淡江大學覺生紀念圖書館 (TKU Library)
進階搜尋


下載電子全文限經由淡江IP使用) 
系統識別號 U0002-2806200614462000
中文論文名稱 運用智慧卡之遠端身分鑑別機制技術之研究
英文論文名稱 The Study of Remote Authentication Scheme with Smart Cards
校院名稱 淡江大學
系所名稱(中) 資訊工程學系碩士在職專班
系所名稱(英) Department of Computer Science and Information Engineering
學年度 94
學期 2
出版年 95
研究生中文姓名 陳文宜
研究生英文姓名 Wen-Yi Chen
學號 793190140
學位類別 碩士
語文別 英文
口試日期 2006-06-14
論文頁數 41頁
口試委員 指導教授-黃心嘉
委員-王旭正
委員-黃仁俊
中文關鍵字 遠端身分認證  雙向認證  智慧卡 
英文關鍵字 remote authentication  mutual authentication  smart cards 
學科別分類 學科別應用科學資訊工程
中文摘要 要建立安全的分散式系統,遠端身分鑑別機制扮演著相當重要的角色。Lee和Chiu兩位學者提出他們改良的運用智慧卡之遠端身分鑑別機制,以求解決Wu和Chieu兩位學者所提出植基於離散對數運算數學難題之遠端身分鑑別機制所存在的安全弱點。很不幸的,我們發現該遠端身分鑑別機制仍會遭受偽造攻擊(forgery attack)及阻斷服務攻擊(denial of service attack),為了克服這兩項安全上缺陷,我們亦以Lee和Chiu的遠端身分鑑別機制為基礎提出一個新的遠端身分鑑別機制。由於離散對數運算較耗費運算資源,因此有學者提出以雜湊函數為核心之遠端身分鑑別機制,提升身分鑑別機制運算效率,其中Sun於2000年提出一植基於雜湊函數運算之遠端身分鑑別機制,但是Sun所提出的身分鑑別機制僅針對使用者進行身分鑑別,並沒有達到使用者端與伺服器端雙向鑑別功能,而且使用者也無法自行選擇通行碼(passwords),有鑑於此,Chien等學者於2002年亦提出一植基於雜湊函數運算之改良機制,以彌補Sun之身分鑑別機制所存在的問題,但是Chien等學者之身分鑑別機制仍會遭受到Hsu學者提出之parallel session attack此種攻擊法的攻擊,因此我們也提出一個更完善且具效率性之遠端身分鑑別機制。此外本論文所提出之二種遠端身分鑑別機制均允許使用者不需透過伺服器即可自行更改通行碼。而且,本論文亦提出邏輯分析來證明這二種遠端身分鑑別機制均確實達到使用者端與伺服器端雙向鑑別的目的。
英文摘要 Remote authentication schemes play an important role to create a secure distributed computer environment. In 2005, Lee and Chiu proposed their remote authentication scheme based on discrete logarithm computation to overcome some security problems in previous remote authentication schemes. Unfortunately, some attacks are proposed to show that Lee and Chiu’s scheme is vulnerable under the forgery attack and the denial of service att ack. To conquer these security problems, our improved scheme is also proposed. So our scheme is more secure than Lee and Chiu’s scheme. On the other hand, Sun proposed an efficient remote authentication scheme only adopting one-way hash functions in 2000. However, Sun’s scheme only achieve one-sided user authentication. In addition, users cannot freely choose their own passwords. To conquer these problems, in 2002, Chien et al. proposed their improved remote authentication scheme with mutual authentication. Unfortunately, Hsu pointed out that Chien et al.’s scheme suffers from the parallel session attack. To conquer the parallel session attack and other proposed attacks, a practical remote authentication scheme with mutual authentication is proposed. In addition, both our two schemes allow users freely changing their passwords without the server’s help. Besides, the logical analysis is proposed to make sure our new schemes to actually achieve the purpose of mutual authentication.
