跳到主要內容

臺灣博碩士論文加值系統

(18.204.48.69) 您好!臺灣時間:2021/07/27 23:23
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:黃煒傑
研究生(外文):Wei-Chieh, Huang
論文名稱:應用於群播系統之具時限性階層式存取控制和金鑰管理機制
論文名稱(外文):A Time-Bound Hierarchical Access Control and Key Management Scheme for Multicast Systems
指導教授:沈榮麟沈榮麟引用關係劉萬榮
指導教授(外文):Rung-Lin, ShenWan-Rung, Liou
口試委員:賴飛羆陳澤雄鐘玉芳
口試委員(外文):Feipei, LaiTzer-Shyong, ChenYu-Fang Chung
口試日期:2012-07-30
學位類別:碩士
校院名稱:國立臺北大學
系所名稱:電機工程研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2012
畢業學年度:100
語文別:英文
論文頁數:63
中文關鍵詞:橢圓曲線密碼系統雙線性配對單向雜湊函數時限性階層式金鑰管理機制存取控制群播系統
外文關鍵詞:Time-bound hierarchical key management schemeOne-way hash functionBilinear pairingElliptic curve cryptosystemAccess controlMulticast system
相關次數:
  • 被引用被引用:0
  • 點閱點閱:184
  • 評分評分:
  • 下載下載:3
  • 收藏至我的研究室書目清單書目收藏:0
本論文是運用橢圓曲線乘法運算、雙線性配對中的ID-Based特性、單向雜湊函數以及時間存取控制為群播系統建構一個具有時限性的階層式存取控制與金鑰管理機制。中央權限中心會分配給每個安全層級(SC)一把群鑰,SC內成員須透過時限性金鑰獲得群鑰方能解密獲得群播資料以及利用本身群鑰獲得下層層級的群鑰進而解密獲得下層的群播資料。在動態存取控制方面,本論文提出幾個常見的動態存取型態作探討:為加入新進成員、成員離開、成員的時限性金鑰改變、增加安全層級、刪除安全層級、層級群鑰的改變、新增SC之間的關聯性和刪除SC之間的關聯性。最後在安全性和效能分析部分將常見的惡意攻擊做分析,經由分析的結果證明能有效阻擋惡意攻擊且在效能方面能有效降低運算量和運算時間。因此本文所提出的機制為一個具有安全性的群播系統。
This thesis adopts elliptic curve multiplication operation, ID-based character in bilinear pairing, one-way hash function and time access control to construct a time-bound hierarchical access control and key management scheme for multicast systems. In this scheme, central authority (hereafter called CA) distributes a group key for every security class (SC) and a time-bound secret key for each member of security class. With its time-bounded secret key, each member in SC can obtain group key to decrypt the message and thereof utilize the group key to attain the successors’ group keys so as to decrypt their data. Considering many common ways of dynamic access control, namely, a new member joining in the security class, an existing member departing from security class, replacing time-bounded key, increasing security class, decreasing security class, replacing group key, adding relationship and deleting relationship among SCs, all of them are explicitly discussed in this thesis. In view of the security and performance analyses under many typical attacks, we thereby prove our proposed method can prevent malicious attacks effectively with less computation time and more reasonable complexity. In conclusion, the proposed scheme offers a secure hierarchical access control multicast system.
Chapter 1 Introduction 1
1.1 Background 1
1.2 Motivation and Purposes 2
1.3 Thesis Organization 2

Chapter 2 Literature Review 4
2.1 Multicast System 4
2.2 One-Way Hash Function 7
2.3 Elliptic Curve Cryptosystem 8
2.4 Bilinear Pairing 10
2.5 Time-Bound Hierarchical Key Management Scheme 11

Chapter 3 The Proposed Scheme 15
3.1 Key Generation Phases 20
3.2 Key Derivation Phases 23
3.3 Example 24

Chapter 4 The Dynamic Access control 27
4.1 The Dynamic Access Control of SC Members 28
4.1.1 Adding a New Member to SC 28
4.1.2 An Existing Member Departs from SC 31
4.1.3 Replacing a Time-bound Secret Key 33
4.2 The Dynamic Access Control of SC 37
4.2.1 Adding a New Security Class 38
4.2.2 Deleting an Existing Security Class 40
4.2.3 Replacing a Group Key 42
4.2.4 Creating a New Relationship 46
4.2.5 Deleting an Old Relationship 48

Chapter 5 Security and Performance Analysis 50
5.1 Security Analysis 50
5.1.1 Member's Time-Bound Secret Key Attack 50
5.1.1.1 Exterior Attack 50
5.1.2 Group Key Attack 51
5.1.2.1 Exterior Attack 51
5.1.2.2 Collusion Attack 51
5.1.2.3 Contrary Attack 52
5.1.2.4 Sibling Attack 52
5.2 Performance Analysis 53

