跳到主要內容

臺灣博碩士論文加值系統

(18.97.14.84) 您好!臺灣時間:2024/12/09 18:34
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:陳國璋
研究生(外文):Kuo-Chang Chen
論文名稱:支援ad-hoc群組之匿名驗證協定
論文名稱(外文):Anonymous authentication protocols for ad-hoc groups
指導教授:洪國寶洪國寶引用關係
口試委員:顧維祺賈坤芳陳宗和孫宏民
口試日期:2017-07-20
學位類別:博士
校院名稱:國立中興大學
系所名稱:資訊工程學系所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2017
畢業學年度:105
語文別:英文
論文頁數:97
中文關鍵詞:匿名驗證匿名性Ad-hoc環境Paillier密碼系統雙線性映射Merkle tree
外文關鍵詞:Anonymous authenticationAnonymityAd-hoc groupPaillier cryptosystemBilinear mappingMerkle tree
相關次數:
  • 被引用被引用:0
  • 點閱點閱:161
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
匿名驗證是件矛盾但又非常有用的議題。一般的驗證機制下,可能會面臨到下列問題:服務伺服器接收到不合理或不正確的要求、或是攻擊者竊聽使用者與服務伺服器之間的通訊通道等。這些問題可能導致使用者的姓名或是隱私資訊被公開或被盜取。又,有些應用環境下,如:電子投票、電子錢包、線上競標等等,服務伺服器只需確認使用者是否合法,而不需要確認使用者的身分。於是匿名驗證機制就被提出並且被廣泛地應用。
在ad-hoc環境下,發起人想組成一個子群組時,發起人不必透過群組的管理人的幫助下即可組成子群組,而且該子群組中的成員也不需知道自己是所屬於哪個子群組中。在ad-hoc環境下,透過匿名驗證機制能允許使用者在不透露自己身分條件之下,可以讓驗證者/服務伺服器驗證該使用者是否為合法使用者。
目前的ad-hoc環境下的匿名驗證協定,都存在一些潛在問題,像是未支援Reveal功能,沒有討論不可連接性的安全性之外,並且都不支援單一系統下多個ad-hoc群組的機制。某些應用情境下,支援Reveal功能能夠讓應用更加便利,如線上競標,發起人透過Reveal功能來找到最後競標者;又例如電子投票的情況,若發生爭議時,發起人利用Reveal功能來進行開票。此外,支援多個ad-hoc群組的機制下,在實際應用上更加有彈性。
匿名驗證最簡單的作法是,發起人分享一組共同密碼給所有參與者,參與者使用這組密碼與驗證者進行驗證。這方法能讓發起人很簡單地組成一個ad-hoc子群組,但是很難進行管理。很多匿名驗證的機制都被提出,一般而言,匿名驗證機制可以分成五類:基於群簽章機制的匿名驗證、基於環簽章機制的匿名驗證、自我盲化的匿名憑證機制、基於累加器機制的匿名驗證、其他機制與複合機制的匿名驗證。本論文將對每一種類的機制列出近期相關的文章進行分析與比較。
在實際應用情境下,一個系統中有多個ad-hoc群組的環境是合理的。在上述相關研究中,作者們都將整個系統視為一個ad-hoc群組,套用於實際應用下,我們覺得這假設仍顯不足。於是我們考慮了三種型態的匿名驗證機制:(1) 整個系統為一個ad-hoc群組、(2) 系統支援多個ad-hoc群組,群組的成員數為有限個、(3)系統支援多個ad-hoc群組,群組的成員數為無限,據我們所知,目前的相關研究還沒有支援多個ad-hoc群組的匿名驗證機制。本論文中提出了三種型態各一的匿名驗證機制,並探討其正確性、安全性與其他機制的效率比較。
An anonymous authentication protocol is an oxymoron with many useful services. A general authentication protocol may be suffered some threats: the service server would be receiving absurd and abnormal requests, the adversary can eavesdrop the commu-nication channel between the users and the service server, and so on. Those threats cause some insecure problems on the system, such as user’s password has been stolen and user’s personal information was leaked. In some applications, such as e-voting, the service server only needs to authorize the validation of a user, but he cannot reveal and konw any sensitive information about user. Hence, anonymous authentication proto-cols have been proposed and applied wildly.

Ad-hoc group refers to members from a known group that can create a subgroup in an ad-hoc fashion. A user (called the initaitor) can form a subgroup without the group manager’s help. Also, members of the subgroup might not know that he has been including a certain ad-hoc subgroup. Thus, an ad-hoc anonymous authentication protocol allows a member from a known group to protect his real identity and sensitive information.

All of the existing anonymous authentication protocols for an ad-hoc group have some issues. Some protocols have neither support Reveal function, nor argue the Un-linkability property. The most important of all, those protocols haven’t support multi-ple ad-hoc groups. For instance, in real applications, such as online aucation, the initi-ator can use the Reveal function to find the final bidder. Besides, supporting multiple ad-hoc groups makes the anonymous authentication protocol more flexible.

