淡江大學機構典藏:Item 987654321/74396
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 62830/95882 (66%)
造访人次 : 4046896      在线人数 : 751
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/74396


    题名: 智慧卡下有效率具不可追蹤性之密碼認證機制
    其它题名: An efficient and untraceable password-authenticated key agreement using smart cards
    作者: 趙國全;Jhao, Guo-Cyuan
    贡献者: 淡江大學資訊管理學系碩士班
    李鴻璋;Lee, Hung-Chang
    关键词: 智慧卡;互相認證;不可追蹤性;動態密碼;線性反饋位移暫存器;smart card;mutual authentication;untraceability;one time password;LFSR
    日期: 2011
    上传时间: 2011-12-28 18:31:33 (UTC+8)
    摘要: 近年來,隨著智慧卡在身分敏感的登入認證系統之應用,有效率的互相認證與會議鑰匙產生協議皆是重要的安全議題。2010年,Li et al.研究提出了對JCL演算法的修正版,以滿足匿名性及不可追蹤性,加強了使用者身分的保護,但Li et al.及JCL方法中,在雙方通訊過程所伴隨的高溝通和運算成本,與智慧卡晶片處理器的處理限制不符。且為了達到不可追蹤性之安全水準,必須符合在Li et al.演算法認證資訊的設計條件下,降低了登入認證系統彈性,因此本論文針對Li et al.演算法加以改進,讓智慧卡登入認證系統在滿足不可追蹤性下,並具有更好的效能與系統彈性。
    本論文提出一個以亂數方式產生動態密碼的演算法,結合了線性反饋位移暫存器(LFSR)的虛擬亂數(Pseudorandom)演算法之概念,將每回合產生具不可追蹤性之亂數作為認證資訊。在登入階段,以動態密碼作為互相認證的因子,通過互相認證協議出會議鑰匙減少了三分之一的通訊回合。
    在效能評估上,透過認證過程所需消耗的溝通成本與運算成本,以及各階段實際執行時間進行比較。實驗結果顯示,本論文相較於Li et al.演算法,不僅同樣滿足匿名性和不可追蹤性,在登入階段減少了通訊回合數,降低溝通和運算成本,如此,可達到效率及效能兼具的智慧卡登入認證系統。
    Mutual Authentication and session key agreement based smart card became a strong security way in remote login authentication system. In 2010, Li et al. remedy JCL scheme provides initiator untraceable property to strength the identity protection. Owing to Li et al. scheme accompany high computation and communication cost over the communication channel, this was a conflict with smart cards embedded processors capability. Furthermore, the proposed mechanism for untraceability property lack some sort of flexibility in authentication message configuration and encryption algorithms chosen.
    In this paper, we proposed an One Time Password (OTP) mechanism embedded on both the smart card and the login server. Linear Feedback Shift Register (LFSR) algorithm was used as an OTP generator to produce pseudo-randomness sequences. In each authentication session, activated by on the same initial seed, smart card/severs generate the corresponding one time password for mutual authentication usage.
    Analysis results show that, when compared with Li et al. remedy JCL scheme, the number of communication session in the login phase decrease by one-third. And if both run under the same chosen functions, the overall computation cost in login phase decrease by two-thirds. Furthermore, we “remedy” the Li et al. scheme by changing the order of message not only achieved untraceability property but also increase the flexibility within the authentication system.
    显示于类别:[資訊管理學系暨研究所] 學位論文

    文件中的档案:

    档案 大小格式浏览次数
    index.html0KbHTML230检视/开启

    在機構典藏中所有的数据项都受到原著作权保护.

    TAIR相关文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回馈