在此篇論文中，我們將探討認證機制在無線感測網路與遠距醫療系統中如何保持其安全性，並依照各個環境的不同，使用不同的認證機制。
　　在本論文中，我們首先發現2016年Khemissa和Tandjaoui的無線感測網路認證議題中，其安全表格過於毫無防備，此缺失可能造成數種認證機制上的不安全。另外，2016年Roy等人遠距醫療系統認證機制中，我們推敲出其機制過於仰賴特定參數，此漏洞可能造成數種認證機制上的不安全。因此，在各自不同的環境領域中，我們使用雜湊函數與模糊提取器強化並改變其演算法，強化認證機制，並藉由BAN logic證明我們改進的認證機制為可行，並能提供更高的安全效果

In this thesis, we will explore how the authentication mechanism are safety maintained in the wireless sensor network and telemedicine system. In addition, according to different circumstances, different authentication mechanism are used.

　　In this study, we first discovered that the authentication mechanism in the wireless sensor networks proposed by Khemissa and Tandjaoui in 2016 lacks the protection of its security table. Then we found that the authentication scheme in telemedicine systems presented by Roy et al. in 2016 depends on some specific parameters too much. Due to these drawbacks, these authentication mechanism are vulnerable to different attacks. Therefore, in different environments, we use the hash function and fuzzy extractor to strengthen and change their algorithms such that the authentication protocols are enhanced. In addition, with the BAN logic, we prove that our proposed authentication mechanism are feasible and can provide a higher security effect.

目錄

第一章	緒論	        1
第一節	研究背景與動機	1
第二節	研究目的	        1
第三節	論文架構	        2
第二章	背景知識	        3
第一節	何謂認證	        3
第二節	相關使用算法	3
一、	雜湊函數	        3
二、	對稱加密與非對稱加密	5
三、	模糊提取器	6
四、	切比雪夫映射	7
第三節	BAN logic介紹	9
第四節	在認證安全中應注意的攻擊模式	12
第三章	相關文獻探討	                14
第一節	於無線感測網路的認證相關研究	14
第二節	無線感測網路相關研究之缺點	19
第三節	於遠端醫療信息系統的認證相關研究	22
第四節	遠端醫療信息系統相關研究之缺點	31
第四章	研究方法 	33
第一節	無線感測網路	33
一、	如何改善	        33
二、	提出新演算法	33
第二節	遠端醫療信息系統	40
一、	如何改善	        40
二、	提出新演算法	41
第五章	研究成果與分析	51
第一節	無線感測網路	51
一、	抵禦攻擊與安全性	51
二、	BAN logic推導	53
第二節	遠端醫療信息系統	59
一、	抵禦攻擊與安全性	59
二、	BAN logic推導	64
第六章 結論	        68
第一節	特色與優點	68
一、	無線感測網路	68
二、	遠端醫療信息系統	68
第二節	未來展望	        69
參考資料         	70


 
圖目錄     
圖1. 以MD5實例雜湊函數	        4
圖2. 雜湊訊息驗證碼(HMAC)工作原理	4
圖3. 非對稱加解密簡易過程說明	5
圖4. 模糊提取器	                6
圖5. 使用模糊提取器進行一個簡易的對稱式加解密過程	 7
圖6. 無線感測網路架構	                        14
圖7. Khemissa和Tandjaoui之註冊階段	        16
圖8. Khemissa和Tandjaoui之認證與金鑰交換階段      19
圖9. 重送攻擊示意圖	                        20
圖10. 遠端醫療信息系統網路模型	22
圖11. Roy等人之議題註冊階段	25
圖12. Roy等人之議題登入階段	26
圖13. Roy等人之議題認證階段	28
圖14. Roy等人之議題金鑰交換階段階段	30
圖15. 我們的提議註冊階段(無線感測網路)	35
圖16. 我們的提議認證階段(無線感測網路)	39
圖17. 我們的提議密鑰交換階段(無線感測網路)	40
圖18. 我們的提議註冊階段(遠端醫療系統)	43
圖19. 我們的提議登入階段(遠端醫療系統)	45
圖20. 我們的提議認證階段(遠端醫療系統)	47
圖21. 我們的提議密鑰交換階段(遠端醫療系統)	49
圖22. 我們的提議更新資訊階段(遠端醫療系統)	50

 
表目錄
表1. BAN logic符號表	                10
表2. Khemissa和Tandjaoui使用之符號	15
表3. 安全相關信息表	                17
表4. Roy等人使用之符號	                23
表5. 我們的提議方案符號(無線感測網路)	34
表6. 我們提議的遠程使用者的安全表	        36
表7. 我們提議的閘道器節點的安全表	        37
表8. 我們的提議方案符號(遠端醫療系統)	42
表9. 智慧卡與伺服器儲存資訊(遠端醫療系統)	44

[1] Y. Dodis, R. Ostrovsky, L. Reyzin, and A. Smith, “Fuzzy extractors: How to generate strong keys from biometrics and other noisy data,” Journal on Computing, vol. 38, no. 1, pp.97-139(1), 2008.

[2]  P. Bergamo, P. D’Arco, A. De Santis, and L. Kocarev, “Security of public-key cryptosystems based on Chebyshev polynomials,” IEEE Transactions on Circuits and Systems I: Regular Papers, vol. 52, no. 7, 2005.

[3]  L. Kocarev, and Z. Tasev, “Public-key encryption based on Chebyshev maps,” Proceedings of the 2003 International Symposium on Circuits and Systems, ISCAS '03, 2003.

