| DC 欄位 |
值 |
語言 |
| DC.contributor | 資訊工程學系 | zh_TW |
| DC.creator | 楊梓佑 | zh_TW |
| DC.creator | Tzu-Yu Yang | en_US |
| dc.date.accessioned | 2017-7-25T07:39:07Z | |
| dc.date.available | 2017-7-25T07:39:07Z | |
| dc.date.issued | 2017 | |
| dc.identifier.uri | http://ir.lib.ncu.edu.tw:88/thesis/view_etd.asp?URN=103522041 | |
| dc.contributor.department | 資訊工程學系 | zh_TW |
| DC.description | 國立中央大學 | zh_TW |
| DC.description | National Central University | en_US |
| dc.description.abstract | 驗證系統允許使用者在證明其會員資格後,獲取他所提出的服務需求,然而
使用者與驗證伺服器互動的過程中,可能洩漏過多資訊以至於危害到使用者的個
人隱私。因此匿名是一個保護使用者隱私的好方法,但這也產生了無法撤銷非法
使用者的隱憂。為了保護使用者隱私,現今有許多的匿名驗證系統被提出並且廣
泛的使用於網際網路。然而,有一類的匿名驗證系統是使用假名的方法來達成匿
名,可是這樣的方法將造成假名可以被連結。部分匿名驗證系統甚至無法抵禦重
送攻擊或是偽冒攻擊。
在本論文中,我們提出了一個匿名且不可連結的會員驗證系統。我們所提出
的系統,允許使用者與單一或多個不同的驗證伺服器進行多次會員身分驗證,並
且保證所有驗證訊息彼此之間都不會被連結,也不會連結到使用者。我們分析了
現有相關的匿名驗證系統之優缺點,並且與我們所提出的方法進行比較。分析結
果顯示,我們的系統不僅同時兼顧高效率與安全性,同時還可以抵禦重送攻擊以
及偽冒攻擊。 | zh_TW |
| dc.description.abstract | The authentication schemes allow users to apply server’s services by presenting a
valid membership. But the information provided by users during the interaction
with the service providers may damage the privacy of users. Anonymity is an effect
method to protect user privacy, but it may be misused such that the membership
of a malicious user cannot be revoked. In order to achieve anonymity without
revealing users’ privacy several anonymous authentication schemes were proposed
and are still widely incorporated in Internet servers till present. Certain anonymous
authentication schemes use a pseudonym to achieve anonymity, but the pseudonym
is linkable and the scheme is vulnerable to replay attack or impersonation attack.
Some previous related schemes will be reviewed and analyzed on their strength and
weakness. Comparison between our proposed scheme and these related ones will be
provided.
In this thesis, we proposed a new anonymous and unlinkable membership authentication
scheme. The proposed scheme allows a valid user to prove his or her
membership multiple times to a same or different application servers while all the
authentication messages cannot be linked. Furthermore, our proposed scheme is
computational efficiency and can preserve user’s privacy, and most importantly it
can withstand replay attack and impersonation attack. | en_US |
| DC.subject | 匿名 | zh_TW |
| DC.subject |
驗證 | zh_TW |
| DC.subject | Anonymous | en_US |
| DC.subject |
authentication | en_US |
| DC.title | 具有非法權利轉移偵測能力之匿名不可連結會員驗證系統 | zh_TW |
| dc.language.iso | zh-TW | zh-TW |
| DC.title | Efficient Anonymous and Unlinkable Membership Authentication with Illegal Privilege Transfer Detection | en_US |
| DC.type | 博碩士論文 | zh_TW |
| DC.type | thesis | en_US |
| DC.publisher | National Central University | en_US |