跳到主要內容

臺灣博碩士論文加值系統

(18.97.14.85) 您好!臺灣時間:2025/01/21 17:40
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:蔡宛諭
研究生(外文):Wan-Yu Tsai
論文名稱:驗證系統隱私性之研究--以RFID及遠端漫遊系統為例
論文名稱(外文):A study of privacy property in authentication system--taking RFID and remote roaming system as examples
指導教授:王智弘王智弘引用關係
指導教授(外文):Chih-Hung Wang
學位類別:碩士
校院名稱:國立嘉義大學
系所名稱:資訊工程學系研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2009
畢業學年度:97
語文別:中文
中文關鍵詞:無線射頻辨識技術安全個人隱私認證協定漫遊協定群簽章
外文關鍵詞:Radio-Frequency IdentificationSecurityPrivacyAuthenticationRoaming ProtocolGroup Signature
相關次數:
  • 被引用被引用:0
  • 點閱點閱:290
  • 評分評分:
  • 下載下載:66
  • 收藏至我的研究室書目清單書目收藏:2
本篇論文提出兩個有關隱私性問題的認證機制分別適用在Radio-Frequency Identification (RFID) 以及漫遊的環境下。由於RFID的便利性、可重寫性和非接觸性的特性,使得RFID被廣泛應用在生活中,近年來,RFID系統關心的議題是持有者的隱私權,如果RFID系統中沒有驗證方法,惡意攻擊者可以偽裝成合法讀取器 (Reader) 追蹤RFID標籤 (Tag) 的持有者,另一種安全問題,由於沒有驗證方法確認持有者的身分,非法使用者可以偽裝合法持有者要求服務;以往大多數的文獻中沒有討論Reader與Server之間的溝通是無線環境,故將Reader視為可信賴的。Yang等學者於2005年提出一個RFID認證機制適應在未來無線傳輸之環境,Reader不再視為受信任的個體,但是,Yang等學者提出之方法無法抵抗阻斷服務 (DoS, Denial of Service) 和重送 (replay) 攻擊。本篇論文提出之RFID認證方法,改善Yang等學者提出方法之弱點以保護持有者的隱私權。第二個認證機制適用在漫遊之環境下,由於漫遊的特性為無線傳輸,其便利性之主因為不受到地域與空間的限制,故漫遊被使用在我們的生活中,漫遊意指一個屬於本地端伺服器 (Home Server, HS) 的使用者,漫遊至其他區域時,要求遠地端伺服器 (Visited Server, VS) 提供服務;以往文獻中的漫遊認證機制,遠地端伺服器 (Visited Server, VS) 要提供服務給使用者以前,必須經由本地端伺服器 (Home Server, HS) 的幫忙驗證使用者,本論文提出一個新的漫遊認證機制使得VS不用連接至使用者的HS即可以驗證使用者,藉由群簽章 (Group Signature) 的特性完成使用者之匿名性與不可否認性,另外,藉由雜湊函數 (hash chains) 的特性抵抗DoS和重送攻擊。
We proposed two authentication schemes for the privacy property, Radio-Frequency Identification (RFID) and roaming in this thesis. RFID applications are around in our life because of the properties of RFID, convenience, rewritability, and contactlessness. Recently, the security of RFID system about holder’s privacy is a concerned topic. If there is no authentication scheme in the RFID system, an illegal user can easilyimpersonate a legitimate Reader to trace Tag’s holder. Another security problem is that a malicious attacker can impersonate a legitimate holder of the Tag to request service if there is no authentication to verify holder’s identification. In most of the previous literatures, they did not discuss the wireless communication between the Reader and Server. Therefore, the Reader was assumed to be trusted. In 2005, Yang et al. proposed a RFID protocol suitable for wireless environment in which the Reader is no longer regarded as a trusted entity. However, Yang et al.’s scheme cannot protect Denial of Service (DoS) and replay attacks. We proposed a new RFID authentication protocol which can improve the two weaknesses of Yang et al. scheme to protect holder’s privacy. The second scheme is applied in roaming environment. The wireless communication was used in our life for no limits of geography and space mainly due to the convenient capability of roaming. Roaming means a user, belonging to the home agent, wants to travel to another region and request the visited server for services. In the previous literatures, before providing services to a user, the visited server generally needs to verify a user through the home server. In this thesis, by using the group signature with both properities of non-repudiation and anonymity, a novel authentication protocol, in which the visited server can verify users without connecting to users’ home server, was proposed. Further, the proposed protocol can resist replay attacks and DoS attacks by the property of hash chains.