[4]  D. Xiao, X. Liao, G. Tang, and C. Li, “Using Chebyshev chaotic map to construct infinite length hash chains,” 2004 International Conference on Communications, Circuits and Systems, ICCCAS 2004, 2004

[5]  M. Burrows, M. Abadi, and R. Needham, “A logic of authentication,” Journal ACM Transactions on Computer Systems (TOCS), vol. 8 no. 1, pp. 18-36, 1990.

[6]  L. Atzori, A. Iera, and G. Morabito, “The internet of things: A survey,” Computer networks, vol. 54, no. 15, pp. 2787–2805, 2010.

[7]  M. Turkanovic, B. Brumen, and M. Holbl, “A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion,” Ad Hoc Network, vol. 20,pp. 96–112, Sep. 2014

[8]  K. H. M.Wong, Y. Zheng, J. Cao, and S.Wang, “A dynamic user authentication scheme for wireless sensor networks,” Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, vol. 1, pp. 244–251, 2006.

[9]  H. R. Tseng, R. H. Jan, and W. Yang, “An improved dynamic user authentication scheme for wireless sensor networks,” Proceedings of the Global Communications Conference, 2007, pp. 986–990, 2007.

[10] M. L. Das, “Two-factor user authentication in wireless sensor networks,” IEEE Transactions on Wireless Communications, vol. 8, no. 3, pp. 1086–1090, 2009.

[11] K. Xue, C. Ma, P. Hong, and R. Ding, “A temporal-credential-based mutual authentication and key agreement scheme for wireless sensornetworks,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 316–323, 2013.

[12] M. K. Khan, and K. Alghathbar, “Cryptanalysis and security improvements of two-factor user authentication in wireless sensor networks,” Sensors, vol. 10, no. 3, pp. 2450–2459, 2010.

[13] H. Khemissa, D. Tandjaoui, “A Novel lightweight authentication scheme for heterogeneous wireless sensor networks in the context of internet of things” Wireless Telecommunications Symposium (WTS), 2016.

[14] H. Krawczyk, R. Canetti, and M. Bellare, “Hmac: Keyed-hashing for message authentication,” RFC Editor, United States, 1997.

[15] S. Roy, S. Chatterjee, S. Chattopadhyay, and A. K. Gupta, “A biometrics-based robust and secure user authentication protocol for e-healthcare service,” 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2016.

[16] Z.Y. Wu, Y. Chung, F. Lai, and T.S. Chen, “A password-based user authentication scheme for the integrated EPR information system,” Journal of Medical Systems, vol. 36, no. 2, pp. 631–638, 2012.

[17] Z.Y. Wu, Y.J. Tseng, Y. Chung, Y.C. Chen, and Feipei Lai, “A reliable user authentication and key agreement scheme for web-based hospital-acquired infection surveillance information system,” Journal of Medical Systems,vol.36, no. 4, pp.2547-2555, 2011.

[18] T.F. Lee, I.P. Chang, T.H. Lin, and C.C. Wang, “A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system,” Journal of Medical Systems, vol. 33, no. 3, pp. 9941, 2013.

[19] Z.Y. Wu, Y.C. Lee, F. Lai, H.C. Lee, and Y. Chung, “A secure authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 36, no. 3, pp. 1529–1535, 2012.

[20] J. Wei, X. Hu, and W. Liu, “An improved authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 36, no. 6, pp. 3597–3604, 2012.

[21] Z. Zhu, “An efficient authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 36, no. 6, pp. 3833–3838, 2012.

[22] H. Debiao, C. Jianhua, Z. Rui, “A more secure authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 36, no. 3, pp. 1989–1995, 2012.

[23] H.M. Chen, J.W. Lo, and C.K. Yeh, “An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems,” Journal of Medical Systems, vol. 36, no. 6, pp. 3907–3915, 2012.

[24] T. Cao, and J. Zhai, “Improved dynamic ID-based authentication scheme for telecare medical information systems,” Journal of Medical Systems, vol.37, no. 2, pp. 9912, 2013.

[25] T.F. Lee, C.M. Liu, “A Secure Smart-Card Based Authentication and Key Agreement Scheme for Telecare Medicine Information Systems,” Journal of Medical Systems, vol. 37, no. 3, pp.9933, 2013.

[26] A.K. Das, and B. Bruhadeshwar, “An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system,” Journal of Medical Systems, vol. 37, no. 5, pp. 9969, 2013.

[27] C. Guo, and C.C. Chang, “Chaotic maps-based password-authenticated key agreement using smart cards,” Communications in Nonlinear Science and Numerical Simulation, vol. 18, no. 6, pp. 1433–1440, 2013.

[28] X. Hao, J. Wang, Q. Yang, X. Yan, and P. Li, “A chaotic map-based authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 37, no. 2, pp.9919, 2013.

[29] Q. Jiang, J. Ma, X. Lu, and Y. Tian, “Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems,” Journal of Medical Systems, vol. 38, no. 2, pp. 12,  2014.

[30] W.C. Yau, and R.C. Phan, “Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 37, no. 6, pp.9993, 2013.

[31] T.F. Lee, “An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems,” Journal of Medical Systems, vol. 37, no. 6, pp.9985, 2013.

[32] C.T. Li, C.C. Lee, and C.Y. Weng, “A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems,” Journal of Medical Systems, vol. 38, no. 9, pp.77, 2014.