論文目次 Chapter 1 Introduction ………………………………………….…………………. P. 1
Chapter 2 Review of Some Remote Authentication Schemes with Smart Card... P. 4
2.1 Review of Lee-Chiu’s Remote Authentication Scheme with Smart Card…. P. 4
2.2 Review of Chien et al.’s Remote Authentication Scheme with Smart Card. P. 6
Chapter 3 Our New Scheme Based on Discrete Logarithm Problem…………... P. 8
3.1 Attacks on Lee-Chiu’s Scheme………………………………………………. P. 8
3.2 Our New Scheme ……………………………………………..……………… P. 9
3.3 Logical Analysis of Our New Scheme ………………………..……………… P. 11
3.4 Security Analysis and Discussions…………..………………..……………… P. 19
Chapter 4  Our New Scheme based on one-way hash function ...……………… P. 23
4.1 Hsu’s Attacks on Chien et al.’s scheme………………………………………. P. 23
4.2 Our New Scheme ……………………………………………..……………… P. 23
4.3 Logical Analysis of Our New Scheme ………………………..……………… P. 26
4.4 Security Analysis and Functionality Comparisons………….…..………… P. 30
Chapter 5 Conclusion …......……………………......…………………......…...... P. 33
References.…………………………………………………………..…..……….. P. 34
Improvement of Lee-Chiu’s Remote Authentication Scheme with Smart Cards…… P. 36
Table 1 Notations ...…………..................................................…………….. P. 12
Table 2 Logical Notations ...………….. ..…….. ...………….. ...………….. P. 12
Table 3 Synthetic Rules ...……………... ..…….. ...………….. ...………….. P. 13
Table 4 Assumptions ...……………….. ..…….. ...………….. ...………….. P. 15
Table 5 Computation Cost Comparison among Three Schemes .....…….. P. 22
Table 6 Assumptions ...………….. ..…….. ……...………….. ...………….. P. 27
Table 7 Functionality Comparisons among Related Schemes .. ...……….. P. 32
參考文獻 [1] L. Buttyan, S. Staamann and U. Wilhelm, “A simple logic for authentication protocol design,” Proceedings of IEEE Computer Security Foundations Workshop XI, 1998, pp. 153-162.
[2] M. Buurrows, M. Abadi, and R. Needham, “A logic of authentication,” ACM Transactions on Computer Systems, 8 (1), pp. 18-36, 1990.
[3] C. C. Chang and W. Y. Liao, “A remote password authentication scheme based on ElGamal’s signature scheme,” Computer and Security, 13 (2), pp. 137-144, 1994.
[4] C. C. Chang and T. C. Wu, “Remote password authentication with smart cards,” IEE Proceedings. Part E, 138, pp. 165-168, 1991.
[5] H. Y. Chien, J. K. Jan, and Y. M. Tseng, “An efficient and practical solution to remote authentication: smart card,” Computers and Security, 21 (4), pp. 372-375, 2002.
[6] C. L. Hsu, “Security of Chien et al.’s remote user authentication scheme using smart cards,” Computer Standards and Interfaces, 26 (3), pp. 167-169, 2004.
[7] M. S. Hwang, “A remote password authentication scheme based on the digital signature method,” International Journal of Computer Mathematics, 70, pp. 657-666, 1999.
[8] M. S. Hwang and L. H. Li, “A new remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, 46 (1), pp. 28-30, 2000.
[9] L. Lamport, “Password authentication with insecure communication,” Communication of ACM, 24, pp. 770- 772, 1981.
[10] N. Y. Lee and Y. C. Chiu, “Improved remote authentication scheme with smart card,” Computer Standards and Interfaces, 27, pp. 177-180, 2005.
[11] S. W. Lee, H. S. Kin, and K.Y. Yoo, “Improvement of Chien et al.’s remote user authentication scheme using smart cards,” Computer Standards and Interfaces, 27, pp. 181-183, 2005.
[12] C. L. Lin, H. M. Sun and T. Hwang, “Attacks and solutions on strong-password authentication,” IECIE Transactions on Communications, E84-B (9), pp. 2622-2627, 2001.
[13] H. M. Sun, “An efficient remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, 46 (4), pp. 958-961, 2000.
[14] T. C. Wu, “Remote log in authentication scheme based on a geometric approach,” Computer Communications, 18(12), pp. 959-963, 1995.
[15] S. T. Wu and B. C. Chieu, “A user friendly remote authentication scheme with smart cards,” Computer and Security, 22 (6), pp. 547-550, 2003.
[16] W. H. Yang and S. P. Shieh, “Password authentication schemes with smart cards,” Computers and Security, 18 (8), pp. 727-733, 1999.
論文使用權限
  • 同意紙本無償授權給館內讀者為學術之目的重製使用,於2006-07-13公開。
  • 同意授權瀏覽/列印電子全文服務,於2006-07-13起公開。


  • 若您有任何疑問,請與我們聯絡!
    圖書館: 請來電 (02)2621-5656 轉 2281 或 來信