跳到主要內容

臺灣博碩士論文加值系統

(98.82.140.17) 您好!臺灣時間:2024/09/12 21:55
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:翁博亭
研究生(外文):Bo-Ting Wong
論文名稱:基植於NFC手機之匿名租車系統
論文名稱(外文):An NFC-based Anonymous Car Rental System
指導教授:楊明豪楊明豪引用關係
指導教授(外文):Ming-Hour Yang
學位類別:碩士
校院名稱:中原大學
系所名稱:資訊工程研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2012
畢業學年度:100
語文別:中文
論文頁數:40
中文關鍵詞:匿名租車系統NFCID-based密碼系統雙線性配對
外文關鍵詞:NFCID-based cryptographyanonymous car rentalbilinear pairing
相關次數:
  • 被引用被引用:0
  • 點閱點閱:414
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
電子化租賃服務,如線上音樂、影片租賃服務、電子書借閱、雜誌訂閱等,已廣泛的被人們所使用。大部分的電子化租賃服務,皆要求使用者在租賃時提供真實個人資料,若服務供應商(Service providers)在未獲得使用者的授權下,分析使用者的租借紀錄(Rental records),則可能曝露許多敏感的個人資訊,危害使用者之權益。因此,個人隱私問題實為電子化租賃服務之一大課題。
本論文提出一個匿名之電子化租賃服務協定,並以租車系統為例,具有以下五個特點:(1)匿名性(Anonymity)︰使用者僅需向一公正的第三者(Trusted third party, TTP)揭露個人資訊。於租車過程中,不需向租車公司透露真實身份。(2)不可連結性(Unlinkability)︰租車公司無法從多次租車紀錄分析並連結至使用者身份。(3)可追蹤性(Traceability)︰當有消費紛爭或車輛發生問題時,租車公司可請求TTP揭露使用者身份。(4)靈活性(Flexibility)︰使用者可任意選擇租車公司租賃車輛。(5)匿名付款(Anonymous payment)︰租車公司透過TTP向銀行請款,可避免因信用卡資訊洩露使用者身份。
本論文之匿名租車系統,利用基於橢圓曲線上雙線性配對(Bilinear pairings)個人身份為基礎(ID-based)之密碼系統,並加入TTP及NFC手機中的安全元件(Secure element, SE)結合發展出一個具備認證(Authentication)、授權(Authorization)及稽核(Audit)的租賃及付款系統。
經安全性分析證明,本匿名租車系統可達到匿名性、機密性、向前安全性、向後安全性及撤銷匿名等安全目的,以及防止重送攻擊和中間人攻擊。
Online rental services, such as music stores, DVD rentals, magazine subscriptions, have been quite popular in our daily life. However, most of them require customers to provide personal information. The service providers may collect users’ consumption habits from rental records. Such analysis is carried out mostly without users’ permission and has consequently caused privacy breaches in e-rental services.
In this paper, we propose a protocol for anonymous e-rental services, particularly vehicle rentals. Our contributions include: (1) Anonymity. Users provide their personal information to a trusted third party (TTP) only. They do not even need to reveal their real identity to a rental company. (2) Unlinkability. Car rental companies are unable to establish any link between users’ rental records and users’ identity simply by analyzing the rental records. (3) Traceability. If there are consumer disputes or accidents, the rental company can request that TTP reveal users’ identity. (4) Flexibility. Users are free to choose their preferred vehicles from any allied companies. (5) Anonymous payment. Car rental companies have to claim payments through a TTP, which prevents privacy breaches in credit card payments.
Our proposed protocol use identity-based certificateless signature scheme with bilinear pairings. We then implement the scheme into near field communication (NFC) phones’ secure elements (SE). The improved SE will be of higher efficiency in authentication, authorization and auditing in car rental services.
Our security analysis also proves that our system is able to guarantee anonymity, confidentiality, forward secrecy, backward secrecy, and anonymity revocation. It can also resist replay attacks and man-in-the-middle (MITM) attacks.
目錄
中文摘要 I
Abstract II
誌謝 III
目錄 IV
圖目錄 V
表目錄 VI
一、緒論 1
二、文獻探討 4
2.1 Zipcar與Car2go 4
2.1.1 Zipcar 4
2.1.2 Car2go 4
2.2 近距離無線通訊技術 4
2.2.1 NFC應用模式 5
2.2.2 NFC手機 5
2.3 雙線性配對 6
2.4 基於雙線性配對的ID-based密碼系統之應用 6
2.5 保護個人隱私相關文獻 7
三、匿名租車系統 9
3.1 名詞定義 10
3.2 初始狀態 11
3.2.1 系統初始 11
3.2.2 Function 12
3.3 匿名租車系統 14
3.3.1 匿名授權簽發階段 14
3.3.2 車輛授權票券簽發階段 16
3.3.3 車輛授權認證階段 17
3.3.4 控制階段 18
3.3.5 控制階段之還車命令 19
3.3.6 追蹤階段 20
四、安全性分析 22
五、證明 24
六、結論 32
七、參考文獻 33

