(3.236.6.6) 您好!臺灣時間:2021/04/22 19:18
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:孫勤昱
研究生(外文):Chin-Yu Sun
論文名稱:安全與高效能無線通訊驗證方法之研究
論文名稱(外文):Secure and Efficient Authentication Schemes for Wireless Communications
指導教授:張真誠張真誠引用關係
指導教授(外文):Chin-Chen Chang
口試委員:張真誠林詠章詹啟祥
口試委員(外文):Chin-Chen ChangIuin-Chang LinChi-Shiang Chan
口試日期:2013-06-27
學位類別:碩士
校院名稱:逢甲大學
系所名稱:資訊工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2013
畢業學年度:101
語文別:英文
論文頁數:75
中文關鍵詞:無線網路通訊驗證金鑰協議協定單向雜湊函數回合金鑰智慧卡混沌映射全球移動網路匿名性中間人攻擊偽冒攻擊離線通行碼猜測攻擊
外文關鍵詞:wireless communicationsauthenticationkey agreementone-way hash functionsession keysmart cardchaotic mapsglobal mobility networksanonymityman-in-the-middle attackimpersonal attackoff-line password guessing attack
相關次數:
  • 被引用被引用:0
  • 點閱點閱:343
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:27
  • 收藏至我的研究室書目清單書目收藏:0
隨著電腦科技的快速發展,許多原本在有線網路下的運用漸漸的轉移到無線網路通訊上。其中,部分的無線網路通訊同時也配合著執行身份識別與驗證來達到通訊安全性。因此在2012年,Mun等人提出了一個身份識別及認證的方法運用在無線通訊網路上。然而不幸的,我們發現了Mun等人的方法中存在了幾個安全漏洞問題,如常見的中間人攻擊、偽冒攻擊、離線通行碼猜測攻擊。因此我們基於Mun等人的方法,設計了一個全新的身份識別與驗證的方法來防止這些惡意的攻擊。同時,我們配合著智慧卡的使用,讓服務端不需要儲存任何使用者驗證資訊。使用者利用我們提出的方法,不僅可以達到安全的通訊;當使用者通過服務端的一次認證後,可以用產生的回合金鑰使用數次,這大大的減少了服務端的負擔。而當使用者覺得此回合金鑰不再安全,利用我們方法中設計的更新回合金鑰的功能,來提升回合金鑰的安全性。另一方面,近年來越來越多的植基於混沌映射的密碼學系統相繼提出。據我們所知,這種植基於渾沌映射的密碼學系統並沒有被其他學者運用到無線網路通訊的身份認證與金鑰協議協定。因此,我們出了一個全新的金鑰協議協定的方法運用在無線網路通訊上,它的安全性是建立在混沌映射的密碼系統。我們提出的方法,不但可以抵擋常見的安全攻擊,同時符合了幾個常見的功能需求。最重要的是,我們提出的方法相較於其他基植於模指數運算或橢圓曲線的密碼系統,更合適於低運算負擔的無線網路通訊。最後,根據我們前面提到的兩個不同密碼技術的方法,我們另外提出了一個全新的低運算負擔的身份識別與金鑰協議協定運用在無線網路通訊下。突破以往使用對稱式加密系統或非對稱式的加密系統,我們提出來的方法僅用了低運算負擔的單向雜湊函數與互斥或運算,大大降低了無線網路通訊下的加密運算量。
With the rapid development of computer technologies, the traditional applications of wired networks have been transmitted to wireless networks. A part of research related to wireless communication has been focused on achieving secure communications using identification and authentication techniques. Mun et al. (2012) designed an identification and authentication scheme based on a wireless network (GLOMONET), but their scheme still has some weaknesses, i.e., it is vulnerable to man-in-the-middle attacks, impersonal attacks, and off-line password guessing attacks. Therefore, we propose a novel authentication scheme to overcome these weaknesses. Using our scheme with smart card, the user can communicate with others safely and heavy burden of the home agent is reduced at the same time. After a user passes the authentication step, he or she can obtain one session key and use it to encrypt the message several times. When the user feels that this session key should be updated, he or she also can update this session key for security. Cryptography based on chaos theory has been studied extensively, and many chaotic-based cryptosystems have been proposed in recent years. To the best of our knowledge, no authentication and key-agreement protocols based on chaotic maps have been proposed for wireless communications in the literature to date. Thus, we propose a novel, chaotic map-based authentication and key-agreement protocol for wireless communications. Our proposed protocol satisfies all essential functionality requirements, and it also can withstand the various known types of attacks. Most importantly, the computational costs of chaotic map-based protocols are much lower than other protocols based on modular exponential computing or scalar multiplication on elliptic curves. This feature is more suitable for the low-power and resource-limited mobile devices. Finally, due to the foregoing discussion of different cryptography technology schemes, we propose a novel authentication and key agreement scheme with low computational cost. To break through symmetric and asymmetric cryptosystems, our proposed scheme only uses hash functions and XOR operations. Thus, our proposed scheme reduces the computational cost associated with encryption/decryption operations in wireless communications.
