Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/17925
標題: 通訊網路上身份認證與數位簽章技術之研究
The Study of Authentication and Digital Signature Schemes on Communication Networks
作者: 陳怡華
Chen, Yi-Hwa
關鍵字: Authentication
認證
Digital Signature
Network
數位簽章
網路
出版社: 應用數學系所
引用: 1. Arnab and A. Hutchison, “Digital rights management — a current review,” Departmental technical report, no. CS-04-00, University of Cape Town, 2004. URL: http://pubs.cs.uct.ac.za/archive/00000114/. 2. Arnab and A. Hutchison, “Digital Rights Management - An overview of Current Challenges and Solutions,” In Proceedings of Information Security South Africa (ISSA), Midrand, South Africa, 2004. 3. Arnab and A. Hutchison, “Requirement Analysis of Enterprise DRM systems,” In Proceedings of Information Security South Africa (ISSA), Hotel Balalaika, Sandton, Johannesburg, South Africa, 2005. 4. A.K. Awasthi and S. Lal, “A remote user authentication scheme using smart cards with forward secrecy,” IEEE Transaction on Consumer Electronics, Vol. 49, No. 4, pp. 1246-1248, November, 2003. 5. F. Bartolini, V. Cappellini, A. Piva, A. Fringuelli, and M. Barni, “Electronic Copyright Management Systems: Requirements, Players and Technologies,” International Workshop on Database and Expert Systems Applications DEXA99, Florence, Italy, , pp.896-898, 1999. 6. K. Becker and U. Wille, “Communication complexity of group key distribution,” 5th Conference on Computer and Communications Security, pp.1-6, ACM Press, 1998. 7. M. Bellare, D. Pointcheval and P. Rogaway, “Authenticated key exchange secure against dictionary attacks,” Proc. of Advances in Cryptology - Eurocrypt 2000, pp.122-138, 2000. 8. M. Bellare and P. Rogaway, “Entity authentication and key distribution,” Advances in Cryptology - CRYPTO''93, pp.232-249, 1993. 9. M. Bellare and P. Rogaway, “Provably secure session key distribution - the three party case,” Proceedings of the 27th ACM Symposium on the Theory of Computing, pp.162-169, 1995. 10. M. Bellare and P. Rogaway, “Random oracles are practical: a paradigm for designing efficient protocols,” Proc. of the 1st ACM Conference on Computer and Communications Security, (CCS'93), ACM Press, pp.62-73, 1993. 11. J. Bohli, M. Vasco and R. Steinwandt, “Secure Group Key Establishment Revisted,” International Journal of Information Security, Vol.6, No.4, pp.243-254, 2007. 12. C. Boyd and J. M. G. Nieto, “Round-optimal contributory conference key agreement,” Public Key Cryptography - PKC 2003, LNCS 2567, pp.161-174, 2003. 13. E. Bresson, O. Chevassut and D. Pointcheval, “Dynamic group Diffie-Hellman key exchange under standard assumptions,” Advances in Cryptology-Proceedings of Eurocrypt'02, LNCS 2332, pp.321-336, 2002. 14. E. Bresson, O. Chevassut and D. Pointcheval, “Provably Authenticated Group Diffie-Hellman Key Exchange - The Dynamic Case,” Advances in Cryptology - ASIACRYPT, LNCS 2248, pp.290-309, 2001. 15. E. Bresson, O. Chevassut and D. Pointcheval and J. Quisquater, “Provably Authenticated Group Diffie-Hellman Key Exchange,” Proc. of the 8st ACM Conference on Computer and Communications Security, (CCS'01), ACM Press, pp.255-264, 2001. 16. M. Burmester and Y. Desmedt, “A secure and efficient conference key distribution system,” Advances in Cryptology-Proceedings of Eurocrypt'94, LNCS 950, pp.275-286, 1994. 17. C.K. Chan and L.M. Cheng, “Cryptanalysis of a remote user authentication scheme using smart cards,” IEEE Transaction on Consumer Electronics, Vol. 46, pp. 992-993, 2000. 18. C. C. Chang and W. Y. Liao, “A remote password authentication scheme based upon ElGamal''s signature scheme,” Computers and Security, Vol. 13, No. 2, pp.137-144, April 1994. 