中文摘要 i
ABSTRACT iii
目 錄 vi
第一章 緒論 1
1.1 RFID 背景 2
1.2 RFID認證機制之概述與安全需求 3
1.3 漫遊環境之背景 6
1.4 漫遊環境認證機制之概述與安全需求 7
1.5 群簽章之概述與安全需求 9
1.6 主要貢獻 10
1.7 論文架構 12
第二章 相關研究 13
2.1 RFID相關文獻之敘述與分析 13
2.1.1 假名 (Minimalist, 極簡抽象派藝術家) 14
2.1.1.1 假名雙向認證協定 (M2AP, Minimalist Mutual-Authentication Protocol) 15
2.1.1.2 強健認證與完整性協定 (SASI, Strong Authentication and Strong Integrity) 19
2.1.2 適用於EPC Class 1 Gen 2之標準機制 23
2.1.2.1 未使用廣泛密碼學方法之RFID認證機制 24
2.1.2.2 Duc等學者提出之認證機制 26
2.1.2.3 Chien-Chen提出之認證機制 29
2.1.3 使用雜湊函數之認證機制 32
2.1.4 使用對稱式加密之認證機制 33
2.1.5 RFID認證機制相關文獻之比較 35
2.1.6 Yang等學者提出之RFID認證機制 37
2.2 漫遊 (Roaming) 之相關文獻與分析 43
2.3 群簽章之相關文獻與應用 45
第三章 研究方法 47
3.1 本論文提出之RFID認證機制 47
3.2 本論文提出之漫遊認證機制 54
第四章 分析 65
4.1 RFID認證機制分析 65
4.1.1 安全性分析 65
4.1.2 效能分析 68
4.1.3 安全性比較 70
4.2 漫遊認證機制分析 73
4.2.1 安全性分析 73
4.2.2 效能分析 76
4.2.3 安全性與特性比較 77
第五章 結論 79
參考文獻 81
[1]. J. Ala-Laurila, J. Mikkonen, and J.Rinnemaa, “Wireless LAN access network architecture for mobile operators,” Communications Magazine, IEEE, Volume 39, Issue: 11, pp.82-89, Nov. 2001.
[2]. K. Bicakci and N. Baykal, “Infinite length hash chains and their applications,” Enabling Technologies: Infrastructure for Collaborative Enterprises, 2002 (WET ICE 2002), Eleventh IEEE International Workshops, pp.57-61, 2002.
[3]. D. Boneh, X. Boyen and H. Shacham, “Short Group Signatures,” Lecture Notes in Computer Science, Volume 3152, Advances in Cryptology – CRYPTO 2004, Group Signatures, pp.41-55, 2004.
[4]. L. Batina, J. Guajardo, T. Kerins and N. Mentens, P. Tuyls and I. Verbauwhede, “Public-Key Cryptography for RFID-tags,” Proceedings of the Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07), 2007.
[5]. E. Brickell and J. Li, “Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities,” Proceedings of the 2007 ACM workshop on Privacy in electronic society, Anonymous communications, pp.21-30, 2007.
[6]. E. Bresson and J. Stern. “Efficient Revocation in Group Signatures,” In Proceedings of Public Key Cryptography (PKC'2001), Springer-Verlag, 2001.
[7]. J. Camenisch, “Group signature schemes and payment systems based on the discrete logarithm problem,” PhD thesis, vol.2 of ETH-Series in information Security and Cryptography, ISMN 3-89649-286-1, Hartung-Gorre Verlag, Konstanz, 1998.
[8]. H.-Y. Chien, “SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity,” IEEE Transactions on Dependable and Secure Computing, Volume 4, Issue 4, pp. 337 – 340, Oct.-Dec. 2007.
[9]. H.-Y. Chien and C.-H. Chen, “Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards,” Computer Standards & Interfaces 29, pp.254–259, 2007.
[10]. H.-Y. Chien and C.-W. Huang, “Security of ultra-lightweight RFID authentication protocols and its improvements,” ACM SIGOPS Operating Systems Review, Volume 41 , Issue 4, pp. 83 - 86, July 2007.
[11]. D. Chaum and E. van Heyst, “Group Signatures,” Eurocrypt’91, volume 547 of LNCS, pages 257–265. Springer-Verlag, 1992.

[12]. J. Camenisch and A. Lysyanskaya, “Signature Schemes and Anonymous Credentials from Bilinear Maps,” Lecture Notes in Computer Science, Volume 3152, Advances in Cryptology – CRYPTO 2004, Group Signatures, pp.56-72, 2004.
[13]. J. Camenisch and M. Michels. Separability and efficiency for generic group signature schemes (extended abstract). In Advances in Cryptology—CRYPTO’ 99, volume 1666 of Lecture Notes in Computer Science, pages 414–430. Springer-Verlag, 1999.
