淡江大學機構典藏:Item 987654321/74396
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 62805/95882 (66%)
Visitors : 3930794      Online Users : 648
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/74396


    Title: 智慧卡下有效率具不可追蹤性之密碼認證機制
    Other Titles: An efficient and untraceable password-authenticated key agreement using smart cards
    Authors: 趙國全;Jhao, Guo-Cyuan
    Contributors: 淡江大學資訊管理學系碩士班
    李鴻璋;Lee, Hung-Chang
    Keywords: 智慧卡;互相認證;不可追蹤性;動態密碼;線性反饋位移暫存器;smart card;mutual authentication;untraceability;one time password;LFSR
    Date: 2011
    Issue Date: 2011-12-28 18:31:33 (UTC+8)
    Abstract: 近年來,隨著智慧卡在身分敏感的登入認證系統之應用,有效率的互相認證與會議鑰匙產生協議皆是重要的安全議題。2010年,Li et al.研究提出了對JCL演算法的修正版,以滿足匿名性及不可追蹤性,加強了使用者身分的保護,但Li et al.及JCL方法中,在雙方通訊過程所伴隨的高溝通和運算成本,與智慧卡晶片處理器的處理限制不符。且為了達到不可追蹤性之安全水準,必須符合在Li et al.演算法認證資訊的設計條件下,降低了登入認證系統彈性,因此本論文針對Li et al.演算法加以改進,讓智慧卡登入認證系統在滿足不可追蹤性下,並具有更好的效能與系統彈性。
    本論文提出一個以亂數方式產生動態密碼的演算法,結合了線性反饋位移暫存器(LFSR)的虛擬亂數(Pseudorandom)演算法之概念,將每回合產生具不可追蹤性之亂數作為認證資訊。在登入階段,以動態密碼作為互相認證的因子,通過互相認證協議出會議鑰匙減少了三分之一的通訊回合。
    在效能評估上,透過認證過程所需消耗的溝通成本與運算成本,以及各階段實際執行時間進行比較。實驗結果顯示,本論文相較於Li et al.演算法,不僅同樣滿足匿名性和不可追蹤性,在登入階段減少了通訊回合數,降低溝通和運算成本,如此,可達到效率及效能兼具的智慧卡登入認證系統。
    Mutual Authentication and session key agreement based smart card became a strong security way in remote login authentication system. In 2010, Li et al. remedy JCL scheme provides initiator untraceable property to strength the identity protection. Owing to Li et al. scheme accompany high computation and communication cost over the communication channel, this was a conflict with smart cards embedded processors capability. Furthermore, the proposed mechanism for untraceability property lack some sort of flexibility in authentication message configuration and encryption algorithms chosen.
    In this paper, we proposed an One Time Password (OTP) mechanism embedded on both the smart card and the login server. Linear Feedback Shift Register (LFSR) algorithm was used as an OTP generator to produce pseudo-randomness sequences. In each authentication session, activated by on the same initial seed, smart card/severs generate the corresponding one time password for mutual authentication usage.
    Analysis results show that, when compared with Li et al. remedy JCL scheme, the number of communication session in the login phase decrease by one-third. And if both run under the same chosen functions, the overall computation cost in login phase decrease by two-thirds. Furthermore, we “remedy” the Li et al. scheme by changing the order of message not only achieved untraceability property but also increase the flexibility within the authentication system.
    Appears in Collections:[Graduate Institute & Department of Information Management] Thesis

    Files in This Item:

    File SizeFormat
    index.html0KbHTML229View/Open

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback