論文使用權限 Thesis access permission:自定論文開放時間 user define
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus: 已公開 available
論文名稱 Title |
高效率強匿名無線通訊認證機制 Efficient Strong Anonymous Authentication Scheme for Wireless Communications |
||
系所名稱 Department |
|||
畢業學年期 Year, semester |
語文別 Language |
||
學位類別 Degree |
頁數 Number of pages |
73 |
|
研究生 Author |
|||
指導教授 Advisor |
|||
召集委員 Convenor |
|||
口試委員 Advisory Committee |
|||
口試日期 Date of Exam |
2012-07-13 |
繳交日期 Date of Submission |
2012-08-30 |
關鍵字 Keywords |
認證、無線網路、匿名性、群簽章、撤銷、安全漫遊 Authentication, Wireless Network, Anonymity, Group Signature, Revocation, Secure Roaming |
||
統計 Statistics |
本論文已被瀏覽 5666 次,被下載 267 次 The thesis/dissertation has been browsed 5666 times, has been downloaded 267 times. |
中文摘要 |
隨著無線通訊技術的發展, 人們可以在不受到環境的限制下來取得通訊服務, 並搭 配著行動裝置的快速發展, 如智慧手機、平板電腦等設備, 使得無線網路的使用更 加的頻繁, 而網路漫遊服務的提供讓使用者能夠不受地域的限制存取服務。行動網 路中的漫遊認證協定及隱私保護一直是重要的議題, 使用者向漫遊業者進行通訊 時, 必須與伺服器做認證, 以確保使用者是向一個合法的伺服器取得服務, 而伺服 器也必須確認此使用者是由主機認證的合法使用者, 雙方才能進行安全的通訊服 務。此外, 一個安全漫遊協定須具備對使用者的匿名性, 當使用者要求服務時, 伺 服器無法分辨任意兩次的通訊是否為同一行動裝置所發出。目前所提出可對外地 伺服器匿名的認證協定對於使用者撤銷的檢查上需耗費大量計算時間, 使得伺服 器計算成本增加以至於無法施行於現有的環境中。本文中所提出的強匿名安全認 證協定, 利用兩階段認證方式, 在初始認證中, 本地伺服器參與認證並於認證成功 後發給具時效性的匿名憑證供快速認證使用, 外地端的伺服器中所儲存撤銷數量 可因此減少並且只需保存一段時間, 內需的撤銷清單對於伺服器在撤銷檢查上的 計算量也因此降低, 並可減少保存資料的空間, 最後, 本文也對提出的協定提供安 全證明與效率分析。 |
Abstract |
Because of the popularity of wireless communication technologies, people can access servers without the restriction of place and time. With the rapid development of mobile devices, such as smart phones and iPads, the frequency of wireless networks have increased. Roaming services ensure service provision without location constraints. A secure roaming authentication protocol is critical for the security and privacy of users when accessing services by roaming. It ensures the authenticity of mobile users, and foreign and home servers. After authentication, the session key for the mobile user and the foreign server is established for secure communication. In addition, a secure roaming protocol may provide anonymity for mobile users. When the mobile user requests a service, the server is unable to identify two requests from the same user. For the current anonymous authentication protocols, the foreign server must fulfill the revocation check by the computation linear to the number of revoked users. It makes the protocol infeasible in practical environments. This thesis proposes a strong anonymous authentication protocol, using two-stage authentication, in which the home server is involved in the initial authentication to eliminate the revocation list and issues a timely anonymous credential for subsequent authentication after successful authentication. It reduces the computation costs for the revocation check and minimizes the size of the revocation list. Finally, this thesis also provides security proofs and comparisons of the proposed authentication mechanism. |
目次 Table of Contents |
