跳到主要內容

臺灣博碩士論文加值系統

(44.220.184.63) 您好!臺灣時間:2024/10/08 19:17
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:李政諭
研究生(外文):Zheng-Yu Li
論文名稱:FIDO U2F伺服器端的實作和分析
論文名稱(外文):An implementation and analysis of FIDO U2F server
指導教授:鄭振牟鄭振牟引用關係
口試委員:楊柏因謝致仁
口試日期:2016-07-15
學位類別:碩士
校院名稱:國立臺灣大學
系所名稱:電子工程學研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2016
畢業學年度:104
語文別:英文
論文頁數:30
中文關鍵詞:U2F二步驟驗證橢圓曲線數位簽章演算法
外文關鍵詞:U2F2-step verificationECDSA
相關次數:
  • 被引用被引用:0
  • 點閱點閱:414
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:1
近年來,各式各樣的網路服務發展迅速,電子訊息。電子支付。網路交易。的出現,提高了使用者的方便性,卻也增加了相應的安全性隱憂,安全性多依賴於密碼的複雜程度,但密碼的複雜性卻取決於使用者的設定。因此為了增加安全性,產生了二步驟驗證的驗證方式。目前來說,二步驟驗證方式又分為 SMS簡訊傳送驗證碼,應用程式產生驗證碼,電子郵件傳送驗證碼等方式,多依賴於其他的途徑產生驗證碼後,再做確認從而達到第二步驟的驗證。有鑒於皆須仰賴其他的傳送途徑,FIDO聯盟因而提出了一種全新的驗證方式U2F,使用橢圓曲線數位簽章的驗證方式,不需要仰賴於其他傳送途徑且極其安全的二步驟驗證,本篇論文著重於伺服器端,也就是服務提供方面的實作和分析。

Many internet services grow fast in recent decades, such as e-mail, electronic payment and e-commerce. The services bring people a more convenient shopping way. However, the services also come with more security concerns. The level of the security was traditionally only decided by the complexity of a user’s password. To enhance the security, the 2-step verification was introduced. The 2-step verification is to deliver a set of the verification code to the users, and let the users to pass the code back to the server for the identity verification. The common ways for doing the 2-step verification include by SMS, by authenticator application, and by email. As all the ways listed above rely on the operation of other services, FIDO (Fast Identity Online) Alliance [1] proposed a new way called U2F (Universal Second Factor) [2] for the 2-step verification. The U2F verification was based on ECDSA (Elliptic Curve Digital Signature Algorithm) [3] and did not need a user to get the verification code from any other way. This thesis is focus on the implementation of the U2F verification from the server side and the analysis of the verification’s performance.


摘要 i
Abstract ii
Table of contents iii
List of Figures iv
List of Tables v
1 Introduction 1
2 FIDO U2F Protocol 3
2.1 U2F Protocol 3
2.2 Registration 4
2.3 Authentication 8
2.4 Server Side 11
3 Implementation 12
3.1 ECDSA Preliminaries 12
3.2 Implementation of scalar multiplication 14
3.3 Functions of U2F server library 15
4 Environment Framework 16
4.1 Docker 16
5 Analysis 18
5.1 Methods 18
5.2 Results and Analysis 19
5.2.1 100 users test 1000 times 19
5.2.2 1000 users test 100 times 26
6 Conclusion 28
Bibliography 29


[1]FIDO. https://fidoalliance.org/ 2016.06.27
[2]U2F. https://fidoalliance.org/specifications/download/ 2016.06.27
[3]Elliptic Curve Digital Signature Algorithm - Wikipedia, the free encyclopedia. https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm 2016.06.27
[4]Docker https://www.docker.com/ 2016.06.27
[5]Google https://www.google.com 2016.06.27
[6]Dropbox https://www.dropbox.com/ 2016.06.27
[7]Elliptic Curve Digital Signature Verification Algorithm - Wikipedia, the free encyclopedia. https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm 2016.06.27
[8]Peter L. Montgomery. Speeding the Pollard and Elliptic Curve Methods of Factorization. Mathematics of Computation, Volume 48, Issue 177 (Jan., 1987), 234-264
[9]Michael Hutter, Marc Joye, and Yannick Sierra. Memory-Constrained Implementations of Elliptic Curve Cryptography in Co-Z Coordinate Representatio. Progress in Cryptology − AFRICACRYPT 2011, vol. 6737 of Lecture Notes in Computer Science, pp. 170–187, Springer, 2011.
[10]Jmeter http://jmeter.apache.org/ 2016.06.27
[11]Apache http://www.apache.org/ 2016.06.27
[12]Google Compute Engine https://cloud.google.com/compute/ 2016.06.27


QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top