Feng Lee, and Yao-Chung Chang, “Mobile IPv6 Network: implementation and application,” International Journal of Network Management 2006;16: 29-43
32.J. Baek, J. Newmarch, R. Safavi-Naini, and W. Susilo, “A Survey of Identity-Based Crptography,” Proc. of the 10th Annual Conference for Australian Unix User¡¯s Group (AUUG 2004), pp. 95-102, 2004.
33.B. Lynn, “Authenticated Identity-Based Encryption,” Cryptology ePrint Archive, Report 2002
34.Martin Cagne, “Identity-Based Encryption: a Survey,” RSA Laboratories Cryptobytes, Volume 6,No. 1, 2003
35.ISO/IEC 14888-3 information techonology – Security technology – Digital signatures with appendix – Part 3: Discret logarithm based mechanisms.
36.J.C. Cha and J.H. Cheon, “An identity-based signature from gap Diffie-Hellman groups,” Proceeding of Practice and Theory in Public Key Cryptography – PKC 2003, LNCS 2567, pp. 18-30
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top