19. Y. Chang, “A Practical Three-Party Key Exchange Protocol with Round Efficiency,” International Journal of Innovative Computing, Information and Control, Vol.4, No.4, pp.953-960, 2008. 20. Y. F. Chang and C. C. Chang, “Robust t-out-of-n Proxy Signature Based on RSA Cryptosystems,” International Journal of Innovative Computing, Information and Control, Vol. 4, No. 2, pp. 425-431, 2008. 21. H. Y. Chien, J. K. Jan and Y. M. Tseng, "A modified remote login authentication scheme based on geometric approach," The Journal of System and Software, Vol. 55, pp. 287-290, 2001. 22. T. Chikazawa and T. Inoue, “A new key sharing scheme for global telecommunications,” In Proc. Globecom'90 (1990) 1069-1072 23. T. Chikazawa and A. Yamagishi, ”Improved identity-based key sharing system for a multi- address communication,” Electron. Lett. Vol. 28 No. 11 (1992) 1015-1017 24. K. Choo, C. Boyd and Y. Hitchcock, “Examining Indistinguishability-Based Proof Models for Key Establishment Protocols,” Advances in Cryptology - ASIACRYPT, LNCS 3788, pp.585-604, 2005. 25. W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Transaction on Information Theory, 22(6), pp.644-654, 1976. 26. T. Elgamal, “A public key cryptosystem and a signature scheme based on discrete logarithm,” IEEE Trans. Inform. Theory, IT-31, (4), pp.469-472, 1985. 27. R. Gennaro, S. Jarecki, H. Krawczyk and T. Rabin, “Robust Threshold DSS Signatures,” Advances in Cryptology-Eurocrypt'96, LNCS Vol.1070, Springer-Verlag, pp.354-371, 1996,. 28. M. Girault, “Self-certified public key”, Advances in Cryptology-EUROCRYPT'91, pp. 491-497,1991 29. S. Goldwasser and S. Micali, “Probabilistic encryption,” Journal of Computer and System Sciences, Vol.28, pp.270-299, 1986. 30. G. Gu, B. B. Zhu, S. Li and S. Zhang, “PLI: A New Framework to Protect Digital Content for P2P Networks,” ACNS 2003, LNCS Vol.2846, Springer-Verlag, pp.206-216, 2003. 31. G. Horng, “An efficient and secure protocol for multi-party key establishment,” The computer journal, 44, pp.463-470, 2001. 32. G. Horng, “Password authentication without using password table,” Information Processing Letters, Vol. 55, 247-250, 1995. 33. P. Horster, M. Michels, H. Peterson, “Authenticated encryption scheme with low communication costs,” Electronics Letters 30 (15) (1994) 1212. 34. M. S. Hwang, “A remote password authentication scheme based on the digital signature method,” International Journal of Computer Mathematics, Vol. 70, pp. 657-666, 1999. 35. M.S. Hwang and L.H. Li, “A new remote user authentication scheme using smart cards,” IEEE Transaction on Consumer Electronics, Vol. 46, No. 1, pp. 28 -30, February, 2000. 36. T. Hwang, Y. Chen and C. S. Laih, “Non-interactive password authentications without password tables,” IEEE Region 10 Conference on Computer and Communications, IEEE Computer Society, pp. 429-431, 1990. 37. Ingemarsson, T.D. Tand, and C.K. Wong, “A conference key distribution system.” IEEE Trans. Inform. Theory Vol. 28 (1982) 714-720 38. J. K. Jan and Y. Y. Chen, “Paramita wisdom' password authentication scheme without verification tables,” The Journal of Systems and Software, Vol. 42, pp. 45-57, 1998. 39. S. Jarecki and A. Lysyanskaya, “Adaptively Secure Threshold Cryptography,” Advances in Cryptology-Eurocrypt'00, LNCS Vol.1807, Springer-Verlag, pp.221-242, 2000. 40. B.E. Jung, “On the forward secrecy of Chikazawa-Yamagishi ID-based key sharing scheme,” IEEE Comm. Lett. Vol. 8 No. 2 (2004) 114-115 41. J. Katz and M. Yung, “Scalable Protocols for Authenticated Group Key Exchange,” Advances in Cryptology -CRYPTO, LNCS 2729, pp.110-125, 2003. 42. H. Kim, S. Lee and D. Lee, “Constant-Round Authenticated Group Key Exchange for Dynamic Groups,” Advances in Cryptology - ASIACRYPT, LNCS 3329, pp.245-259, 2004. 