基於Schnorr身分認證之單次通行碼機制

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：23

、訪客IP：18.223.125.236

姓名

簡旭璋(Hsu-chang Chien) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

基於Schnorr身分認證之單次通行碼機制
(One-time Password Schemes Based on the Schnorr Identification)

相關論文

★ 多種數位代理簽章之設計	★ 小額電子支付系統之研究
★ 實體密碼攻擊法之研究	★ 商業性金鑰恢復與金鑰託管機制之研究
★ AES資料加密標準之實體密碼分析研究	★ 電子競標系統之研究
★ 針對堆疊滿溢攻擊之動態程式區段保護機制	★ 通用型數域篩選因數分解法之參數探討
★ 於8051單晶片上實作可防禦DPA攻擊之AES加密器	★ 以非確定式軟體與遮罩分割對策防禦能量攻擊之研究
★ 遮罩保護機制防禦差分能量攻擊之研究	★ AES資料加密標準之能量密碼分析研究
★ 小額電子付費系統之設計與密碼分析	★ 公平電子現金系統之研究
★ RSA公開金鑰系統之實體密碼分析研究	★ 保護行動代理人所收集資料之研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

遠端使用者身分認證是資訊安全中最重要的議題之一，伺服器端能透過身分認證過濾非法的使用者，使合法的使用者能夠存取遠端服務。以通行碼為基礎之身分認證機制是目前最常被使用在網際網路上的方法。在單次通行碼機制中，使用者每次登錄時所使用的通行碼是動態改變的。本論文之目的在於提出一個單次通行碼機制，其對使用者來說具有計算量及儲存空間高效率性，登錄驗證回合數最簡化，並且無須進行時戳同步之特性。我們重新造訪了基於挑戰-回應技巧之Schnorr身分認證機制，我們發現了重複使用挑戰值的技巧以應用在單次通行碼機制中。在本論文中，我們提出兩個基於Schnorr身分認證之單次通行碼機制。第一個機制提供了單向認證，並且能抵抗重送攻擊、暴力攻擊、偽冒攻擊、驗證碼竊取攻擊、驗證表竄改攻擊以及伺服器入侵攻擊。此外，此機制也適合應用在智慧卡登錄系統中。第二個機制提供了雙向認證與會議金鑰產生協議，並且能抵抗重送攻擊、暴力攻擊、偽冒攻擊、中間人攻擊、反射攻擊以及平行會期攻擊。

摘要(英)

Authentication ensures that servers′ services can only be obtained by legitimate users.
The password-based authentication scheme is regarded as one of the most generally used methods of authentication on the internet. In one-time password authentication schemes, users′ passwords are dynamically changed in each user login. The purpose of this thesis is to propose a secure and practical one-time password scheme that is computation efficient, storage efficient, interaction minimization, and time-stamp synchronization free for the prover. We revisit the challenge-response based Schnorr identification protocol. Our idea comes from reusing a challenge with different commitments in the Schnorr identification protocol, and we also give a brief security analysis to explain why this kind of challenge-reused version is secure. In this thesis, two one-time password schemes based on this modified Schnorr identification protocol are proposed. The preliminary scheme provides unilateral authentication and can resist the replay attack, brute force attack, impersonation attack, stolen verifier attack, verification-table tampering attack, and server compromise attack. In addition, this scheme is practical for smart card applications. The enhanced scheme provides mutual authentication and session key agreement, and it can resist the replay attack, impersonation attack, brute force attack, man-in-the-middle attack, reflection attack, and parallel session attack.

關鍵字(中)

★ 身分認證
★ 單次通行碼
★ Schnorr身分認證

關鍵字(英)

