English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 49378/84106 (59%)
造訪人次 : 7364753      線上人數 : 54
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    請使用永久網址來引用或連結此文件: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/74396


    題名: 智慧卡下有效率具不可追蹤性之密碼認證機制
    其他題名: An efficient and untraceable password-authenticated key agreement using smart cards
    作者: 趙國全;Jhao, Guo-Cyuan
    貢獻者: 淡江大學資訊管理學系碩士班
    李鴻璋;Lee, Hung-Chang
    關鍵詞: 智慧卡;互相認證;不可追蹤性;動態密碼;線性反饋位移暫存器;smart card;mutual authentication;untraceability;one time password;LFSR
    日期: 2011
    上傳時間: 2011-12-28 18:31:33 (UTC+8)
    摘要: 近年來,隨著智慧卡在身分敏感的登入認證系統之應用,有效率的互相認證與會議鑰匙產生協議皆是重要的安全議題。2010年,Li et al.研究提出了對JCL演算法的修正版,以滿足匿名性及不可追蹤性,加強了使用者身分的保護,但Li et al.及JCL方法中,在雙方通訊過程所伴隨的高溝通和運算成本,與智慧卡晶片處理器的處理限制不符。且為了達到不可追蹤性之安全水準,必須符合在Li et al.演算法認證資訊的設計條件下,降低了登入認證系統彈性,因此本論文針對Li et al.演算法加以改進,讓智慧卡登入認證系統在滿足不可追蹤性下,並具有更好的效能與系統彈性。
    本論文提出一個以亂數方式產生動態密碼的演算法,結合了線性反饋位移暫存器(LFSR)的虛擬亂數(Pseudorandom)演算法之概念,將每回合產生具不可追蹤性之亂數作為認證資訊。在登入階段,以動態密碼作為互相認證的因子,通過互相認證協議出會議鑰匙減少了三分之一的通訊回合。
    在效能評估上,透過認證過程所需消耗的溝通成本與運算成本,以及各階段實際執行時間進行比較。實驗結果顯示,本論文相較於Li et al.演算法,不僅同樣滿足匿名性和不可追蹤性,在登入階段減少了通訊回合數,降低溝通和運算成本,如此,可達到效率及效能兼具的智慧卡登入認證系統。
    Mutual Authentication and session key agreement based smart card became a strong security way in remote login authentication system. In 2010, Li et al. remedy JCL scheme provides initiator untraceable property to strength the identity protection. Owing to Li et al. scheme accompany high computation and communication cost over the communication channel, this was a conflict with smart cards embedded processors capability. Furthermore, the proposed mechanism for untraceability property lack some sort of flexibility in authentication message configuration and encryption algorithms chosen.
    In this paper, we proposed an One Time Password (OTP) mechanism embedded on both the smart card and the login server. Linear Feedback Shift Register (LFSR) algorithm was used as an OTP generator to produce pseudo-randomness sequences. In each authentication session, activated by on the same initial seed, smart card/severs generate the corresponding one time password for mutual authentication usage.
    Analysis results show that, when compared with Li et al. remedy JCL scheme, the number of communication session in the login phase decrease by one-third. And if both run under the same chosen functions, the overall computation cost in login phase decrease by two-thirds. Furthermore, we “remedy” the Li et al. scheme by changing the order of message not only achieved untraceability property but also increase the flexibility within the authentication system.
    顯示於類別:[資訊管理學系暨研究所] 學位論文

    文件中的檔案:

    檔案 大小格式瀏覽次數
    index.html0KbHTML136檢視/開啟

    在機構典藏中所有的資料項目都受到原著作權保護.

    TAIR相關文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回饋