誌謝 i
摘要 ii
Abstract iv
List of Figures ix
List of Tables x
Chapter 1. Introduction 1
1.1 Motivation 1
1.2 Thesis Organization 2
Chapter 2. Related Works 3
2.1 Review of Mun et al.’s scheme 3
2.1.1 Registration phase 4
2.1.2 Authentication and establishment of session key phase 4
2.1.3 Update session key phase 6
2.2 Weaknesses of Mun et al. ’s scheme 7
2.2.1 Weakness 1: Password guessing attack 7
2.2.2 Weakness 2: Non-anonymity 8
2.2.3 Weakness 3: Man-in-the-middle attack 8
2.2.4 Weakness 4: Impersonation attack 9
2.2.5 Weakness 5: Mistiness assumption 9
2.3 Preliminaries of Chebyshev chaotic maps 9
2.3.1 Definition and properties of Chebyshev chaotic maps 10
2.3.2 Chebyshev chaotic maps-based key-agreement protocol 10
Chapter 3. A Secure Authentication Scheme in Global Mobility Networks 12
3.1 Introduction 12
3.2 The Proposed Scheme 14
3.2.1 Registration phase 15
3.2.2 Login phase 16
3.2.3 Authentication phase 17
3.2.4 Update session key phase 18
3.2.5 Update password phase 20
3.3 Security analysis 20
3.4 Discussion 23
3.4.1 Anonymity and untraceability 24
3.4.2 Password friendly 24
3.4.3 Mutual authentication 24
3.4.4 Verification of the owner of the smart card 25
3.4.5 Computational cost 25
3.5 Summaries 27
Chapter 4. Chaotic Maps-Based Scheme for Wireless Communications 28
4.1 Introduction 28
4.2 The Proposed Scheme 30
4.2.1 Registration phase 31
4.2.2 Mutual authentication and session key agreement phase 32
4.2.3 Password change phase 34
4.3 Security and functionality analysis 34
4.3.1 Mutual authentication 35
4.3.2 User friendliness 36
4.3.3 No password/verification table 36
4.3.4 Fairness in key agreement 37
4.3.5 Anonymity of the user’s identity 37
4.3.6 Withstanding the insider attack 38
4.3.7 Withstanding the smart card-loss case 38
4.3.8 Withstanding the replay attack 39
4.3.9 Confidentiality of the session key 39
4.4 Performance analysis 40
4.5 Summaries 42
Chapter 5. An Efficient Authenticated Scheme for Wireless Mobile Networks 43
5.1 Introduction 43
5.2 The proposed scheme 44
5.2.1 Registration phase 45
5.2.2 Login and authentication phase 46
5.2.3 Update password phase 48
5.3 Security analysis 49
5.3.1 Our proposed scheme resists the smart card loss case 49
5.3.2 Replay attack 50
5.3.3 Man-in-the-middle attack 51
5.3.4 Impersonation attack 52
5.3.5 Perfect forward secrecy 54
5.4 Discussions 54
5.4.1 Mutual authentication 54
5.4.2 User-friendly 55
5.4.3 Anonymity 55
5.4.4 Computational cost 56
5.5 Summaries 58
Chapter 6. Conclusions and Future Works 59
6.1 Conclusions 59
6.2 Future Studies 60
References 61
[1] H. Mun, K. Han, Y. S. Lee, Y. Y. Chan and H. H. Choi, “Enhanced secure anonymous authentication scheme for roaming service in global mobility networks,” Mathematical and Computer Modelling, Vol. 55, No. 1-2, January 2012, pp.214-222.
[2] D. Xiao, X. F. Liao, and K.W. Wong, “An efficient entire chaos-based scheme for deniable authentication,” Chaos, Solitons &; Fractals. Vol. 23, No. 4, February 2005, pp.1327–1331.
[3] D. Hankerson, A. Menezes and S. Vanstone, Guide to elliptic curve cryptography, Springer-Verlag Inc., Germany 2004.
[4] J. Cao, M. Ma and M. Cao, “An enhanced authentication scheme in GLOMONETs,” Proc. of 4th IEEE International Conference on Broadband Network and Multimedia Technology, Shenzhen, China, October 2011, pp.579-585.
[5] D. J. He and S. Chan, “A secure and lightweight user authentication scheme with anonymity for the global mobility network,” Proc. of 13th International Conference on Network-Based Information Systems, Tokyo, Japen, September, 2010, pp.305-312.