論文審定書 i 誌謝 iii 中文摘要 iv 英文摘要 v 1 Introduction 1 1.1 System and Security Requirements . . . . . . . . . . . . . . . . . . . 2 1.1.1 System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1.2 Security Requirements . . . . . . . . . . . . . . . . . . . . . . 4 1.2 Our Contribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.3 Organization of the Thesis . . . . . . . . . . . . . . . . . . . . . . . . 5 2 Related Works 6 2.1 The Concept of He et al.’s Priauth Scheme . . . . . . . . . . . . . . . 6 2.1.1 The Definition of VLR-GS-BU . . . . . . . . . . . . . . . . . . 7 2.2 VLR-GS-BU Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.3 The Priauth Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 3 Preliminaries 11 3.1 Verifier-Local Revocable Group Signatures (VLR-GS) . . . . . . . . . 11 3.1.1 The Definition of BS-VLR-GS . . . . . . . . . . . . . . . . . . 11 3.1.2 Security Definition . . . . . . . . . . . . . . . . . . . . . . . . 12 3.1.3 Bilinear Map . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 3.1.4 Boneh-Shacham VLR-GS Scheme . . . . . . . . . . . . . . . . 15 3.2 Nakanishi et al.’s Group Signature Scheme . . . . . . . . . . . . . . . 17 3.2.1 The Definition of Nakanishi et al.’s GS . . . . . . . . . . . . . 17 3.2.2 Security Definition . . . . . . . . . . . . . . . . . . . . . . . . 19 3.2.3 Signatures of Knowledge . . . . . . . . . . . . . . . . . . . . . 21 3.2.4 Nakanishi et al.’s GS Scheme . . . . . . . . . . . . . . . . . . 23 3.3 Elliptic Curve Digital Signature Algorithm (ECDSA) . . . . . . . . . 25 3.3.1 The Definition of ECDSA . . . . . . . . . . . . . . . . . . . . 25 3.3.2 Security Definition . . . . . . . . . . . . . . . . . . . . . . . . 26 3.4 Definition of Broadcast Encryption . . . . . . . . . . . . . . . . . . . 27 4 An Efficient Strong Anonymous Authentication Protocol 28 4.1 Setup Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 4.2 Registration Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 4.3 Initial Authentication Phase . . . . . . . . . . . . . . . . . . . . . . . 31 4.4 Subsequent Authentication Phase . . . . . . . . . . . . . . . . . . . . 34 5 Security Proofs and Analyses 37 5.1 Security Model and Definition . . . . . . . . . . . . . . . . . . . . . . 37 5.2 Security Proofs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 5.2.1 The Security Proof for Initial Authentication . . . . . . . . . . 41 5.2.2 The Security Proof for Subsequent Authentication . . . . . . . 47 6 Analyses and Comparisons 53 6.1 Properties Comparisons . . . . . . . . . . . . . . . . . . . . . . . . . 53 6.2 Performance Comparisons . . . . . . . . . . . . . . . . . . . . . . . . 54 7 Conclusion 57 |
參考文獻 References |
[1] G. Ateniese, A. Herzberg, H. Krawczyk, and G. Tsudik,On traveling incognito, Proc. IEEE Workshop Mobile Syst, Appl, Dec. 1994. [2] F. Boudot, Efficient proofs that a committed number lies in an interval, Proc.EUROCRYPT2000, LNCS 1807, pp.431-444, 2000. [3] P. Bichsel, J. Camenisch, G. Neven, N. P. Smart, and B. Warinschi, Get Shorty via Group Signatures without Encryption, Proc. SCN 2010, LNCS 6280, pp. 381-398, 2010. [4] D. Boneh, C. Gentry, and B.Waters, Collusion Resistant Broadcast Encryption With Short Ciphertexts and Private Keys, Proc. Crypto ’05, LNCS 3621, pp. 258-275, 2005. [5] D. Chaum and E. Heyst, Group signatures, Proc. EUROCRYPT 91, pp. 257- 265, 1991. [6] M. Bellare and P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols, Proc. First ACM Conf. Computer Commun. Se- curity, pp. 62-73, 1993. [7] M. Bellare and P. Rogaway, Entity authentication and key distribution, Proc. CRYPTO, pp. 232-249, 1993. [8] D. Boneh