(3.237.20.246) 您好!臺灣時間:2021/04/15 10:59
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:陳韋邑
研究生(外文):Wei-Yi Chen
論文名稱:針對電子商務應用的一些認證之研究
論文名稱(外文):Authentication Protocols for Some E-commerce Applications
指導教授:張真誠張真誠引用關係
指導教授(外文):Chin-Chen Chang
口試委員:林智揚張雅芬林家禎
口試委員(外文):Chih-Yang LLinYa-Fen ChangChia-Chen Lin
口試日期:2013-06-27
學位類別:碩士
校院名稱:國立中正大學
系所名稱:資訊工程研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2013
畢業學年度:101
語文別:英文
論文頁數:56
中文關鍵詞:無線電射頻辨識驗證電子現金系統秘密分享橢圓曲線密碼學
外文關鍵詞:RFIDAuthenticationE-cash systemsecret sharingECC
相關次數:
  • 被引用被引用:0
  • 點閱點閱:516
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:138
  • 收藏至我的研究室書目清單書目收藏:1
在現在的社會中,網際網路與電子化的發明,使得電子商務越來越受到歡迎。進行交易的方式已經越來越方便,而無線電射頻辨識與電子現金在電子商務應用中扮演了重要的角色。然而,電子資料在傳輸過程中容易被攔截以及竄改。因此,為了安全的傳輸資料,制訂一套安全的協定或系統是非常的重要的。
本篇論文中,我們提出一個有關於無線電射頻辨識安全驗證的研究和一個安全電子現金系統的研究。在第一個研究中,我們指出現行無線電射頻辨識安全驗證方法中的弱點,提出一個符合EPC Class 1 Generation 2 這個標準的驗證協定。而此驗證協定不只可以抵抗存在於無線電射頻辨識系統的安全威脅,更可以應用在任何的無線電射頻辨識的系統中。另外,在第二個研究中,我們利用了祕密分享跟橢圓曲線密碼學提出一個在雲端環境中的電子現金系統,根據分析的結果顯示。跟許多已存在的研究相比,我們的系統具備了低成本以及安全性。

With the development of the Internet and technology in today society, e-commerce has become increasingly popular. The ways for carrying out transactions have become more and more convenient as well. Radio-frequency identification (RFID) and e-cash play important roles of e-commerce. However, sharing electronic data during transmissions makes it easy for malicious attackers to eavesdrop on, tamper with, or duplicate the information shared. Hence, creating a secure protocol or system is critical.
In this thesis, we propose research to study RFID secure authentication and an e-cash system. In the first study, we point out the weaknesses of recent works and propose an improved RFID authentication protocol that conforms to the Electronic Product Code (EPC) Class 1 Generation 2 standard. Our protocol is not only able to defend against various security threats existing in RFID systems, but is also suitable for any RFID systems. In the second study we propose a new, secure e-cash payment system using elliptic curve cryptosystem (ECC) and secret sharing combined with cloud computing in the second study. According to the results of our analysis, our system requires a lower cost than previous systems while achieving the secure requirements.

Acknowledgement I
中文摘要 II
Abstract III
List of Figures VII
List of Tables VIII
Chapter 1 Introduction 1
1.1 Motivation 1
1.2 Organization 2
Chapter 2 A Secure RFID Mutual Authentication Protocol Conforming to EPC Class 1 Generation 2 Standard 3
2.1 Preamble 3
2.2 Related works 5
2.2.1 EPC Class 1 Generation 2 standard 5
2.2.2 RFID system security 6
2.3 Review of Cho et al.’s protocol 7
2.3.1 Initialization phase 7
2.3.2 j-th authentication phase 8
2.4 Analyses of Cho et al.’s protocol 10
2.4.1 Dos attack 10
2.4.2 Efficiency of authentication procedure 11
2.4.3 Replay attack 12
2.4.4 Concern of privacy and data integrity 13
2.5 Proposed protocol 13
2.5.1 Initialization phase 14
2.5.2 j-th authentication phase 14
2.6 Analyses 16
2.6.1 Security considerations 16
2.6.2 Comparisons 20
Chapter 3 A Highly Efficient and Secure Electronic Cash System Based on Secure Sharing in Cloud Environment 23
3.1 Preamble 23
3.2 Preliminaries 25
3.2.1 Cloud computing 25
3.2.2 Secret sharing 27
3.2.3 Elliptic curve cryptosystem 28
3.3 Proposed scheme 30
3.3.1 Registration phase 30
3.3.2 Withdrawal phase 32
3.3.3 Payment phase 34
3.4 Analyses 35
3.4.1 Requirement analysis 35
3.4.2 Comparisons 37
Chapter 4 Conclusions 40
Bibliography 41

[1] Wikipedia, Radio-frequency identification, 2013 Internet Resource, http://en.wikipedia.org/wiki/Radio-frequency_identification. (Date of access: Mar. 2012)
[2] Wikipedia, E-commerce, 2013 Internet Resource, http://en.wikipedia.org/wiki/E-commerce. (Date of access: June 2013)
[3] EPC Global, EPC™ radio-frequency identity protocols class-1 generation-2 UHF RFID protocol for communications at 860 MHz - 960 MHz version 1.2.0, Specification for RFID Air Interface, 2008.