[6] D. J. He, M.D. Ma, Y. Zhang, C. Chen and J. J. Bu, “A strong user authentication scheme with smart cards for wireless communications”, Computer Communications, Vol. 34, No. 3,March 2011, pp.367-374.
[7] V. Gupta, D. Stebila, S. Fung, S. C Shantz, N. Gura and H. Eberle, “Speeding up secure web transactions using elliptic curve cryptography”, Proc. of 11th Annual Network and Distributed System Security Symposium, California, U.S.A, February, 2004, pp.231-239.
[8] C. T. Li and C. C. Lee, “A novel user authentication and privacy preserving scheme with smartcards for wireless communications,” Mathematical and Computer Modelling, Vol. 55, No. 1-2, January 2012, pp.35-44.
[9] Q. Pu, “An enhanced authentication scheme with anonymity for roaming service in global mobility networks,” Proc. of 2th International Conference on Multimedia and Information Technology, Kaifeng, China, Vol. 2, April 2010, pp.219-222.
[10] T. Zhou and J. Xu, “Provable secure authentication protocol with anonymity for roaming service in global mobility networks,” Computer Networks, Vol. 55, No. 1, January 2011, pp.205-213.
[11] J. Xu and D. Feng, “Security flaws in authentication protocols with anonymity for wireless environments,” Electronics and Telecommunications Research Institute, Vol. 31, No. 4, August 2009, pp.460-462.
[12] P. Zeng, Z. Cao, K. K. Choo and Shengbao Wang, “On the anonymity of some authentication schemes for wireless communications,” IEEE Communication Letters, Vol. 13, No. 3, March 2009, pp.170-171.
[13] S. Suzukiz and K. Nakada, “An authentication technique based on distributed security management for the global mobility network,” IEEE Journal Selected Areas in Communications, Vol. 15, No. 8, October 1997, pp.1608-1617.
[14] L. Buttyan, C. Gbaguidi, S. Staamann, and U. Wilhelm, “Extensions to an authentication technique proposed for the globe mobility network,” IEEE Transactions on Communications, Vol. 48, No. 3, March 2000, pp.373-376.
[15] K. F. Hwang and C. C. Chang, “A self-encryption mechanism for authentication of roaming and teleconference services,” IEEE Transactions on Wireless Communications, Vol. 2, No. 2, March 2003, pp.400-407.
[16] J. Zhu and J. Ma, “A new authentication scheme with anonymity for wireless evironments,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 1, June 2004, pp.231-235.
[17] C. Y. Lee, C. C. Chang and C. H. Lin, “User authentication with anonymity for global mobility networks,” Proc. of 2nd International Conference on Mobile Applications and Systems, Guangzhou, China, January 2005, pp.1-5.
[18] C. C. Lee, M. S. Hwang and I. E. Liao, “Security enhancement on a new authentication scheme with anonymity for wireless environments,” IEEE Transactions on Industrial Electronics, Vol. 53, No. 5, October 2006, pp.1683-1687.
[19] C. C. Wu, W. B. Lee and W. J. Tsaur, “A secure authentication scheme with anonymity for wireless communication,” IEEE Communications Letters, Vol. 12, No. 10, October 2008, pp.722-723.
[20] B. Schneier, Applied cryptography, protocols, algorithms, and source code in C, John Wiley and Sons Inc., 2nd Edition, New York, U.S.A., 1996, pp. 15.
[21] N. Y. Lee, C. N. Wu and C. C. Wang, “Authenticated multiple key exchange protocols based on elliptic curves and bilinear pairings,” Computers and Electrical Engineering, Vol. 34, No. 1, January 2008, pp. 12-20.
[22] C. I. Fan, Y. C. Chan, and Z. K. Zhang, “Robust remote authentication scheme with smart cards,” Journal of Computers &; Security, Vol. 42, No. 8, November 2005, pp. 619-628.
[23] W. S. Juang, S. T. Chen, and H. T. Liaw, “Robust and efficient password-authenticated key agreement using smart card,” IEEE Transactions on Industrial Electronics, Vol. 55, No. 6, June 2008, pp. 2551-2556.
[24] X. X. Li, W. D. Qiu, D. Zheng, K. F. Chen, and J. H. Li, “Anonymity enhancement on robust and efficient password-authenticated key agreement using smart cards,” IEEE Transactions on Industrial Electronics, Vol. 57, No. 2, February 2010, pp. 793-800.
[25] D. Z. Sun, J. P. Huai, J. Z. Sun, J. X. Li, J. W. Zhang, and Z. Y. Feng, “Improvements of Juang et al.’s password-authenticated key agreement scheme using smart cards,” IEEE Transactions on Industrial Electronics, Vol. 56, No. 6,June 2009, pp. 2284-2291.
