(3.236.118.225) 您好!臺灣時間:2021/05/16 13:45
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

: 
twitterline
研究生:楊尚光
研究生(外文):Shang-Kuang Yang
論文名稱:一個輕型的匿名驗證機制
論文名稱(外文):A Lightweight Anonymous Authentication Scheme
指導教授:洪國寶洪國寶引用關係
指導教授(外文):Gwoboa Horng
口試委員:陳宗和孫宏民賈坤芳
口試委員(外文):Tzung-Her ChenHung-Min SunK.F. Jea
口試日期:2016-07-12
學位類別:碩士
校院名稱:國立中興大學
系所名稱:資訊科學與工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2016
畢業學年度:104
語文別:中文
論文頁數:56
中文關鍵詞:匿名驗證可限制次數的匿名驗證可交換權證輕型驗證抵抗惡意使用者
外文關鍵詞:Anonymous AuthenticationControllable-Anonymous AuthenticationExchangeable CrendentialLightweight AuthenticationMalicious Users Resistive
相關次數:
  • 被引用被引用:0
  • 點閱點閱:112
  • 評分評分:
  • 下載下載:3
  • 收藏至我的研究室書目清單書目收藏:0
由於雲端運算的興起,企業將服務交由雲端服務供應商託管,在使用者不想洩漏身份的前提下使用雲端服務,計費的公平性和身份的驗證難以平衡。而物聯網廣泛應用在生活之中,如考慮了國道電子收費的方便,而在車輛貼上E-Tag,卻疏忽了使用者的隱私。不久後的將來,會有更廣泛的應用如電子投票、智慧電網、穿戴式裝置、醫療網路等,皆不可忽略使用者的隱私。在必須控管伺服器的資源分配及兼顧使用者的隱私的前提下,特別適用「匿名驗證」。
本文對於Kerberos的架構進行修改後,提出了一個新的機制,特別針對使用者付費取用雲端服務的情境,和低運算能力的物聯網情境,設計了「輕型的匿名驗證」。在本機制下的使用者可自行產生權證,以匿名驗證的方式通過身份驗證,並且讓伺服器可以限制匿名使用者通過驗證的次數。且讓不同使用者間,擁有可以安全交換驗證權證的機制。


Since the rise of cloud computing, many companies have their servers hosted by some service providers rather than manage real instances by themselves. Users utilize their resource through Internet. Therefore, service providers have to verify the identity of the users. On the other hand, due to the implementation of “Internet of Things”, there will be more and more uses involve the privacy of users. In order to manage the resource of servers when users avoid revealing their identities, the anonymous authentication is particularly applicable to the scenario.
In this thesis, we propose a token-based scheme, which is able to preserve the privacy of users during authentication. Users can generate the tokens and use them when needed to authenticate themselves without revealing their real identities. Moreover, our scheme purposes the exchanging rules for users. Users can exchange their tokens securely by using the protocol.


中文摘要 i
Abstract ii
目錄 iii
圖目錄 v
表目錄 vi
一、 緒論 1
1-1 研究背景與動機 1
1-2 論文貢獻 5
1-3 論文架構 6
二、預備知識與需求分析 7
2-1 雙線性配對密碼系統 7
2-2 困難問題的假設 8
2-3 數位簽章 9
2-4 KERBEROS協定 11
2-5 HASH CHAIN 13
2-6 安全性分析 14
1. 匿名性 14
2. 不可連結性 14
3. 可驗證性 15
4. 不可偽造性 15
5. 可追蹤性 15
三、相關研究 16
3-1 LINDELL所提出的匿名驗證 16
1. Lindell提出之第一個協定 16
2. Lindell提出之第二個協定 17
3-2 SCHECHTER等學者提出動態群組匿名驗證 19
1. 安全性 19
2. 共同性 19
3. 可驗證性 19
3-3 EFTHYMIOU等學者提出之智慧電錶資料匿名 22
3-4 CHEN等學者提出基於離散對數的電子投票系統 24
四、可限制驗證次數之匿名驗證機制 26
4-1 本論文提出的方法 26
4-2 演算法 28
1. Initialization phase 28
2. TokenGen phase 29
3. CredentialGen phase 30
4. Authentication phase 32
5. Expanding phase 34
6. Exchange phase 35
7. Revoaction phase 36
4-3具交換權證的匿名驗證 38
1. Donate Mode 39
2. Online-Exchange Mode 39
3. Offline-Exchange Mode 41
五、分析與比較 45
5-1 正確性 45
5-2 安全性分析 46
1. 抵抗重送攻擊 (Replay Attack Resistance) 46
2. 不可偽造性 (Unforgeable) 47
3. 不可連結性 (Unlinkability) 48
5-3 效能比較 50
六、結論與未來工作 52
6-1 結論 52
6-2 未來工作 53
參考文獻 54