圖目錄
圖1 NFC手機架構 5
圖2 匿名租車系統架構 9
圖3 匿名租車系統環境架構 10
圖4 匿名授權簽發示意圖 14
圖5 匿名授權簽發協定 15
圖6 車輛授權票券簽發示意圖 16
圖7 車輛授權票券簽發協定 17
圖8 車輛授權認證示意圖 17
圖9 車輛授權認證協定 18
圖10 控制示意圖 18
圖11 控制協定 19
圖12 還車示意圖 19
圖13 還車協定 20
圖14 追蹤示意圖 20

表目錄
表1 名詞定義表 10
表2 使用者授權表(AuthList) 12
表3 租賃表(RentList) 12
表4 車輛授權表(CarList) 12
表5 各個角色之公開和私密資訊列表 12
表6 各個角色擁有的函式列表 13
表7 邏輯證明的符號定義表 24
參考文獻
[1]Zipcar,http://www.zipcar.com/ (retrieved date: July 16 2012).
[2]Car2go,http://www.car2go.com/ (retrieved date: July 16 2012).
[3]D. Slamanig, S. Rass,“Anonymous but transactions supporting selective traceability,” 5th International Conference on Security and Cryptography–SECRYPT 2010,pp.132–141,2010.
[4]S. Wang, Z. Chen, X. Wang,“A new certificateless electronic cash scheme with multiple banks based on group signatures,” IEEE International Symposium on Electronic Commerce and Security,2008.
[5]Y. Chen, J.S. Chou, H.M. Sun, M.H. Cho,“A novel electronic cash system with trustee-based anonymity revocation from pairing,” Electronic Commerce Research and Applications,Jun. 2010.
[6]D. Meffert,“Bilinear Pairings in Cryptography,” in Master thesis, Radboud Universiteit Nijmegen,2009.
[7]A. Shamir,“Identity-based cryptosystems and signature schemes,” Advances in Cryptology–Crypto’84, Lecture Notes in Computer Science,Vol. 196,Springer-Verlag,pp.47–53,1984.
[8]J. Jonsson, B. Kaliski,“Public-key cryptography standards (PKCS) #1: RSA cryptography specifications version 2.1,” RFC 3447 (Informational),Internet Engineering Task Force,Feb. 2003.
[9]N. Koblitz,“Elliptic Curve Cryptosystems,” Math. Computation,Vol. 48,pp.203–209,1987.
[10]V. Miller,“Use of Elliptic Curves in Cryptography,” Advances in Cryptology–Crypto ’85,pp.417–426,1986.
[11]D. Jao,“Elliptic Curve Cryptography,” presented at Handbook of Information and Communication Security,pp.35–57,2010.
[12]K. Lauter,“The advantages of elliptic curve cryptography for wireless security,” IEEE Wireless Communications,pp.62–67,2004.
[13]A. Menezes, T. Okamoto, S. Vanston,“Reducing elliptic curve logarithms to logarithms in a finite field,” IEEE Transactions on Information Theory,pp.1639–1646,1993.
[14]D. Boneh, M. Franklin,“Identity-based Encryption from the Weil pairing,” SIAM Journal of Computing,Vol. 2139,pp.586–615,2003.
[15]International Organization for Standardization.ISO/IEC 18092-4.Information technology–Telecommunications and information exchange between systems–Near Field Communication–Interface and Protocol(NFCIP-1),2007.
[16]R. Dutta, R. Barua, P. Sarkar,“Pairing-based cryptographic protocols : A Survey,” Cryptology ePrint Archive, Report 2004/064.
[17]J. Zhang, Z. Wu, Y. Li,“An improved identity-based authenticated key agreement protocol using pairings,” International Conference on Computer Science and Network Technology,2011.
[18]G. Van Damme, K. Wouters, H. Karahan, B. Preneel,“Offline NFC payments with electronic vounchers,” ACM Workshop on Networking, Systems,and Applications on Mobile Handhelds–MobiHeld 2009,pp.25–30,2009.
[19]L. Gong, R. Needham, R. Yahalom,“Reasoning about Belief in Cryptographic Protocols,” IEEE Computer Society Symposium on Research in Security and Privacy,pp.234–248,1990.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top