English  |  正體中文  |  简体中文  |  Items with full text/Total items : 66984/66984 (100%)
Visitors : 22918026      Online Users : 295
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/65660


    Title: 基於錯誤傳遞之認證加密演算法設計;The Design of Authenticated Encryption Scheme Base on Error-Propagation
    Authors: 江卓軒;Chiang,Cho-hsuan
    Contributors: 資訊工程學系
    Keywords: 認證加密演算法;密碼學;區塊加密;完整性檢查;Authenticated Encryption;Cryptography;Block cipher algorithm;Integrity checking
    Date: 2014-07-25
    Issue Date: 2014-10-15 17:07:34 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 認證加密演算法(Authenticated Encryption, AE)為一種網路通訊安全機制,此
    機制可同時提供訊息機密性、資料完整性以及來源認證性。傳統之認證加密演算
    法由對稱式加密系統以及訊息認證碼(Message authentication Code, MAC)結合產
    生,此種兩回合式認證加密演算法(2-pass AE)產生之運算負擔約兩倍於單純使用
    加密演算法之系統。
    近期之認證加密演算法於效能上有兩種改良方向,首先是使用檢查碼
    (Checksum)作為額外輸入確保完整性之單回合式認證加密演算法(single-pass AE),
    此類型演算法之運算量低但必須等待解密運算執行後才可進行完整性檢驗。另一
    種為加速兩回合式認證加密演算法完整性檢驗步驟之演算法,目前此類型之演算
    法雖然保有預先檢驗完整性之特性,但於效能上之改良有限,並無法與前者比擬。
    本論文基於錯誤擴散之概念提出兩種不同類型的認證加密演算法。首先是以
    Cipher-Block-Chaining mode of operation (CBC)作為基礎設計的單回合式認證加
    密演算法Double-Block-Chaining AE (DBC),DBC 具有實作上之優勢以及在區塊
    加密演算法中獨有之特性:反向解密和只需實作加密演算法。在加強的版本中,
    我們還為其提供了預先檢驗部分完整性以及認證關聯資料的能力。本論文另外提
    出了一個完整性檢驗機制,S-box chaining (SC)。除了具備實作容易的特性,與
    CBC 結合後再輔以隱藏部分資訊之手段便成為一計算成本低之兩回合式認證加
    密演算法,SC-CBC。;Con dentiality, integrity and authenticity are basic requirements for ensuring secure com-
    munication over internet. Those requirements are separately provided by mode of operations,
    such as Cipher-Block-Chaining mode of operation (CBC) and Counter mode of operation
    (CTR), and message authentication code (MAC) at rst. Since the combination of mode of
    operation and MAC, including Encrypt-then-MAC (EtM), MAC-then-Encrypt (MtE) and
    Encrypt-and-MAC (E&M), almost doubled the computational cost, cryptographers work on
    designing a more e cient scheme called \Authenticated Encryption (AE)" recently.
    Over past thirty years, many di erent kinds of authenticated encryption scheme were pro-
    posed. Most of them use \Check Vector (CV)" or MAC together with mode of operations to
    additionally provide integrity and authenticity. Cryptographers classi ed the authenticated
    encryption schemes into two categories:
    First is improving the combination of mode of operation and MAC, such as \Counter-
    with-CBC-MAC mode (CCM)", \Encrypt-then-Authenticate-then-Translate mode (EAX)"
    and \Carter-Wegman-with-CTR mode (CWC)". Above schemes also called \Two-pass Au-
    thenticated Encryption Scheme (2-pass AE)" because it needs to go through message twice.
    Two-pass AE not only meet all the requirements for securing communication but also slightly
    decrease the computational cost when comparing to naive methods. Currently, researchers
    attempt to improve the authentication modes inside 2-pass AE algorithm to achieve better
    performance. \Galois/Counter Mode of operation (GCM)" proposed by McGrew claimed
    to provide a low latency and low computational cost AE scheme from implementation aspect.
    Second is merging the privacy and authenticity modes into one scheme, which also called
    \single-pass AE". Single-pass AE has speed advantage on providing integrity because they
    applied check vector and checksum as underlying authentication mechanism, which only
    require communications and simple operations. Nevertheless, some of redundancies are pre-
    computable. However, there is a disadvantage that receiver must do decryption algorithm
    rst, or he will not capable to check for the integrity. Such algorithm will waste computa-
    tional resources if any error occurred during transmission.
    In this thesis, we are going to propose two di erent kinds of authenticated encryption
    scheme using concept of error-propagation. First we construct a single-pass AE which use
    CBC mode as backbone, called \Double-Block-Chaining (DBC)". DBC has implementation
    advantages and several special properties such as \backward decryption" and\encryption
    algorithm only". In enhanced version, we design a novel approach to partially pre-check
    the integrity for DBC. Nevertheless, the associated-data (AD) is also authenticated in our
    Enhanced-DBC AE scheme. Second, we proposed an integrity checking mechanism, named
    \S-Box chaining integrity checking mechanism(SC)". Despite its speed advantage, \S-Box
    chaining" is easy to implement and after we combined it with CBC mode which turns out
    an simple and e cient two-pass AE, called \S-Box Chaining CBC".
    Appears in Collections:[資訊工程研究所] 博碩士論文

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML193View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback  - 隱私權政策聲明