★ Authentication
★ One-time Password
★ Schnorr′s Identification Protocol

論文目次

1 Introduction 1
1.1 Background and Motivation of the Research . . . . . . . . . . . . . . . . 3
1.2 Our Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.3 Overview of the Thesis . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2 Preliminary Background 8
2.1 Review of Lamport′s Scheme . . . . . . . . . . . . . . . . . . . . . . . . 8
2.1.1 Review of Cryptographic Hash Function . . . . . . . . . . . . . . . . . 8
2.1.2 Lamport′s Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.2 Review of Harn′s Scheme . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.2.1 Review of Quadratic Residue . . . . . . . . . . . . . . . . . . . . . . 11
2.2.2 Harn′s Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.3 Sequentially Updated One-time Password Authentication Schemes . . . . . . 13
2.4 Requirements and Attacks on Password Authentication Schemes . . . . . . . 14
2.4.1 Requirements of Password Authentication Schemes . . . . . . . . . . . . 14
2.4.2 Various Kinds of Attacks . . . . . . . . . . . . . . . . . . . . . . . 14
3 The Proposed One-time Password Schemes 17
3.1 Preliminary Background . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.1.1 Diffie-Hellman Key Exchange Protocol . . . . . . . . . . . . . . . . . 18
3.1.2 Schnorr Identication Protocol . . . . . . . . . . . . . . . . . . . . 18
3.2 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.2.1 The Preliminary Scheme . . . . . . . . . . . . . . . . . . . . . . . . 23
3.2.2 Remarks and Discussions . . . . . . . . . . . . . . . . . . . . . . . . 25
3.2.3 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
3.2.4 Performance Analysis . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.3 An Enhanced Version of the Proposed Scheme . . . . . . . . . . . . . . . 29
3.3.1 An Enhanced Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . 29
3.3.2 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
4 Conclusions 35
4.1 Brief Review of Contributions . . . . . . . . . . . . . . . . . . . . . . 35
4.2 Future Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Bibliography 38

參考文獻

[1] K. Bicakci and N. Baykal, “Infinite Length Hash Chains and Their Applications,” Proc. of the 11th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 57-61, 2002.

[2] Y.F. Chang, C.C. Chang, and Y.W. Su, “A Secure Improvement on the Userfriendly Remote Authentication Scheme with no Time Concurrency Mechanism,” Proc. of the 20th International Conference on Advanced Information Networking and Applications, Vol. 2, 2001.

[3] D. Chaum, J. H. Evertse, and J. van de Graaf, “An Improved Protocol for
Demonstrating Possession of Discrete Logarithms and Some Generalizations,” Advances in Cryptology - EUROCRYPT ′87, LNCS Vol. 304, pp. 127-141,
1988.

[4] H.Y. Chien, J.K. Jan, and Y.M. Tseng, “An Efficient and Practical Solution to Remote Authentication: Smart Card,” Computers and Security, Vol. 21, No. 4, pp. 372-375, 2002.

[5] C.M. Chen and W.C. Ku, “Stolen-verifier Attack on Two New Strong-password Authentication Protocols,” IEICE Transactions on Communications, Vol. E85-B, pp. 2519-2521, 2002.

[6] C.C. Chang and T.C. Wu, “Remote Password Authentication Scheme with Smart Cards,” IEE Proceedings E-Computers and Digital Techniques, Vol. 138, No. 3, pp. 165-168, 1991.

[7] J. L. Camenisch, “Group Signature Schemes and Payment Systems Based on the Discrete Logarithm Problem,” PhD thesis, ETH Zurich, 1998.

[8] A. G. Chefranov, “One-Time Password Authentication with Infinite Hash Chains,” Novel Algorithms and Techniques in Telecommunications, Automation and Industrial Electronics, pp. 283-286, 2008.

[9] W. Diffie and M. Hellman, “New Directions in Cryptography,” IEEE Transactions on Information Theory, Vol. 22, No. 6, pp. 644-654, 1976.

[10] M. L. Das, A. Saxena, and V. P. Gulati, “A Dynamic ID-based Remote User Authentication Scheme,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 2, pp. 629-631, 2004.

[11] M. H. Eldefrawy, M. K. Khan, and K. Alghathbar, “One-Time Password System with Infinite Nested Hash Chains,” Security Technology, Disaster Recovery and Business Continuity, Communications in Computer and Information Science, Vol. 122, pp. 161-170, 2010.

[12] T. ElGamal, “A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,” Advances in Cryptology - CRYPTO ′84, LNCS Vol. 196, pp. 10-18, 1985.

[13] V. Goyal, A. Abraham, S. Sanyal, and S. Y. Han, “The N/R One Time Password System,” Proc. of International Conference on Information Technology: Coding and Computing, Vol. 1, pp. 733-738, 2005.

[14] S. Goldwasser, S. Micali, and C. Rackoff, “The Knowledge Complexity of Interactive Proof Systems,” Proc. of the 27th Annual Symposium on Theory of computing, pp. 291-304, 1985.

[15] S. Goldwasser and S. Micali, “Probabilistic Encryption,” Journal of Computer and System Sciences, Vol. 28, No. 2, pp. 270-299, 1984.

[16] T. Hwang, Y. Chen, and C.S. Laih, “Non-interactive Password Authentications without Password Tables,” IEEE Region 10 Conference on Computer and Communication Systems, IEEE Computer Society, pp. 429-431, 1990.

