論文使用權限 Thesis access permission:校內一年後公開,校外永不公開 campus withheld
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus:永不公開 not available
博碩士論文 etd-0820103-091107 詳細資訊
Title page for etd-0820103-091107
論文名稱 Title |
在無線隨意網路中建立一個安全的環境
Establish A Secure Environment in Ad Hoc Network |
||
系所名稱 Department |
|||
畢業學年期 Year, semester |
語文別 Language |
||
學位類別 Degree |
頁數 Number of pages |
48 |
|
研究生 Author |
|||
指導教授 Advisor |
|||
召集委員 Convenor |
|||
口試委員 Advisory Committee |
|||
口試日期 Date of Exam |
2003-07-31 |
繳交日期 Date of Submission |
2003-08-20 |
關鍵字 Keywords |
網路隨意網路、安全 security, ad hoc networks |
||
統計 Statistics |
本論文已被瀏覽 5693 次,被下載 25 次 The thesis/dissertation has been browsed 5693 times, has been downloaded 25 times. |
中文摘要 |
最近在無線網路上的安全問題一直是個相當熱門的話題。隨著無線網路在我們的日常生活中日趨的普及,使得從原本的連線速度問題,演變到注重個人的隱私以及資訊的安全。 不過由於無線網路上的成員複雜,很難對每個成員做身分的確認。我們可以參考有線網路上的安全機制,並試著將它改進,可以適用在無線網路環境。當然無線的裝置並不像一般的個人電腦或伺服器具有強大的處理能力及資源。所以當我們試著修改有限網路上的安全機制時,我們要把有限與無線裝置之間的差異考慮進去。 在這篇論文中,我們使用一種特別的方法來建立Ad Hoc網路架構,並使用SSL( Security Sockets Layer ) 安全協定。因為SSL是最為被廣為使用,而且現在是用來在網路上提供安全的電子商務交易的主要標準。另外,我們使用了橢圓曲線加密法( ECC, Elliptic Curve Cryptosystems )來取代傳統的RSA。雖然RSA是最為被廣為使用的公開金匙加密系統,但它需要大量的計算。由於計算能量級網路頻寬再無線網路系統力都很缺少,使用像RSA這種計算量龐大的加密系統並不是很適合的選擇。這樣我們便能在Ad Hoc網路上建立一個安全的環境 我們最終的願望是希望可以在安全性及處理的複雜性間取得一個絕佳的平衡點。這次的論文內容便是往著這個方向前進,試著將SSL搬到無線網路上。相信這會是個兼顧實用性及理想性的方法。 |
Abstract |
Lately, the security in wireless network is always a really hot topic. With the popularity of wireless network in our daily life day after day, the issues of connection speed have evolved to emphasize on personal privacy and information security. Due to the complication of membership in wireless network, it is hard to identify every member. We can reference to the security mechanism in wired network, and try to modify it to fit in wireless network. Of course, the wireless devices do not have such strong processing power and resources as personal computers or servers. So when we try to modify the security mechanism in wired network, we should think about the difference between wired and wireless devices. In this paper, we use a special method to establish Ad Hoc network architecture, and SSL ( Security Sockets Layer ) security protocol. Because SSL has been widely implemented and is now the main standard for providing security e-commerce transactions over the Web. Besides, we use ECC ( Elliptic Curve Cryptosystems ) to replace traditional RSA. Though RSA is the most widely used public key cryptosystem today, the implementation of RSA requires expensive computation. Since battery/computing power and bandwidth are scarce in mobile and wireless systems, the use of a computationally intensive cryptosystem, such as RSA, is not a feasible choice in such environments. Then we can establish a security environment in Ad Hoc network. We hope we can take a excellent balance between security and processing complexity. This paper goes toward the direction, and tries to move SSL to wireless networks. We believe that it is a method to give consideration to practical utility and ideal. |
目次 Table of Contents |
中文摘要 ………………………………………………………………… I Abstract ………………………………………………………………… ii Chapter 1 : Background ………………………………………………… 1 1-1 : Security Goal and Challenge ………………………………… 1 1-1-a : Security Requirements ………………………………… 1 1-1-b : Lack of security within ad hoc network ………………… 2 1-2 : Key Management ………………………………………………… 3 1-2-a : Private key Systems ……………………………………… 3 1-2-b : Public key Systems ……………………………………… 4 1-2-c : Digital Signature ……………………………………… 5 1-2-d : Certification Authority ………………………………… 7 1-3 : SSL ( Secure Sockets Layer ) ………………………………… 8 1-3-a : The SLL Protocol ……………………………………… 8 1-3-b : Ciphers Used with SSL ………………………………… 10 1-3-c : The SSL Handshake ……………………………………… 12 Chapter 2 : Relative Research ………………………………………………… 15 2-1 : SEAD (Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks) …………………………………………………………… 15 2-1-a : Process ………………………………………………… 15 2-1-b : Advantage and Disadvantage …………………………… 16 2-2 : Ariadne (A Secure On-Demand Routing Protocol for Ad Hoc Networks) ……………………………………………………………………… 17 2-2-a : TESLA broadcast authentication protocol for authenticating routing messages ………………………………………………… 17 2-2-b : Ariadne Route Discovery with TESLA ………………… 18 2-2-c : Advantage and Disadvantage …………………………… 20 2-3 : A Novel Authentication Scheme for Ad Hoc Networks …………… 21 2-3-a : Key definitions