English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 62797/95867 (66%)
造訪人次 : 3751029      線上人數 : 453
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    請使用永久網址來引用或連結此文件: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/34985


    題名: The study of efficient password authenticated key agreement protocol for multi-servers
    其他題名: 適用於多伺服系統的高效率具鑑別性共同密鑰產生技術之研究
    作者: 蕭勝華;Shiau, Sheng-hua
    貢獻者: 淡江大學資訊工程學系博士班
    黃仁俊;Hwang, Ren-junn
    關鍵詞: 通行碼鑑別;金鑰協同;多伺服系統;隨機智者模型;邏輯分析;password authentication;key agreement;multi-server;random oracle model;logic analysis
    日期: 2007
    上傳時間: 2010-01-11 05:52:01 (UTC+8)
    摘要: 由於網路相關應用的增長,網路安全成為一重要之議題。對於終端使用者來說,在網路中其最重要且最廣泛的應用即是經由公開網路取得伺服器所提供的服務。伺服器只能提供服務給合法的使用者,並能防止任何非法的存取。因此,在公開網路環境中,身分鑑別與訊息機密性為兩大重要之安全服務。具鑑別性共同密鑰產生技術在此提供一良好的解決方案。我們在本論文中提出兩種適用於多伺服系統具鑑別性共同密鑰產生技術。在我們所提出的方法中,一合法的使用者只需利用一通行碼與一張智慧卡即可安全的存取多台伺服器。在每次使用者登入伺服器時,他們會互相鑑別對方的身分,並且產生一共同密鑰。我們分別利用隨機智者模型(random oracle model)與邏輯分析(logic analysis)來證明方法的安全性與鑑別性。我們所提出的方法能夠抵擋重送攻擊(replay attack)、假冒攻擊(impersonation attack)、已知金鑰攻擊(known key attack)、未知金鑰分享攻擊(unknown key share attack)、密碼驗證檔失竊攻擊(stolen verifier attack)及內部攻擊(insider attack)。每一合法使用者能在不連結伺服器的情況下,執行方法中之更改通行碼步驟來變更自己的通行碼。此外,我們所提出的方法植基於幾何直線問題、雜湊函數及互斥或運算。和之前所提出的方法比較之下,我們的方法只需較少的運算量與通訊量,具有較好的效率。
    Network security is an important issue since the rising network application. For an end user, the most important and wide application is to obtain services from servers via open networks. A server has to provide services only to its legal users and prevent any illegal access. Therefore, identity authentication and message confidentiality are two primary security services in an open network environment. An authenticated key agreement protocol is a good solution for providing identity authentication and message confidentiality security services. We propose two password authenticated key agreement protocols for multi-servers. In these two protocols, a valid user can access multi-servers securely by keeping one weak password and one smart card only. The user and server will authenticate each other and generate a common session key in each login process. The security and authentication of two proposed protocols is demonstrated by random oracle model and logic analysis separately. Both proposed protocols resist the replay attack, the impersonation attack, the known key attack, the unknown key share attack, the stolen verifier attack and the insider attack. Each legal user can change his password without connecting to any server by performing the password change phase of each proposed protocol. Furthermore, both proposed protocols are based on straight line of geometry, hash function and Exclusive OR operation. They do not use any overload cryptographic operations and require less computational and communicational costs than previous results.
    顯示於類別:[資訊工程學系暨研究所] 學位論文

    文件中的檔案:

    檔案 大小格式瀏覽次數
    0KbUnknown396檢視/開啟

    在機構典藏中所有的資料項目都受到原著作權保護.

    TAIR相關文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回饋