and H. Shacham, Group signatures with verifier-local revocation, Proc. ACM Conf. Computer Commun. Security, pp. 168-177,2004. [9] J. Camenisch and A. Lysyanskaya, A signature scheme with efficient protocols, Proc. SCN 02, LNCS 2576, pp.268 289, 2002. [10] J. Camenisch and M. Michels, Separability and efficiency for generic group signature schemes, Proc. CRYPTO 99, LNCS 1666, pp.413-430, 1999. [11] I. Damgard and E. Fujisaki,A statistically-hiding integer commitment scheme based on groups with hidden order, Proc. ASIACRYPT2002, LNCS 2501, pp.125-142, 2002. [12] A. Fiat and A. Shamir,How to prove yourself: Practical solutions to identification and signature problems, Proc. CRYPTO 86, LNCS 263, pp.186-194,1987. [13] S. Goldwasser and S. Micali, Probabilistic encryption, Proc. J. Comput.Syst. Sci., vol. 28, no. 2, pp. 270-299, 1984. [14] K. F. Hwang and C. C. Chang,A self-encryption mechanism for authentication of roaming and teleconference services, Proc. IEEE Trans. Wireless Communi- cation, vol. 2, no. 2, pp. 400-407, Mar. 2003. [15] D. He, C. Chen, S. Chan and J. Bu, Strong roaming authentication technique for wireless and mobile networks, Proc. International Journal of Communication System, 4 Jan. 2012. [16] D. He, J. Bu, S. Chan, C. Chen, and M. Yin, Privacy-Preserving Universal Authentication Protocol for Wireless Communications, Proc. IEEE Trans. on Wireless Communications, vol. 10, no. 2, Feb. 2011. [17] D. He, M. Ma, Y. Zhang, C. Chen, and J. Bu, A strong user authentication scheme with smart cards for wireless communications, proc. Computer Com- mun., 2010. [18] T. Nakanishi and N. Funabiki, Verifer-local revocation group signature schemes with backward unlinkability from bilinear maps, Proc. ASIACRYPT 05, LNCS, vol. 3788, pp. 533-548, 2005. [19] T. Nakanishi, F. Kubooka, N. Hamada, and N. Funabiki, Group Signature Schemes with Membership Revocation for Large Groups, Proc. ACISP 2005, LNCS 3574, pp. 443-454, 2005. [20] T. Nakanishi and Y. Sugiyama, A group signature scheme with efficient membership revocation for reasonable groups, Proc. ACISP2004, LNCS 3108, pp.336 347,2004. [21] G. Yang, Q. Huang, D. S. Wong, and X. Deng,Universal authentication protocols for anonymous wireless Communications, proc. IEEE Trans.Wireless Commun., vol. 9, no. 1, pp. 168-174, 2010. [22] G. Yang, D. S. Wong, and X. Deng, Formal security definition and efficient construction for roaming with a privacy-preserving extension, Proc. J. Universal Comput. Sci, vol. 14, no. 3, pp. 441-462, 2008. [23] G. Yang, D. S. Wong, and X. Deng, Anonymous and authenticated key exchange for roaming networks, proc. IEEE Trans. Wireless Communication, vol.6, no. 9, pp. 3461-3472, 2007. [24] M. Zhang and Y. Fang, Security analysis and enhancements of 3GPP authentication and key agreement protocol, Proc. IEEE Trans. Wireless Communica- tion, vol. 4, no. 2, pp. 734-742, 2005. [25] ANSI X9.62,Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), 1999. |
電子全文 Fulltext |
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。 論文使用權限 Thesis access permission:自定論文開放時間 user define 開放時間 Available: 校內 Campus: 已公開 available 校外 Off-campus: 已公開 available |
紙本論文 Printed copies |
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。 開放時間 available 已公開 available |
QR Code |