Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/20047
標題: 運用智慧卡於多伺服器環境下之遠端使用者認證機制
A remote user authentication scheme based on smart cards for multi-server environments
作者: 劉碧惠
Liu, Pi-Hui
關鍵字: 身分認證
authentication
智慧卡
雜湊函數
多伺服器
隱私
smart card
hash
multi-server
privacy
出版社: 資訊科學與工程學系所
引用: [1] 賴溪松、韓亮、張真誠,近代密碼學及其應用,旗標出版股份有限公司,2003年。 [2] 周伯錕,利用智慧卡之遠端身份認證之研究,國立中興大學資訊科學研究所碩士學位論文,2003年。 [3] 莊耘坤,可調式家用網路身分認證方法之研究,世新大學管理學院資訊管理學系碩士論文,2008年。 [4] 智慧卡,http://dsns.csie.nctu.edu.tw/course/netsec/2004fall/handout/Chap20.pdf [5] IC智慧卡與電子商務,http://www.cardweb.com.tw/304ICS/ICCardInfo/ic_EC.htm [6] User Authentication, http://www.csie.ncue.edu.tw/hsiaojy/2/CHD_03.ppt [7] L. H. Li, I. C. Lin, and M. S. Hwang, “A remote password authentication scheme for multi-server architecture using neural networks,” IEEE Transactions on Neural Networks, Vol. 12, No. 6, pp. 1498-1504, November 2001. [8] M. L. Das, A. Saxena, and V. P. Gulati, “A dynamic ID-based remote user authentication scheme,” IEEE Transaction on Consumer Electronics, Vol.50, No. 2, pp. 629-631, May 2004. [9] H. Y. Chien and C. H. Chen, “A remote authentication scheme preserving user anonymity,” Proc. Advanced Information Networking and Application, Vol. 2, pp. 245-248, March 2005. [10] Y. P. Liao and S. S. Wang, “A secure dynamic ID based remote user authentication scheme for multi-server environment,” Computer Standards & Interfaces, Vol. 31, No. 1, pp. 24-29, January 2009. [11] H. C. Hsiang and W. K. Shih, “Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment,” Computer Standards & Interfaces, Vol. 31, No. 6, pp. 1118-1123, November 2009. [12] C. C. Lee, T. H. Lin, and R. X. Chang, “A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards,” Expert Systems with Applications, Vol. 38, No. 11, pp. 13863-13870, October 2011. [13] S. K. Sood, A. K. Sarje, and K. Singh, “A secure dynamic identity based authentication protocol for multi-server architecture,” Journal of Network and Computer Applications, Vol. 34, No. 2, pp. 609-618, March 2011. [14] M. P. Rafael and R. N. Francisco, “Cryptanalysis of Sood et al.''s authentication scheme using smart cards,” IACR Cryptology ePrint Archive, pp. 386, July 2012. [15]D. Wang, C. G. Ma, and P. Wu, “Secure password-based remote user authentication scheme with non-tamper resistant smart cards,” DBSec''12 Proceedings of the 26th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, Vol. 7371, pp. 114–121, 2012. [16] M. K. Khan, S. K. Kim, and K. Alghathbar, “Cryptanalysis and security enhancement of a ‘more efficient & secure dynamic ID-based remote user authentication scheme’ ,” Computer Communications, Vol. 34, No. 3, pp. 305–309, March 2011. [17] Y. C. Lee, “A new dynamic ID-based user authentication scheme to resist smart-card-theft attack,” Applied Mathematics & Information Sciences, Vol. 6 No. 2S, pp. 355S-361S, April 2012. [18] X. Li, J. Ma, W. Wang, Y. Xiong, and J. Zhang, “A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments,” Mathematical and Computer Modelling, Available online 27, July 2012. [19] R. R. Ahirwal and S. S. Sonwanshi, “An efficient and secure ID-based remote user authentication scheme using smart card,” International Journal of Applied Information Systems (IJAIS) , Vol. 1, No. 6, pp. 35-41, February 2012. [20] R. Song, “Advanced smart card based password authentication protocol,” Computer Standards & Interfaces, Vol. 32, No. 4, pp. 321-325, June 2010. [21] W. B. Horng, C. P. Lee, and J. W. Peng, “Security weaknesses of Song''s advanced smart card based password authentication protocol,” Proceedings of the 2010 IEEE International Conference on Progress in Informatics and Computing (PIC), Vol. 1, pp. 477-480, December 2010. [22] L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, Vol. 24, No. 11, pp. 770-772, November 1981. [23] M. S. Hwang and L. H. Li, “A new remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 1, pp. 28-30, February 2000. [24] G. B. Purdy, “A high security log-in procedure,” Communications of the ACM, Vol. 17, No. 8, pp. 442-445, August 1974.
摘要: 隨著網際網路技術快速地成長,計算機系統提供資源服務的範圍不再僅限於小區域環境,而是遍及至世界各個地方的使用者存取使用,單一伺服器所提供的服務亦無法服務愈來愈多的使用者數量及滿足各種不同的使用需求,進而擴大至多伺服器環境架構。因為系統環境已擴大至網際網路環境,在提供服務給各個合法使用者的同時,也面臨有許多有心人士或惡意想破壞系統的攻擊者環伺,此時,身分認證系統就是用來防止非法使用者登入系統最重要的第一道防線。該如何設計出具個人隱私資料保護、僅限合法存取的高安全性、高系統運算效能、低通訊成本,並符合人性化需求等前題的遠端身分認證系統,一直是網際網路環境中所被關注的重要議題之一,直至現今仍有許多學者在此議題進行許多廣泛的研究。 本論文提出一個安全且有效率,建構在誠實且不攻擊他人的使用者、第三方公正的認證中心及多伺服器環境下,結合現今已廣泛被運用的智慧卡來輔助使用者的通行碼認證,採行單向雜湊函數及互斥或(XOR)運算的身分認證方法,並提供通訊間具雙向認證及會議金鑰協定,並具隱私保護之遠端使用者認證機制。
With the rapid development of internet techniques, computer systems offer service resources which are not limited to users in a specific area but everywhere in the world. Providing services to authorizd users requires identity authentication schemes. This thesis proposes a secure and efficient identity authentication scheme based on smart cards for the environment of multiple servers. By using one-way hash functions and exclusive-or operations for identity authentication, the proposed scheme provides mutual authentication and conference-key agreement with privacy protection.
URI: http://hdl.handle.net/11455/20047
其他識別: U0005-2801201318472600
文章連結: http://www.airitilibrary.com/Publication/alDetailedMesh1?DocID=U0005-2801201318472600
Appears in Collections:資訊科學與工程學系所

文件中的檔案:

取得全文請前往華藝線上圖書館



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.