[1]B. JAMES, “Security and privacy challenges in cloud computing environments,” 2010.
[2]J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A vision, architectural elements, and future directions,” Future Generation Computer Systems, vol. 29, 2013, pp. 1645–1660.
[3]M. Li, W. Lou, and K. Ren, “Data security and privacy in wireless body area networks,” IEEE Wireless Communications, vol. 17, 2010, pp. 51–58.
[4]B. Greenshields, W. Channing, H. Miller, and others, “A study of traffic capacity,” Highway research board proceedings, National Research Council (USA), Highway Research Board, 1935.
[5]D. Zhao, H. Peng, L. Li, and Y. Yang, “A secure and effective anonymous authentication scheme for roaming service in global mobility networks,” Wireless Personal Communications, vol. 78, 2014, pp. 247–269.
[6]S. Chessa, R. Di Pietro, E. Ferro, G. Giunta, and G. Oligeri, “Mobile application security for video streaming authentication and data integrity combining digital signature and watermarking techniques,” 2007 IEEE 65th Vehicular Technology Conference-VTC2007-Spring, IEEE, 2007, pp. 634–638.
[7]J. Sun and Y. Fang, “Defense against misbehavior in anonymous vehicular ad hoc networks,” Ad Hoc Networks, vol. 7, 2009, pp. 1515–1525.
[8]L. Fischer, A. Aijaz, C. Eckert, and D. Vogt, “Secure revocable anonymous authenticated inter-vehicle communication (SRAAC),” 4th Conference on Embedded Security in Cars (ESCAR 2006), Berlin, Germany, 2006.
[9]C. Efthymiou and G. Kalogridis, “Smart grid privacy via anonymization of smart metering data,” Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference on, IEEE, 2010, pp. 238–243.
[10]C. L. Chen, Y. Y. Chen, J. K. Jan, C. C. Chen, 陳金鈴, and others, “A secure anonymous e-voting system based on discrete logarithm problem,” Applied Mathematics & Information Sciences 8 (5), 2014, pp. 2571–2578.
[11]H. Ghavamipoor and M. Shahpasand, “An anonymous and efficient e-voting scheme,” e-Commerce in Developing Countries: With Focus on e-Security (ECDC), 2013 7th Intenational Conference on, IEEE, 2013, pp. 1–13.
[12]M. Z. Lee, A. M. Dunn, B. Waters, E. Witchel, and J. Katz, “Anon-pass: Practical anonymous subscriptions,” Security and Privacy (SP), 2013 IEEE Symposium on, IEEE, 2013, pp. 319–333.
[13]K. Zhao and L. Ge, “A survey on the internet of things security,” Computational Intelligence and Security (CIS), 2013 9th International Conference on, IEEE, 2013, pp. 663–667.
[14]R. Ma, H. H. Chen, Y. R. Huang, and W. Meng, “Smart grid communication: Its challenges and opportunities,” IEEE transactions on smart grid, vol. 4, 2013, pp. 36–46.
[15]E. Asmare, A. Gopalan, M. Sloman, N. Dulay, and E. Lupu, “A mission management framework for unmanned autonomous vehicles,” International Conference on Mobile Wireless Middleware, Operating Systems, and Applications, Springer, 2009, pp. 222–235.
[16]T. Samad, J. S. Bay, and D. Godbole, “Network-centric systems for military operations in urban terrain: the role of UAVs,” Proceedings of the IEEE, vol. 95, 2007, pp. 92–107.
[17]Y. Lindell, “Anonymous authentication,” Journal of Privacy and Confidentiality, vol. 2, 2007, p. 4.
[18]S. Schechter, T. Parnell, and A. Hartemink, “Anonymous authentication of membership in dynamic groups,” Financial Cryptography, Springer, 1999, pp. 184–195.
[19]D. Boneh, “The decision diffie-hellman problem,” International Algorithmic Number Theory Symposium, Springer, 1998, pp. 48–63.
[20]D. W. Kravitz, “Digital signature algorithm,” 1993.
[21]J. L. Tsai, N. W. Lo, and T. C. Wu, “Novel anonymous authentication scheme using smart cards,” IEEE Transactions on Industrial Informatics, vol. 9, 2013, pp. 2004–2013.
[22]C. P. Schnorr, “Efficient signature generation by smart cards,” Journal of cryptology, vol. 4, 1991, pp. 161–174.
[23]S. P. Miller, B. C. Neuman, J. I. Schiller, and J. H. Saltzer, “Kerberos authentication and authorization system,” In Project Athena Technical Plan, Citeseer, 1987.
[24]B. C. Neuman and T. Ts’o, “Kerberos: An authentication service for computer networks,” IEEE Communications magazine, vol. 32, 1994, pp. 33–38.
[25]J. G. Steiner, B. C. Neuman, and J. I. Schiller, “Kerberos: An Authentication Service for Open Network Systems.,” USENIX Winter, 1988, pp. 191–202.
[26]L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, vol. 24, 1981, pp. 770–772.
[27]T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” Workshop on the Theory and Application of Cryptographic Techniques, Springer, 1984, pp. 10–18.
[28]R. Housley, W. Polk, W. Ford, and D. Solo, Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile, 2002.
[29]X. Zhu, S. Jiang, L. Wang, and H. Li, “Efficient privacy-preserving authentication for vehicular ad hoc networks,” IEEE Transactions on Vehicular Technology, vol. 63, 2014, pp. 907–919.
[30]M. H. Au, W. Susilo, and Y. Mu, “Constant-size dynamic k-TAA,” International Conference on Security and Cryptography for Networks, Springer, 2006, pp. 111–125.
[31]I. Teranishi, J. Furukawa, and K. Sako, “K-times anonymous authentication,” International Conference on the Theory and Application of Cryptology and Information Security, Springer, 2004, pp. 308–322.
[32]C. Wachsmann, L. Chen, K. Dietrich, H. Löhr, A.-R. Sadeghi, and J. Winter, “Lightweight anonymous authentication with TLS and DAA for embedded mobile devices,” International Conference on Information Security, Springer, 2010, pp. 84–98.


QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關論文
 
無相關期刊
 
無相關點閱論文