and Distribute Methodology …………… 21 2-3-b : Algorithm ………………………………………………… 22 2-3-c : Advantage and Disadvantage …………………………… 24 2-4 : Elliptic Curve ………………………………………………… 25 2-4-a : Elliptic Curve Addition: A Geometric Approach …………… 26 2-4-b : Elliptic Curve Groups over Fp …………………………… 28 2-5 : RSA vs. Elliptic Curve Cryptosystems …………………………… 30 Chapter 3 : Establish A Secure Environment in Ad Hoc Network …………… 32 3-1 : Establish hierarchical architecture …………………………… 32 3-1-a : Weight’s computing ………………………………… 32 3-1-b : Choose core node and Set each core ……………………… 32 3-1-c : Establish the hierarchical relationship between groups ……… 35 3-2 : Establish public key system ……………………………………… 36 3-2-a : Basic Setting …………………………………………… 36 3-2-b : ECC ( Elliptic Curve Cryptograph ) ……………………… 37 3-3 : Establish SSL …………………………………………………… 39 3-3-a : SSL HP process …………………………………………… 39 3-3-b : Special situations …………………………………………… 41 3-4 : Example …………………………………………………………… 44 Chapter 4 : Conclusion ……………………………………………………… 46 Reference ………………………………………………………………… 47 |
參考文獻 References |
[1] L. Zhou and Z. J. Haas, “Securing Ad Hoc Networks”, IEEE Network Magazine, vol. 13, no.6, November/December 1999, http://citeseer.nj.nec.com/zhou99securing.html. [2] Mary Thompson, “An Introduction to Security Concepts and Public Key Infrastructure (PKI)”, www-itg.lbl.gov/Akenti/docs/secPrimer/tsld002.htm [3] Preetida Vinayakray-Jani, “Security within Ad hoc Networks”, Position Paper, PAMPAS Workshop, Sept. 16/17 2002, London [4] Netscape Communications Corporation, “Introduction to Public-Key Cryptography”, http://developer.netscape.com/docs/manuals/security/pkin/index.html [5] Netscape Communications Corporation, “Introduction to SSL”, http://developer.netscape.com/docs/manuals/security/sslin/ [6] Netscape Communications Corporation, “Appendix J : Introduction to Public-Key Cryptography”, http://enterprise.netscape.com/docs/cms/61/cert/admin/pki.htm [7] Yih-Chun Hu , Adrian Perrig and David B. Johnson, “SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks”, In Proceedings of the 4th IEEE Workshop on Mobile Computing Systems & Applications (WMCSA 2002), IEEE, Calicoon, NY, June 2002. http://citeseer.nj.nec.com/hu02sead.html [8] Yih-Chun Hu, Adrian Perrig and David B. Johnson, “Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks”, in The 8th ACM International Conference on Mobile Computing and Networking, September 2002, http://citeseer.nj.nec.com/hu02ariadne.html [9] Adrian Perrig, Ran Canetti, J.D. Tygar, and Dawn Xiaodong Song, ”Efficient Authentication and Signing of Multicast Streams Over Lossy Channels”, In IEEE Symposium on Security and Privacy, May 2000, http://citeseer.nj.nec.com/perrig00efficient.html [10] Lakshmi Venkatraman and Dharma P. Agrawal, “A Novel Authentication scheme for Ad hoc Networks”, Wireless Communications and Networking Confernce (WCNC 2000), IEEE, Pages 1268-1273, vol.3. [11] Certicom, “Online Ecc Tutorial”, http://certicom.com/resources/ecc_tutorial/ecc_tutorial.html [12] Ivan Leung, “A Microcoded Elliptic Curve Cryptographic Processor”, http://www.cse.cuhk.edu.hk/~khleung/thesis/node19.html [13] Neal Koblitz and Victor Miller, “ECC(Elliptic Curve Cryptosystem)”, http://www.kisa.or.kr/technology/sub1/ecc.htm [14] Zhi Li, John Higgins and Mark Clement, “Performance of Finite Field Arithmetic in an Elliptic Curve Cryptosystem”, MASCOTS 2001: 249-258. [15] Teo Kai Meng , “Curves for the elliptic curve cryptosystem”, http://www.math.nus.edu.sg/~urops/Projects/EllipticCurves.pdf [16] Richard Schroeppel, Hilarie Orman, Sean O'Malley, “Fast Key Exchange with Elliptic Curve Systems”, Technical Report 95-03, Department of Computer Science, University of Arizona, Feb. 1995. http://citeseer.nj.nec.com/schroeppel95fast.html |
電子全文 Fulltext |
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。 您的 IP(校外) 位址是 18.217.228.35 論文開放下載的時間是 校外不公開 Your IP address is 18.217.228.35 This thesis will be available to you on Indicate off-campus access is not available. |
紙本論文 Printed copies |
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。 開放時間 available 已公開 available |
QR Code |
國立中山大學 圖書與資訊處 │ 諮詢服務:2452 論文審查小組 │ 服務信箱 │ 系統開發維運:圖資處知識創新組
Office of Library and Information Services, National Sun Yat-sen University │ Contact Us : 2452 Thesis Format Review Team , Mail │ Development and operations : Knowledge Innovation Division, LIS