A simple solution to make an anonymous authentication protocol is that the initi-ator issues a common password to all of the participants. This solution is an easy way to form an ad-hoc subgroup, but it is hard to manage those participants. In view of this, many researches for anonymous authentication have been proposed. These proposals can be divided into five categories: (1) group signature-based protocols, (2) ring sig-nature-based protocols, (3) self-blindable credential protocols, (4) accumulator-based protocols, and (5) other techniques and combined techniques. In this dissertation, we study the recent researches of the anonymous authentication, and analyze their pros and cons.

According to the actual applications in real world, a system must have more than one ad-hoc groups. We consider three types of the anonymous authentication protocols: (1) the system is a general ad-hoc group, (2) the system supports multiple ad-hoc groups with limited members, and (3) the system supports multiple ad-hoc groups with unlimited members. To the best of our knowledge, most of researches support a gen-eral ad-hoc group. The dissertation proposes three anonymous authentication protocols, one for each type, and analyzes their security requirements, and compares the effi-ciency with the related works.
摘要 i
Abstract iii
Content v
List of Figures vii
List of Tables viii
1. Introduction 1
1.1. Background and Motivation 1
1.2. Contributions 8
1.3. Thesis Organization 10
2. Preliminaries 11
2.1. Frameworks 11
2.2. Paillier cryptosystem 13
2.2.1. Details of Paillier cryptosystem 13
2.2.2. Paillier signature scheme 14
2.2.3. Hard assumptions of Paillier cryptosystem 15
2.3. Chameleon hash function 16
2.4. Bilinear mapping 18
2.4.1. Bilinear Groups 18
2.4.2. Hard assumptions of bilinear groups 18
2.5. Merkle tree 19
2.6. Security requirements 21
3. Related Works 26
3.1. Accumulators from Bilinear Pairings and Applications 26
3.1.1. Accumulators 26
3.1.2. Nguyen05 protocol 27
3.2. Anonymous Identity-Based Identification Scheme in Ad-Hoc Groups without Pairings 30
3.2.1. BR13 protocol 30
3.3. Self-blindable Credential: Towards Anonymous Entity authentication upon resource-constrained devices 32
3.3.1. ASM signature scheme 32
3.3.2. YDLW13 protocol 33
3.3.3. Cryptanalysis of YDLW13 protocol 34
3.4. Lightweight Anonymous Authentication for Ad Hoc Group: A Ring Signature Approach 35
3.4.1. YWLC15 protocol 35
3.5. Multi-device Anonymous Authentication 37
3.5.1. KWCK16 protocol 37
3.6. Anonymous Identification for Ad Hoc Group 39
3.6.1. LA16 protocol 39
3.7. Towards Lightweight Anonymous Entity Authentication for IoT Applications 41
3.7.1. YCWLC16 protocol 41
3.8. Summary 44
4. An anonymous authentication protocol based on Paillier cryptosystem 45
4.1. ProposedI protocol 45
4.2. Security analysis 48
4.2.1. Unforgeability 48
4.2.2. Unlinkability 51
5. An anonymous authentication protocol based on keywords searchable encryption 58
5.1. ProposedII protocol 58
5.2. Security Analysis 63
5.2.1. Unforgeability 63
5.2.2. Unlinkability 64
6. An anonymous authentication protocol based on Merkle tree 66
6.1. ProposedIII protocol 66
6.2. Security analysis 73
6.2.1. Unforgeability 73
6.2.2. Unlinkability 80
7. Performance and Comparisons 88
8. Conclusions and Future Works 93
Reference 94
1.ElGamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE transactions on information theory, 31(4), 469-472.
2.Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120-126.
3.Kluczniak, K., Wang, J., Chen, X., & Kutyłowski, M. (2016, September). Mul-ti-device Anonymous Authentication. In International Conference on Network and System Security (pp. 21-36). Springer International Publishing.
4.Barapatre, P., & Rangan, C. P. (2013, October). Anonymous Identity-Based Identi-fication Scheme in Ad-Hoc Groups without Pairings. In International Conference on Security, Privacy, and Applied Cryptography Engineering (pp. 130-146). Springer Berlin Heidelberg.
5.Yang, X., Wu, W., Liu, J. K., & Chen, X. (2015, November). Lightweight anony-mous authentication for ad hoc group: A ring signature approach. In International Conference on Provable Security (pp. 215-226). Springer International Publishing.
6.YANG, Y., DING, X., LU, H., WENG, J., & ZHOU, J. (2013). Self-blindable Cre-dential: Towards Anonymous Entity Authentication Upon Resource-constrained De-vices.
7.Yang, Y., Cai, H., Wei, Z., Lu, H., & Choo, K. K. R. (2016, July). Towards Light-weight Anonymous Entity Authentication for IoT Applications. In Australasian Conference on Information Security and Privacy (pp. 265-280). Springer Interna-tional Publishing.