43. M. Kumar, “Some remarks on a remote user authentication scheme using smart cards with forward secrecy,” IEEE Transaction on Consumer Electronics, Vol. 50, No. 2, pp. 615-618, May, 2004. 44. L. Lamport, “Password authentication with insecure communication,” Communications of ACM, Vol. 24, pp. 770-772, 1981. 45. J. Lee, Y. Chang and C. Chang, “A Novel Authentication Protocol for Multi-server Architecture without Smart Cards,” International Journal of Innovative Computing, Information and Control, Vol.4, No.6, pp.1357-1364, 2008. 46. S.U. Lee, H.S. Kim and K.Y. Yoo, “comment on ‘A remote user authentication scheme using smart cards with forward secrecy,'” IEEE Transaction on Consumer Electronics, Vol. 50, No. 2, pp. 576-577, May, 2004. 47. T. Lee and T. Hwang, “Improvement of the Round-Optimal Conference Key Agreement Protocol,” 16th Information Security Conference, pp. 98-102, Taiwan, June 2006. 48. C.Y. Liu, M.S. Hwang, J.W. Lo, and S.C. Lin, “Cryptanalysis of A user friendly remote authentication scheme with smart cards,” Information Security Conference, pp. 256-259, 2004. 49. D. Mulligan, J. Han, and A. Burstein, “How DRM Based Content Delivery Systems Disrupt Expectations of Personal Use.” In Proceedings of the 2003 ACM workshop on Digital Rights Management, pp.77-89, 2003. 50. URL: http://doi.acm.org/10.1145/947380.9 51. R.M. NEEDHAM, and M.D. SCHROEDER, “Using encryption for authentication in large networks of computers”, Communications of the ACM 21, 12 (Dec. 1978), pp. 993-999 52. K. Nyberg, R.A. Rueppel, “Message recovery for signature schemes based on the discrete logarithm,” Designs, Codes Cryptography 7 (1996) 61-81. 53. J. Park, R. Sandhu, and J. Schifalacqua, “Security architectures for controlled digital information dissemination,” in Proceedings of the 16th Annual Computer Security Applications Conference (ACSAC ''00), New Orleans, LA, USA, pp.224-233, 2000. 54. S. Pohlig and M. Hellman, “An improved algorithm for computing logarithms over GF(P) and its cryptographic significance,” IEEE Trans. on Inform. Theory, IT-24, pp.106-110, 1978. 55. D. Pointcheval and J. Steiner, “Security arguments for digital signatures and blind signatures,” Journal of Cryptology, Vol. 13, NO. 3, pp.361-396, 2000. 56. D. Pointcheval and J. Steiner, “Security proofs for signature schemes,” Advances in Cryptology-Proceedings of Eurocrypt'96, LNCS 1070, pp.387-398, 1996. 57. R.L. Rivest, A. Shamir and L. Adelman, “A mothod for obtaining digital signature and public key cryptosystem,” Comm. ACM Vol. 21 No. 2 (1978) 120-126 58. B. Rosenblatt, “DRM for the enterprise,” Jupiter Webinar, Jupiter Media Corporation, Inc., 2004. 59. B. Schneier, Applied Cryptography, 2nd ed., Wiley, New York, 1996. 60. A. Shamir, “How to Share a Secret,” Communications of the ACM, Vol.22, No.11, pp.612-613, 1979. 61. Z. Shao, “Improvement of digital signature with message recovery using self-certified public keys and its variants,” Applied Mathematics and Computation 159 (2004) 391-399. 62. J.J. Shen, C.W. Lin and M.S. Hwang, “A modified remote user authentication scheme using smart cards,” IEEE Transaction on Consumer Electronics, Vol. 49, No. 2, pp. 414-416, May, 2003. 63. V. Shoup, “Sequences of games: a tool for taming complexity in security proofs,” available in http://shoup.net/papers/, Jan. 2006. 64. K. Shim, “Cryptanalysis of Mutual Authentication and Key Exchange for Low Power Wireless Communications”, IEEE Communications Letters, Vol. 7, No.5, pp.248-250, 2003 65. K. Shim, “Some attacks on Chikazawa-Yamagishi ID-based key sharing scheme,” IEEE Commun. Lett. Vol. 7 (2003) 145-147 66. A. Simbo and A. Kawamura,”Cryptanalysis of several conference key distribution systems,” In Proc. Asiacrypt'91 (1991) 256-276 67. M. Steiner, G. Tsudik and M. Waidner, “A new approach to group key agreement,” Proceedings of the 18th Int. Conf. Distributed Computing System (ICDCS'98), Amsterdam, The Netherlands, 26-29 May, pp. 380-387, 1998, IEEE Press, New Jersey. 