[14]. D.-N. Duc, J. Park, H. Lee and K. Kim, “Enhancing security of EPCglobal GEN-2 RFID tag against traceability and cloning,” The 2006 Symposium on Cryptography and Information Security, 2006.
[15]. ETSI TS 101 393, Digital Cellular Telecommunications System (Phase 2+); General Packet Radio Service (GPRS); GPRS Charging, v. 7.6.0.
[16]. EPCglobal. Available: http://www.EPCglobalinc.org/. July, 2009.
[17]. A. Fujii, G. Ohtake, G. Hanaoka and K. Ogawa, “Anonymous Authentication Scheme for Subscription Services,”Lecture Notes in Computer Science-Knowledge-Based, Intelligent Information and Engineering Systems, 4694, pp.975 – 985, 2007.
[18]. A. Juels, “Minimalist cryptography for low-cost RFID tags,” C. In Blundo and S. Cimato, editors, The Fourth International Conference on Security in Communication Networks – SCN 2004 , volume 3352 of Lecture Notes in Computer Science, pp. 149–164. Springer-Verlag, 2004.
[19]. A. Juels, “RFID Security and Privacy: A Research Survey,” IEEE Journal on Selection Areas in Communications, vol. 24, no. 2, February 2006, pp. 381-394.
[20]. Y. Jiang, C. Lin, X. (S.) Shen and M. Shi, “Mutual Authentication and Key Exchange Protocols for Roaming Services in Wireless Mobile Networks,” Wireless Communications, IEEE Transactions on Volume 5, Issue 9, pp.2569 - 2577, September, 2006.
[21]. S. Karthikeyan, M. Nesterenko, “RFID security without extensive cryptography,” Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks, pp. 63–67, 2005.
[22]. Y.-K. Lee and I. Verbauwhede, “Secure and low-cost RFID authentication protocols,” In International Workshop on Adaptive Wireless Networks – AWiN, Saint Louis, Missouri, USA, IEEE, November-December 2005.
[23]. T. Li and G. Wang, “Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols,” Proc. 22nd IFIP TC-11 Int’l Information Security Conf., May 2007.
[24]. S. Mangard, M. Aigner, and S. Dominikus, “A highly regular and scalable AES hardware architecture.” IEEE Trans. Comput., 52 (4), pp. 483–491, 2003.

[25]. A. Miyaji and K. Umeda, “A Fully-Functional Group Signature Scheme over Only Known-Order Group,” LECTURE NOTES IN COMPUTER SCIENCE(3089), Applied Cryptography and Network Security, Digital Signature, pp.164-179, 2004.
[26]. P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, and A. Ribagorda, “M2AP: A Minimalist Mutual-Authentication Protocol for Low- Cost RFID tags,” Proc. Int’l Conf. Ubiquitous Intelligence and Computing (UIC ’06), pp. 912-923, 2006.
[27]. M. Rahnema, “Overview of the GSM system and protocol architecture,” IEEE Communications Magazine, Volume 31, Issue 4, pp. 92-100, Apr. 1993.
[28]. B. Toiruul and K. Lee, “An Advanced Mutual-Authentication Algorithm Using AES for RFID Systems,” International Journal of Computer Science and Network Security, vol. 6, no.9B, pp. 156-162, September 2006.
[29]. J. Trevathan and W. Read, “Secure Online English Auctions,” International Conference on Security and Cryptography (SECRYPT’06), pp.387-396, 2006.
[30]. Z. Wan, K. Ren and B. Preneel, “A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for Mobile Networks,” Proceedings of the first ACM conference on Wireless network security, Device identification and privacy, pp.62-67, 2008.
[31]. S.-A. Weis, S.-E. Sarma, R.-L. Rivest, and D.-W. Engels, “Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems,” Proc. of the 1st Security in Pervasive Computing, LNCS, vol. 2802, pp. 201-212, 2004.
[32]. K. Yuksel, “Universal Hashing for Ultra-Low-Power Cryptographic Hardware Applications,” Master's Thesis, Dept. of Electronical Engineering, WPI, 2004.
[33]. Y. Yang and Beng Chin Ooi, “A Privacy Preserving Rental System”, Lecture Notes in Computer Science(LNCS) Information Security (3650), pp.59~73, 2005.
[34]. J. Yang, J. Park, H. Lee, K. Ren and K. Kim, “Mutual Authentication Protocol for Low-cost RFID,” ECRYPT Workshop on RFID and Lightweight Crypto, Graz, Austria, pp. 65-72, July 14-15, 2005.
[35]. G. Yang, D.S. Wong and X. Deng, “Anonymous and Authenticated Key Exchange for Roaming Networks,” IEEE Transactions on wireless communication, vol. 6, no. 9, pp.3461-3472, September, 2007.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