[4] EPC Global, EPC™ radio-frequency identity protocols class-1 generation-2 UHF RFID conformance requirements version 1.0.6, Specification for RFID Air Interface, 2011.
[5] EPC Global, GS1 EPC tag data standard 1.6, Ratified Standard, 2011.
[6] J.S. Cho, Y.S. Jeong and S.O. Park, Consideration on the brute-force attack cost and retrieval cost: a hash-based radio-frequency identification (RFID) tag mutual authentication protocol, Computers and Mathematics with Applications, In Press, Available online Mar. 2012.
[7] D. Chaum, Blind signatures for untraceable payments, Proceedings of 2nd International Cryptology Conference (CRYPTO 1982), Santa Barbara, USA, pp.199-203, Aug. 1982.
[8] X. Gao, Z. Xiang, H. Wang, J. Shen, J. Huang and S. Song, An approach to security and privacy of RFID system for supply chain, Proceedings of the IEEE International Conference on E-Commerce Technology for Dynamic E-Business (CEC-East’04), Beijing, China, pp. 164-168, Sep. 2004.
[9] Y.C. Chen, W.L. Wang and M.S. Hwang, RFID authentication protocol for anti-counterfeiting and privacy protection, Proceedings of the 9th International Conference on Advanced Communication Technology (ICACT2007), Phoenix Park, Korea, pp. 255-259, Feb. 2007.
[10] Y.C. Lee, Y.C. Hsieh, P.S. You and T.C. Chen, An improvement on RFID authentication protocol with privacy protection, Proceedings of the 3rd International Conference on Convergence and Hybrid Information Technology (ICCIT’08), Busan, South Korea, Vol. 2, pp. 569-573 , Nov. 2008.
[11] Y. Chen, J.S. Chou and H.M. Sun, A novel mutual-authentication scheme based on quadratic residues for RFID systems, Computer Networks, Vol. 52, No. 12, pp. 2373-2380, Aug. 2008.
[12] T. Cao and P. Shen, Cryptanalysis of some RFID authentication protocols, Journal of Communications, Vol. 3, No. 7, pp. 20-27, Dec. 2008.
[13] T.C. Yeh, C.H. Wu and Y.M. Tseng, Improvement of the RFID authentication scheme based on quadratic residues, Journal of Communications, Vol. 34, No. 3, pp. 337-341, Mar. 2011.
[14] C. Diorio, Gen 2–the tough questions, part1, 2007 Internet Resource, http://www.rfidjournal.com/article/articleview/1783/1/82/. (Date of access: Oct. 2012)
[15] M. Roberti, EPC global ratifies Gen 2 standard, 2007 Internet Resource, http://www.rfidjournal.com/article/view/1293/1/1/. (Date of access: Oct 2012).
[16] K. H. Kim, E. Y. Choi, S. M. Lee, and D. H. Lee, Secure EPC global Class-1 Gen-2 RFID System Against Security and Privacy Problems, Lecture Notes in Computer Science, Vol.4277, pp.362-371, 2006
[17] H.Y. Chien and C.H. Chen, Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards, Computer Standards and Interfaces, Vol. 29, No. 2, pp. 254-259, Feb. 2007.
[18] T.C. Yeh, Y.J. Wang, T.C. Kuo and S.S. Wang, Securing RFID systems conforming to EPC Class 1 Generation 2 standard, Expert Systems with Applications, Vol. 37, No. 12, pp. 7678-7683, Dec. 2010.
[19] E.J. Yoon, Improvement of the securing RFID systems conforming to EPC Class 1 Generation 2 standard, Expert Systems with Applications, Vol. 39, No. 1, pp. 1589-1594, Jan. 2012.
[20] R. Doss, W. Zhou, S. Sundaresan, S. Yu, L. Gao, A minimum disclosure approach to authentication and privacy in RFID systems, Computer Networks Vol. 56, No.15, pp.3401–3416, Oct 2012.
[21] F. Xiao, Y. Zhou, J. Zhou, H. Zhu, X. Niu. Security protocol for RFID system conforming to EPC-C1G2 Standard, Journal of computers, Vol.8, No.3, pp.605-612, Mar 2013.
[22] S.Y. Kang, D.G. Lee and I.Y. Lee, A study on secure RFID mutual authentication scheme in pervasive computing environment, Computer Communications, Vol. 31, No. 18, pp. 4248-4254, Dec. 2008.
[23] N.Y. Lee and Z.J. Lin, Efficient identification mechanism for RFID system, Journal of Industrial and Business Management, Vol. 3, No. 1, pp. 1-10, Jul. 2007.