68. M. Steiner, G. Tsudik and M. Waidner, “Diffie-Hellman key distribution extended to group communication,” 3rd Conference on Computer and Communications Security, New Delhi, March 1996, ACM Press. 69. M. Steiner, G. Tsudik and M. Waidner, “Key agreement in dynamic peer groups,” IEEE Trans. Par. Distrib. Syst. Vol. 11, pp. 769-780, 2000. 70. H.M. Sun, “An efficient remote user authentication scheme using smart cards,” IEEE Transaction on Consumer Electronics, Vol. 46, No. 4, pp. 958-961, November, 2000. 71. Y. Tseng, “A robust multi-party key agreement protocol resistant to malicious participants,” The computer journal, 48, pp. 480-487, 2005. 72. Y.M. Tseng, J.K. Jan, “An efficient authenticated encryption scheme with message linkages and low communication costs,” J. Inform. Sci. Engrg. 18 (1) (2002) 41-46. 73. Y.M. Tseng and J.K. Jan, “Improvement of Chikazawa-Yamagishi ID-based key sharing sys- tem,” Electron. Lett. Vol. 34 No. 12 (1998) 1221-1222 74. Y.M. Tseng, J.K. Jan, H.Y. Chien, “Authenticated encryption scheme with message linkages for message flows,” Computers and Electrical Engineering, U.S.A. Vol.29, No. 1, pp.101-109, 2003. 75. Y.M. Tseng, J.K. Jan, H.Y. Chien, “Digital signature with message recovery using self-certified public keys and its variants,” Applied Mathematics and Computation 136 (2003) 203-214. 76. D.S. WONG, and A.H. CHAN, “Mutual Authentication and Key Exchange for Low Power Wireless Communications”, Military Communications for Network-Centric Operations: Creating the Information Force. IEEE 2001, (1), pp. 39-43 77. S. T. Wu and B. C. Chieu, “A user friendly remote authentication scheme with smart cards,” Computer & Security, Vol. 22, No. 6, pp. 547-550, 2003 78. T. C. Wu, "Remote login authentication scheme based on a geometric approach," Computer Communications, Vol. 18, No. 12, pp. 959-963, 1995. 79. T.S. Wu, C.L. Hsu, “Convertible authenticated encryption scheme,” The Journal of System and Software 62 (2002) 205-209. 80. Q. Xie, X.Y. YU, “Cryptanalysis of Tseng et al.'s authenticated encryption schemes,” Applied Mathematics and Computation 158 (2004) 1-5. 81. W. H. Yang and S. P. Shieh, “Password authentication schemes with smart cards,” Computer & Security, Vol. 18, No. 8, pp. 727-733, 1999. 82. Z. Zhang, B. Fang, M. Hu and H. Zhang, “Security Analysis of Session Initiation Protocol,” International Journal of Innovative Computing, Information and Control, Vol.3, No.2, pp.457-469, 2007. 83. Adobe lifecycle document security. Data sheet, Adobe, 2005. 84. URL: http://www.adobe.com/products/server/Securityserver/pdfs/docsecurityserverds.p df. 85. Authentica delivers next-generation enterprise rights management platform, Press release, Authentica, 2005. 86. URL: http://www.authentica.com/news/pr2005/02-14-2005-ARM.aspx?pf=1. 87. Microsoft Windows Rights Management Services for Windows Server 2003 - Helping Organizations Safeguard Digital Information from Unauthorized Use, White paper Microsoft Corporation, 2003. 88. Mirage: Simple, Convenient, and Reliable Protection of Critical Enterprise Business Data, White paper, Alchemedia Technologies, Inc. 89. TrustView Company, URL: http://www.trustview.com.tw/index.aspx 90. Windows rights management services: Protecting electronic content in financial, healthcare, government and legal organizations, 2003. 91. URL: http://www.microsoft.com/windowsserver2003/techinfo/overview/rmsverticals.mspx.