8.Hoepman, J. H., Lueks, W., & Ringers, S. (2015, August). On linkability and malle-ability in self-blindable credentials. In IFIP International Conference on Information Security Theory and Practice (pp. 203-218). Springer International Publishing.
9.Nguyen, L. (2005, February). Accumulators from bilinear pairings and applications. In Cryptographers’ Track at the RSA Conference (pp. 275-292). Springer Berlin Heidelberg.
10.Lu, X., & Au, M. H. (2016, May). Anonymous Identification for Ad Hoc Group. In Proceedings of the 11th ACM on Asia Conference on Computer and Communica-tions Security (pp. 583-591). ACM.
11.Chaum, D. (1985). Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10), 1030-1044.
12.Chen, T. H., Chen, Y. C., Shih, W. K., & Wei, H. W. (2011). An efficient anonymous authentication protocol for mobile pay-TV. Journal of Network and Computer Ap-plications, 34(4), 1131-1137.
13.Freudiger, J., Raya, M., & Hubaux, J. P. (2009, September). Self-organized anony-mous authentication in mobile ad hoc networks. In International Conference on Se-curity and Privacy in Communication Systems (pp. 350-372). Springer Berlin Hei-delberg.
14.Dodis, Y., Kiayias, A., Nicolosi, A., & Shoup, V. (2004, May). Anonymous identifi-cation in ad hoc groups. In International Conference on the Theory and Applications of Cryptographic Techniques (pp. 609-626). Springer Berlin Heidelberg.
15.Zhi-hua, Z., Jian-jun, L., Wei, J., Yong, Z., & Bei, G. (2012, July). An new anony-mous authentication scheme for cloud computing. In Computer Science & Education (ICCSE), 2012 7th International Conference on (pp. 896-898). IEEE.
16.Li, L. H., Huang, C. Q., & Fu, S. F. (2014, October). Pairing-Based Anonymous Boardroom Voting Scheme. In Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), 2014 International Conference on (pp. 264-268). IEEE.
17.Alrodhan, W. A., Alturbaq, A., & Aldahlawi, S. (2014, January). A mobile bio-metric-based e-voting scheme. In Computer Applications & Research (WSCAR), 2014 World Symposium on (pp. 1-6). IEEE.
18.Sasson, E. B., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., & Virza, M. (2014, May). Zerocash: Decentralized anonymous payments from bitcoin. In 2014 IEEE Symposium on Security and Privacy (pp. 459-474). IEEE.
19.Acar, T., Chow, S. S., & Nguyen, L. (2013, April). Accumulators and U-Prove revo-cation. In International Conference on Financial Cryptography and Data Securi-ty (pp. 189-196). Springer Berlin Heidelberg.
20.Paillier, P. (1999, May). Public-key cryptosystems based on composite degree residuosity classes. In International Conference on the Theory and Applications of Cryptographic Techniques (pp. 223-238). Springer Berlin Heidelberg.
21.Bresson, E., Catalano, D., & Pointcheval, D. (2003, November). A simple public-key cryptosystem with a double trapdoor decryption mechanism and its applications. In International Conference on the Theory and Application of Cryptology and In-formation Security (pp. 37-54). Springer Berlin Heidelberg.
22.Krawczyk, H., & Rabin, T. (1998). Chameleon Hashing and Signatures. IACR Cryp-tology ePrint Archive, 1998, 10.
23.Merkle, R. C. (1980, April). Protocols for Public Key Cryptosystems. In IEEE Sym-posium on Security and privacy (Vol. 122).
24.He, D., Chen, Y., & Chen, J. (2013). An efficient certificateless proxy signature scheme without pairing. Mathematical and Computer Modelling, 57(9), 2510-2518.
25.Abusharekh, A., & Gaj, K. (2007). Comparative analysis of software libraries for public key cryptography. Software Performance Enhancement for Encryption and Decryption, SPEED, 11-12.
26.Fueyo, M., & Herranz, J. (2016). On the Efficiency of Revocation in RSA-Based Anonymous Systems. IEEE Transactions on Information Forensics and Securi-ty, 11(8), 1771-1779.
27.Gao, T., Peng, F., & Guo, N. (2016). Anonymous authentication scheme based on identity-based proxy group signature for wireless mesh network. EURASIP Journal on Wireless Communications and Networking, 2016(1), 193.
28.Bellare, M., & Palacio, A. (2002, August). GQ and Schnorr identification schemes: Proofs of security against impersonation under active and concurrent attacks. In Annual International Cryptology Conference (pp. 162-177). Springer Berlin Hei-delberg.
29.Goldreich, O. (2002). Zero-Knowledge twenty years after its invention. IACR Cryp-tology ePrint Archive, 2002, 186.
30.Bresson, E., Catalano, D., & Pointcheval, D. (2003, November). A simple public-key cryptosystem with a double trapdoor decryption mechanism and its applications. In International Conference on the Theory and Application of Cryptology and In-formation Security (pp. 37-54). Springer Berlin Heidelberg.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top