[17] C.L. Hsu, “Security of Two Remote User Authentication Schemes Using Smart Cards,” IEEE Transactions on Consumer Electronics, Vol. 49, No. 4, pp. 1196-1198, 2003.

[18] M.S. Hwang and L.H. Li, “A New Remote User Authentication Scheme Using Smart Cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 1, pp. 28-30, 2000.

[19] L. Harn, “A Public-key Based Dynamic Password Scheme,” Proc. of the Symposium on Applied Computing, pp. 430-435, 1991.

[20] N. Koblitz, “Elliptic Curve Cryptosystems,” Mathematics of Computation, Vol. 48, No. 177, pp. 203-209, 1987.

[21] J. Katz and Y. Lindell, “Introduction to Modern Cryptography: Principles and Protocols,” CRC Press, 2007.

[22] C.L. Lin, H.M. Sun, and T. Hwang, “Attacks and Solutions on Strong Password Authentication,” IEICE Transactions on Communications, Vol. E84-B, No. 9, pp. 2622-2627, 2001.

[23] C.T. Li and M.S. Hwang, “An Efficient Biometrics-based Remote User Authentication Scheme Using Smart Cards”, Journal of Network and Computer Applications, Vol. 33, No. 1, pp. 1-5, 2010.

[24] I.E. Liao, C.C. Lee, and M.S. Hwang, “Security Enhancement for a Dynamic ID-based Remote User Authentication Scheme,” Proc. of International Conference
on Next Generation Web Services Practices, pp. 437-440, 2005.

[25] Y.P. Liou, J. Lin, and S.S. Wang, “An New Dynamic ID-based Remote User Authentication Scheme Using Smart Cards,” The 16th Information Security Conference, pp. 198-205, 2006.

[26] L. Lamport, “Password Authentication with Insecure Communication,” Communications of the ACM, Vol. 24, No. 11, pp. 770-772, 1981.

[27] A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, “Handbook of Applied Cryptography,” CRC Press, 1997.

[28] V. S. Miller, “Use of Elliptic Curves in Cryptography,” Advances in Cryptology - CRYPTO ′85, LNCS Vol. 218, pp. 417-426, 1986.

[29] W. Mao, “Modern Cryptography: Theory and Practice,” Prentice Hall PTR, 2004.

[30] National Bureau of Standards (NBS), “Data Encryption Standard,” FIPS Publication 46, US Department of Commerce, 1977.

[31] National Institute of Standards and Technology (NIST), “Secure Hash Standard,” FIPS Publication 180-1, US Department of Commerce, 1995.

[32] National Institute of Standards and Technology (NIST), “Advanced Encryption
Standard (AES)”, FIPS Publication 197, US Department of Commerce, 2001.

[33] R. L. Rivest and A. Shamir, “PayWord and MicroMint: Two Simple Micropayment Schemes,” Proc. of Security Protocols Workshop, LNCS Vol. 1189, pp.
69-87, 1997.

[34] R. L. Rivest, “The MD5 Message Digest Algorithm,” RFC 1321, 1992.

[35] A. Shimizu, T. Horioka, and H. Inagaki, “A Password Authentication Method
for Contents Communication on the Internet,” IEICE Transactions on Communications, Vol. E81-B, No.8, pp. 1666-1763, 1998.

[36] M. Sandirigama, A. Shimizu, and M. T. Noda, “Simple and Secure Password Authentication Protocol (SAS),” IEICE Transactions on Communications, Vol. E83-B, No. 6, pp. 1363-1365, 2000.

[37] A. Shimizu, “A Dynamic Password Authentication Method by One-way Function,” IEICE Transactions on Communications, Vol. J73-D-I, No.7, pp. 630-636, 1990.

[38] C. P. Schnorr, “Efficient Signature Generation for Smart Cards,” Journal of Cryptology, Vol. 4, No. 3, pp. 239-252, 1991.

[39] T. Tsuji and A. Shimizu, “An Impersonation Attack on One-time Password Authentication Protocol OSPA,” IEICE Transactions on Communications, Vol. E86-B, No. 7, pp. 2182-2185, 2003.

[40] T. Tsuji and A. Shimizu, “One-time Password Authentication Protocol against Theft Attacks,” IEICE Transactions on Communications, Vol. E87-B, No. 3, pp. 523-529, 2004.

[41] Y. Zheng, J. Pieprzyk, and J. Seberry, “HAVAL - A One-way Hashing Algorithm with Variable Length of Output,” Advances in Cryptology - AUSCRYPT ′92, LNCS Vol. 718, pp. 81-104, 1993.

指導教授

顏嵩銘(Sung-ming Yen)

審核日期

2015-7-28

推文