摘要: 通訊網路已被視為可以提供現代人日常生活巨大方便性的高科技應用之一。人們所需的資料可以透過公開的通訊網路快速送達。但是傳輸中的資料有可能被竊聽或竄改,而非法者也有可能偽裝成合法者身份存取伺服器中的敏感資料或取得其服務。因此.保護傳輸中的資料和伺服器中的敏感資料或服務就成為重要的研究課題。一般來說,加密協定是保護這些資料的重要方法。它所需要的金鑰則可以透過金鑰分配或金鑰協議協定來獲得。至於鑑別式金鑰交換協定則可以讓通訊雙方彼此相互身份驗證並可以同時協商出共用的交談金鑰。 Hwang-Li在2000年利用ElGamal簽章法提出了使用智慧卡的通行碼遠端使用者驗證協定。但Chan-Cheng和Shen-Lin-Hwang隨即先後指出他們的協定無法抵抗不同型態的偽裝攻擊同時提出改進版本。Wu-Chieu也提出了使用智慧卡且具友善使用者性能(user-friendly)的通行碼遠端使用者驗證協定。但Liu等人提出它會受到偽造攻擊。我們探討前面提出改進版本和Wu-Chieu協定之安全性,並據此提出增進版本來加強其安全性,讓協定提供更優良特性。Jung在2004年提出了一個以身份為基礎的金鑰分享協定來克服先前技術的弱點。但我們發現它仍無法抵抗中間人(man-in-the-middle)攻擊,並且缺乏forward secrecy特性。我們提出改進版本來加強其安全,並使其具備forward secrecy特性。另外,我們的協定還提供會議參與者相互驗證和確認會議金鑰的特性。基於Boyd-Nieto的協定,我們提出一個強健的最佳回合金鑰協議協定,並以Bellare-Rogaway的模式來證明其安全。這個新協定保留了Boyd-Nieto協定的所有優點,如除了發起者外,其他人通訊只需一回合及固定傳輸量等。此協定提供對金鑰生成的不可否認性,及每位參與者低的計算成本等特性。Wong等人在2001年提出了一個線性的相互驗證式金鑰交換協定(linear MAKEP)。它可以在低能力無線設備端和高能力基地台端,很容易的建立起安全通訊通道。Shim發現它會受到unknown key-share攻擊並提出改進版本。但我們發現Shim的改進版本仍無法抵抗中間人(man-in-the-middle)攻擊。因此我們根據Girault方法的精神,提出一個新的有效率的MAKEP協定。除了可以克服先前的弱點外,低能力無線設備端也只需存一個秘密金鑰。 數位簽章用於確認接收訊息的完整性與簽署者身份。這個技術大量被應用於電子商務中,因其提供的不可否認特性。基於效率的考量,具有訊息復原(message recovery)性能的數位簽章技術被持續研究。Tseng等人在2003年提出了一個自我驗證公開金鑰(self-certified public key),且具有訊息復原性能的數位簽章技術。Xie-Yu發現它不安全,Shao也發現它會受到內部偽造攻擊,且不具備不可否認性和forward secrecy特性。他並因此並提出改進版本。我們發現Xie-Yu的攻擊無法運作,且Shao的改進版本仍無法抵抗內部偽造攻擊。我們提出改進版本來克服其弱點,同時提出一個鑑別式加密協定(authenticated encryption scheme),來安全地進行具資料連結(message linkages)特性的數位簽章。過去幾年,智慧型犯罪侵害版權的事件層出不窮,因此數位內容的保護引起了很大的關注。在大多數的企業裡,團隊成員常動態的進出某個計畫,並獲得授權存取數位內容資訊參與討論。為配合此種環境的安全控管,我們設計了一個能有效控管並以群體為基礎的授權式數位內容版權管理系統(group-based authorized DRM system)來達成。
Communication networks are definitely one of the major high-technology applications that offer people a modern life with appropriate convenience. The data required by people is quickly transmitted over the public communication networks. However, the transmitted data may be eavesdropped and altered, and an adversary may impersonate a legal user to access sensitive data or services from the server. Therefore, protecting data from adversaries' attack are important issues. Generally, the data transmitted or stored in some storage are protected by encryption protocols. The required key for encryption protocols is produced by key distribution or key agreement protocols. The authenticated key exchange protocols are employed to authenticate the communicating parties mutually and establish a session key simultaneously. We discuss the security of two previous remote user authentication schemes and then design a new and secure one. In 2004, Jung proposed an improved ID-Based key sharing scheme. Unfortunately, the Jung's improved scheme is vulnerable to the man-in-the-middle attack and does not provide forward secrecy. To overcome these weaknesses, we propose an improved scheme that withstands the attack and achieves forward secrecy. We