[24] M. Ohkubo, K. Suzuki and S. Kinoshita, RFID privacy issues and technical challenges, Communications of the ACM, Vol. 48, No. 9, pp. 66-71, Sep. 2005.
[25] K. Osaka, T. Takagi, K. Yamazaki and O. Takahashi, An efficient and secure RFID security method with ownership transfer, Proceedings of 2006 International Conference on Computational Intelligence and Security (CIS2006), Guangzhou, China, Vol. 2, pp.1090-1095, Nov. 2006.
[26] B. Song and C.J. Mitchell, RFID authentication protocol for low-cost tags, Proceedings of the 1st ACM Conference on Wireless Network Security (WiSec’2008), Alexandria, Virginia, USA, pp. 140-147, Mar. 2008.
[27] B. Sun, Y. Xiao, C.C. Li, H.H. Chen and T.A. Yang, Security co-existence of wireless sensor networks and RFID for pervasive computing, Computer Communications, Vol. 31, No. 18, pp. 4294-4303, Dec. 2008.
[28] N. Lo, K. H. Yeh, C.Y. Yeun, New mutual agreement protocol to secure mobile RFID-enabled devices, Information Security Technical Report, Vol.13, No.3 pp.151–157, Aug. 2008.
[29] D. Chaum, A. Fiat and M. Naor, Untraceable electronic cash, Proceedings of 8th International Cryptology Conference (CRYPTO 1988), Santa Barbara, USA, pp.319-327, Aug. 1988.
[30] N. Ferguson, Single term off-line coins, Proceedings of Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT 1993), Lofthus, Norway, pp.318-328, May 1993.
[31] S. Brands, Restrictive blinding of secret-key certificates, Proceedings of International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT 1995), Saint-Malo, France, pp.231-247, May 1995.
[32] V. Varadharajan, K.Q. Nguyen and Y. Mu, On the design of efficient RSA-based offline electronic cash schemes, Theoretical Computer Science, Vol.226 , No.1-2, pp.173-184, Sep. 1999.
[33] H. Wang and Y. Zhang, Untraceable off-line electronic cash flow in e-commerce, Proceedings of 24th Australian Computer Science Conference (ASCS 2001), Gold Coast, Australia, pp.191-198, Feb. 2001.
[34] H.Y. Chien, J.K. Jan and Y.M. Tseng, RSA-based partially blind signature with low computation, Proceedings of IEEE 8th International Conference on Parallel and Distributed Systems (ICPADS 2001), KyongJu City, Korea, pp. 385-389, June 2001.
[35] M.S. Hwang, C.C. Lee and Y.C. Lai, Traceability on RSA-based partially signature with low computation, Applied Mathematics and Computation, Vol.145, No. 2-3, pp.465-468, Dec. 2003.
[36] H. Wang, J. Cao and Y. Zhang, A flexible payment scheme and its role-based access control, IEEE Transactions on Knowledge and Data Engineering, Vol.17, No.3, pp.425-436, Mar. 2005.
[37] A.D. Santis, A.L. Ferrara and B. Masucci, An attack on a payment scheme,
Information Sciences, Vol.178, No.5, pp.1418-1421, Mar. 2008.
[38] Z. Eslami and M. Talebi, A new untraceable off-line electronic cash system, Electronic Commerce Research and Applications, Vol.10, No.1, pp.59-66, Jan.-Feb. 2011.
[39] Y. Chen, J.S. Chou, H.M. Sun and M.H. Cho, A novel electronic cash system with trustee-based anonymity revocation from pairing, Electronic Commerce Research and Applications, Vol.10, No.6, pp.673-682, Nov.-Dec. 2011.
[40] Wikipedia, Cloud computing, 2013 Internet Resource, http:// http://en.wikipedia.org/wiki/Cloud_computing#cite_ref-nist_0-1. (Date of access: Mar. 2013)
[41] A. Shamir, How to share a secret, Communications of the ACM, Vol.22, No.11, pp.612-613, Nov. 1979.
[42] G. Blakley, Safeguarding cryptographic keys, Proceedings of the National Computer Conference (NCC’79), New York, USA, pp.313-317, Jun. 1979.
[43] N. Koblitz, Elliptic Curve Cryptosystems, Mathematics of Computation, Vol. 48, pp. 203-209, 1987.
[44] L. Chen, Z. Cheng, N. P. Smart, Identity-based key agreement protocols from pairings, International Journal of Information Security, Vol.6, No.4, pp.213-241, Jul. 2007.
[45] M. C. Chuang, J. F. Lee, A lightweight mutual authentication mechanism for network mobility in IEEE 802.16e wireless networks, Computer Networks, Vol. 55, No.16, pp.3796-3809, Nov. 2011.
[46] N. Y. Lee, C. N. Wu, C. C. Wang, Authenticated multiple key exchange protocols based on elliptic curves and bilinear pairings, Computers and Electrical Engineering, Vol.34, No.1, pp.12-20, Jan. 2008.

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