Chapter 6 Conclusions and Future Work 58

References 60


[1]S. Acharya, R. Alonso, M. Franklin, and Stanley B. Zdonik, "Broadcast disks: data management for asymmetric communication environments, '' Proceeding of ACM SIGMOD, p.p. 199-210, March 1995.
[2]S. G. Akl and P. D. Taylor, "Cryptographic solution to a problem of access control in a hierarchy," ACM Transactions on Computer Systems, vol. 1, no. 3 pp. 239-248, 1983.
[3]F. Bao, R. Deng and H. Zhu, "Variations of Diffie-Hellman Problem," In Proceedings of ICICS 2003, Springer-Verlag LNCS, vol. 2836, pp. 301-312, 2003.
[4]D. Boneh and M. Franklin, "Identity-based encryption from Weil Pairing," Advances in Cryptology-proceedings of CRYPTO 2001, Springer-Verlag LNCS 2139, pp.213-229, 2001.
[5]M. Castro, P. Druschel, A. Kermarrec, and A. Nandi, "SplitStream: high-bandwidth multicast in cooperative environments," ACM SIGOPS Operating Systems Review, vol. 37, pp.298-313, 2003.
[6]J. C. Cha and J. H. Chen, "An identity-based signature from gap Diffie-Hellman groups," Proceeding of Practice and Theory in Public key Cryptography-PKC, LNCS 2567, pp. 18-30, 2003.
[7]C. C. Chang, R. J. Hwang, and T. C. Wu, "Cryptographic key assignment scheme for access control in a hierarchy," Information Systems, vol. 17, no. 3, 1992, pp. 243-247. (SCI, EI)
[8]H. Y. Chen, "Efficient time bound hierarchical key assignment scheme," IEEE Transaction on Knowledge and Data Engineering, vol. 16, no. 10, pp. 1302-1304, Oct 2004.
[9]Y. F. Chung, H. H. Lee, F. Lai, and T. S. Chen, "Access control in user hierarchy based on elliptic curve cryptosystem," Information Science, vol. 178, no. 1, pp. 230-243, 2008.
[10]R. Dutta, R. Barua, and P. Sarkar, "Pairing-based cryptographic protocols: a survey," Cryptology ePrint Archive, Report 2004/064, http://eprint.iacr.org/2004/064.
[11]T. ElGamal. "A public key cryptosystem and a signature scheme based on discrete logarithms," IEEE Transactions on Information Theory, vol. 31, pp. 469-472, 1985.
[12]FIPS Publication 198, The keyed-hash message authentication code (HMAC), http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf, 2008.
[13]M. S. Hwang and I. C. Lin, Introduction to Information and Network Security, McGraw-Hill International Enterprises, second edition, Mar. 2008.
[14]T. Icart, "How to hash into elliptic curves," Proc. Crypto'2009, Lect. Notes in Computer Science, Springer-Verlag, vol. 5677, pp. 303-316, 2009.
[15]F. G. Jeng and C. M. Wang, "An efficient key-management scheme for hierarchical access control based on elliptic curve cryptosystem," The Journal of Systems and Software, vol.79, pp. 1161-1167, 2006.
[16]N. Koblitz, "Elliptic curve cryptosystems," Mathematics of Computation, vol. 48, pp. 203-209, 1987.
[17]L. H. Lehman, S. J. Garland, and D. L. Tennenhouse, "Active reliable multicast," IEEE INFOCOM ’98, San Francisco, USA, vol.2 , pp. 581-589, Apr. 1998.
[18]Y. L. Lin and C. L. Hsu, "Secure key management scheme for dynamic hierarchical access control based on ECC," The Journal of Systems and Software, vol. 84, pp. 679-685, 2011.
[19]H. Lu, "A novel high-order tree for secure multicast key management," IEEE Transaction on Computers, vol. 54, no. 2, pp. 214-224, 2005.
[20]M. Nikooghadam, A. Zakerolhosseini, and M. E. Moghaddam, "Efficient utilization of elliptic curve cryptosystem for hierarchical access control," The Journal of Systems and Software, 83, pp. 1917-1929, 2010.
[21]A. Perrig, R. Canetti, D. Song, and J. D. Tygar, "Efficient and secure source authentication for multicast," In Proceedings of the Symposium on Network and Distributed Systems Security (NDSS 2001), pp. 35-46, 2001.
[22]R. L. Rivest, A. Shamir, and L. M. Adleman, "A method for obtaining digital signatures and public key cryptosystems," Communications of the ACM, vol. 21, no. 2, pp. 120-126, 1978.
[23]A. D. Santis, A. L. Ferrara, and B. Masucci, "Enforcing the security of a time-bound hierarchical key assignment scheme," Information science, vol. 176, pp. 1684-1694, 2006.
[24]A. Shamir, "Identity-based cryptosystems and signature scheme," Advances in Cryptology-Proceedings of CRYPTO 84, Springer-Verlag LNCS, vol. 196, pp. 47-53, 1985.
[25]N. Shang, and S. Wagstaff Jr., "An efficient time-bound hierarchical key management scheme for secure Broadcasting," IEEE Transactions on Dependable and Secure Computing, vol. 5, no. 2, Apr.-Jun. 2008.
[26]V. R. L. Shen and T. S. Chen, "A novel key management scheme based on discrete logarithms and polynomial interpolations," Computers and Security, vol. 2, no. 2, pp. 164-171, 2002.
[27]I. Stoica, R. Morris, L. Nowell, R. Karger, M. Kaashoek, F. Dabek, and H. Balakrishnan, "Chord: A scalable peer-to-peer lookup protocol for internet applications," IEEE/ACM Transactions on Networking, vol. 11, 2003.
[28]S. Wu and K. Chen, "An efficient key-management scheme for hierarchical access control in e-medicine system," The Journal of Medical System, Springer Science+Business Media, LLC 2011.
[29]C. Yang and C. Li "Access control in a hierarchy using one-way hash functions," Computers and Security, vol. 23, pp. 659-664, 2004.
[30]X. Yi, "Security of Chen’s efficient time-bound hierarchical key assignment scheme," IEEE Transactions on Knowledge and Data Engineering, vol. 17, no. 9, pp.1298-1299, Sept. 2005.

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