propose a robust round-optimal key agreement protocol based on Boyd-Nieto's protocol and prove its security by using Bellare-Rogaway''s model. The new protocol retains the merits of Boyd and Nieto's protocol, e.g. requiring only one round in communication and constant messages for the participants, except the initiator. The new protocol also efficiently provides non-repudiation property for conference key generation. The computation cost of each participant in our new protocol is , which is not greater than the ones in previous protocols. In 2001, Wong et al. proposed a linear Mutual Authentication and Key Exchange Protocol (linear MAKEP). It can easily establish a secure communication between a low-power wireless device (client) and a powerful base station (server). Shim found that the linear MAKEP scheme was insecure such that he proposed an improved scheme to modify this weakness. However, we found that Shim's improved scheme is still insecure. Therefore, we propose a new efficient MAKEP to overcome the weaknesses. Besides the information of pre-computation and some system parameters, our scheme just needs to keep one user's secret key in client's memory. The digital signature schemes are used for the purposes of confirming the integrity and the ownership of the received messages. The schemes provide non-repudiation property that has greatly applied in the applications of e-commerce. Based on the consideration of efficiency, digital signature schemes with message recovery are studied. In 2003, Tseng et al. proposed a self-certified public key signature with message recovery. Xie-Yu and Shao claimed that Tseng et al.'s scheme is insecure against the forgery attack, respectively. Shao proposed an improved scheme to overcome the weakness. However, we show that Xie and Yu's attack cannot work and the Shao's improved scheme is still insecure against the insider forgery attack such that we proposed an improved scheme to overcome the weaknesses. Furthermore, we design a new authenticated encryption scheme for the secure signature with message linkages. Over the past two decades, several high profile cases involving intellectual property copyright violations have brought the issue of digital content protection to the forefront of public attention. In most business enterprises, teamwork project members are dynamically organized into a group from which they can then retrieve relevant documents by participating in discussion. We propose an efficient group-based authorized DRM system to solve this problem.
URI: http://hdl.handle.net/11455/17925
其他識別: U0005-0102200923040000
文章連結: http://www.airitilibrary.com/Publication/alDetailedMesh1?DocID=U0005-0102200923040000
Appears in Collections:應用數學系所

文件中的檔案:

取得全文請前往華藝線上圖書館



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.