[26] M. S. Hwang, S. K. Chong, and T. Y. Chen, “DoS resistant ID-based password authentication scheme using smart cards,” Journal of Systems and Software, Vol. 83, No. 1, January 2010, pp. 163-172.
[27] J. S. Lee, J. H. Chang, and D. H. Lee, “Security flaw of authentication scheme with anonymity for wireless communications,” Journal of IEEE Communications Letters, Vol. 13, No. 5, May 2009, pp. 292-293.
[28] C. T. Li and C. C. Lee, “A novel user authentication and privacy preserving scheme with smart cards for wireless communications,” Journal of Mathematical and Computer Modelling, Vol. 55, No. 1-2, January 2012, pp. 35-44.
[29] F. T. Wen, and X. L. Li, “An improved dynamic ID-based remote user authentication with key agreement scheme,” Journal of Computers and Electrical Engineering, Vol. 38, No. 2, March 2012, pp. 381-387.
[30] J. Xu, W. T. Zhu, and D. G. Feng, “An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks,” Journal of Computer Communications, Vol. 34, No. 3, March 2011, pp. 319-325.
[31] K. H. Yeh, C. H. Su, N. W. Lo, Y. J. Li, and Y. X. Hung, “Two robust remote user authentication protocols using smart cards,” Journal of Systems and Software, Vol. 83, No. 12, December 2010, pp. 2556-2565.
[32] E. J. Yoon, K. Y. Yoo, and K. S. Ha, “A user friendly authentication scheme with anonymity for wireless communications,” Journal of Computers and Electrical Engineering, Vol. 37, No. 3, May 2011, pp. 356-364.
[33] J. Zhu, and J. Ma, “A new authentication scheme with anonymity for wireless environments,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 1, February 2004, pp. 231-235.
[34] K. Wang, W. J. Pei, L. H. Zou, Y. M. Cheung, and Z. Y. HE, “Security of public key encryption technique based on multiple chaotic systems,” Journal of Physics Letters A, Vol. 360, No. 2, December 2006, pp. 259-262.
[35] L. H. Zhang, “Cryptanalysis of the public key encryption based on multiple chaotic systems,” Journal of Chaos, Solitons &; Fractals, Vol. 37, No. 3, August 2008, pp. 669-674.
[36] D. Xiao, X. F. Liao, and S. J. Deng, “A novel key agreement protocol based on chaotic maps,” Journal of Information Sciences, Vol. 177, No. 4, February 2007, pp. 1136-1142.
[37] D. Xiao, X. F. Liao, and S. J. Deng, “Using time-stamp to improve the security of a chaotic mapsbased key agreement protocol,” Journal of Information Sciences, Vol. 178, No. 6, March 2008, pp. 1598-1602.
[38] X. F. Guo, and J. S. Zhang, “Secure group key agreement protocol based on chaotic hash,” Journal of Information Sciences, Vol. 180, No. 20, October 2010, pp. 4069-4074.
[39] Y. J. Niu, and X. Y. Wang, “An anonymous key agreement protocol based on chaotic maps,” Journal of Communications in Nonlinear Science and Numerical Simulation, Vol. 16, No. 4, April 2011, pp. 1986-1992.
[40] X. Y. Wang, and J. F. Zhao, “An improved key agreement protocol based on chaos,” Journal of Communications in Nonlinear Science and Numerical Simulation, Vol. 15, No. 12, December 2010, pp. 4052-4057.
[41] E. J. Yoon, and II. S. Jeon, “An efficient and secure Diffie-Hellman key agreement protocol based on Chebyshev chaotic map,” Journal of Communications in Nonlinear Science and Numerical Simulation, Vol. 16, No. 6, June 2011, pp. 2383-2389.
[42] L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, Vol. 24, No. 11, November 1981, pp. 770-772.
[43] A. Aziz and W. Diffie, “Privacy and authentication for wireless local area networks,” IEEE Personal Communications, Vol. 1, No. 1, 1st Qtr 1994, pp. 25-31.
[44] C. S. Park, “On certificate-based security protocols for wireless mobile communication systems,” IEEE Network, Vol. 11, No. 5, September 1997, pp. 50-55.
[45] L. Buttyan, C. Gbaguidi, S. Staamann, and U. Wilhelm, “Extensions to an authentication technique proposed for the globe mobility network,” IEEE Transactions on Communications, Vol. 48, No. 3, March 2000, pp.373-376.
[46] M. Bellare, R. Canetti and H. Krawczyk, “Keying hash functions for message authentication,” Proc. of 16th Annual International Cryptology Conference on Advances in Cryptology, California, U.S.A., Vol. 1109, Springer- Verlag, 1996, pp.1-15.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊
 
系統版面圖檔 系統版面圖檔