基於霧運算架構之可證明安全性的團體密鑰建立協議

Wen-Chin Chen; 陳玟瑾

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/53695

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	王勝德(Sheng-De Wang)
dc.contributor.author	Wen-Chin Chen	en
dc.contributor.author	陳玟瑾	zh_TW
dc.date.accessioned	2021-06-16T02:27:47Z	-
dc.date.available	2020-08-25
dc.date.copyright	2020-08-25
dc.date.issued	2020
dc.date.submitted	2020-08-04
dc.identifier.citation	1. Bonomi, F., et al. Fog computing and its role in the internet of things. in Proceedings of the first edition of the MCC workshop on Mobile cloud computing. 2012. 2. Ma, M., et al., An efficient and provably secure authenticated key agreement protocol for fog-based vehicular ad-hoc networks. IEEE Internet of Things Journal, 2019. 6(5): p. 8065-8075. 3. Jia, X., et al., Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Networks, 2019. 25(8): p. 4737-4750. 4. Gope, P., LAAP: Lightweight anonymous authentication protocol for D2D-Aided fog computing paradigm. computers security, 2019. 86: p. 223-237. 5. Shabisha, P., et al., Fog-orchestrated and server-controlled anonymous group authentication and key agreement. IEEE Access, 2019. 7: p. 150247-150261. 6. Xiong, H., Y. Wu, and Z. Lu, A survey of group key agreement protocols with constant rounds. ACM Computing Surveys (CSUR), 2019. 52(3): p. 1-32. 7. Bellare, M., D. Pointcheval, and P. Rogaway. Authenticated key exchange secure against dictionary attacks. in International conference on the theory and applications of cryptographic techniques. 2000. Springer. 8. Canetti, R. and H. Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. in International Conference on the Theory and Applications of Cryptographic Techniques. 2001. Springer. 9. Amin, R., et al., A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment. Future Generation Computer Systems, 2018. 78: p. 1005-1019. 10. Odelu, V., et al., Provably secure authenticated key agreement scheme for smart grid. IEEE Transactions on Smart Grid, 2016. 9(3): p. 1900-1910. 11. Li, W., et al., Cryptanalysis and security enhancement of three authentication schemes in wireless sensor networks. Wireless Communications and Mobile Computing, 2018. 2018. 12. Aman, M.N., K.C. Chua, and B. Sikdar, Mutual authentication in IoT systems using physical unclonable functions. IEEE Internet of Things Journal, 2017. 4(5): p. 1327-1340. 13. Guin, U., et al. A secure low-cost edge device authentication scheme for the internet of things. in 2018 31st International Conference on VLSI Design and 2018 17th International Conference on Embedded Systems (VLSID). 2018. IEEE. 14. Al Hamid, H.A., et al., A security model for preserving the privacy of medical big data in a healthcare cloud using a fog computing facility with pairing-based cryptography. IEEE Access, 2017. 5: p. 22313-22328. 15. Wang, D. and P. Wang, On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions. Computer Networks, 2014. 73: p. 41-57. 16. Patonico, S., A. Braeken, and K. Steenhaut, Identity-based and anonymous key agreement protocol for fog computing resistant in the Canetti–Krawczyk security model. Wireless Networks, 2019: p. 1-13. 17. Shen, J., et al., Lightweight authentication and matrix-based key agreement scheme for healthcare in fog computing. Peer-to-Peer Networking and Applications, 2019. 12(4): p. 924-933. 18. Zhu, H., Secure Chaotic Maps-based Group Key Agreement Scheme with Privacy Preserving. IJ Network Security, 2016. 18(6): p. 1001-1009. 19. Porambage, P., et al., Group key establishment for enabling secure multicast communication in wireless sensor networks deployed for IoT applications. IEEE Access, 2015. 3: p. 1503-1511. 20. Wu, T.-Y., Y.-M. Tseng, and T.-T. Tsai, A revocable ID-based authenticated group key exchange protocol with resistant to malicious participants. Computer Networks, 2012. 56(12): p. 2994-3006. 21. Sun, H.-M., et al., A provable authenticated group key agreement protocol for mobile environment. Information Sciences, 2015. 321: p. 224-237. 22. Sani, A.S., et al. A lightweight security and privacy-enhancing key establishment for internet of things applications. in 2018 IEEE International Conference on Communications (ICC). 2018. IEEE. 23. Choi, K.Y., J.Y. Hwang, and D.H. Lee. Efficient ID-based group key agreement with bilinear maps. in International Workshop on Public Key Cryptography. 2004. Springer. 24. Katz, J. and Y. Lindell, Introduction to modern cryptography. 2014: CRC press. 25. Brown, D., Standards for efficient cryptography, SEC 1: elliptic curve cryptography. Released Standard Version, 2009. 1. 26. Campagna, M., SEC 4: Elliptic curve Qu-Vanstone implicit certificate scheme (ECQV). Technical report, Certicom Research, Jan, 2013. 27. Brown, D.R., R. Gallant, and S.A. Vanstone. Provably secure implicit certificate schemes. in International Conference on Financial Cryptography. 2001. Springer. 28. Shoup, V., Sequences of games: a tool for taming complexity in security proofs. IACR Cryptol. ePrint Arch., 2004. 2004: p. 332. 29. Weatherley, R., Arduino Cryptography Library. Source code, available online at http://github. com/rweather/arduinolibs, 2018. 30. Langley, A., M. Hamburg, and S. Turner, RFC 7748: Elliptic curves for security, 2016. 2016.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/53695	-
dc.description.abstract	在霧運算的架構中，霧節點被部署在離物聯網裝置較近的地方且可分擔物聯網節點的運算負擔，這樣的架構可以解決在雲端運算中的高延遲與網路連線受限的問題，現今有許多關於霧運算的應用，例如：車載隨意行動網路中的智慧型運輸系統，醫療照護系統與行動通訊網路，然而以上這些應用中裝置的數量通常多至可構成群體且這些裝置常常被部屬在僅有有限的安全防護之處，先前關於團體金鑰建立的方法有許多缺點，例如：傳輸的訊息量太大造成延遲以及無法確保所有節點的真實性，因此在這篇論文中，我們提出一個基於霧運算架構，使用橢圓曲線密碼學來完成相互認證的團體金鑰建立流程，在這個流程中，所有節點會互相認證對方的身分並安全地交換與分配金鑰，霧節點經過認證後可以分擔雲伺服器的運算負載且可以負責分配先前建立好的團體會談金鑰給所有裝置，且其中的團體會談金鑰是由所有設備的私鑰與暫存的隨機亂數所組成的，論文中正式的安全性證明則可以證明建立的團體會談金鑰對於Canetti–Krawczyk攻擊模型是可以安全防護的，最後我們由運算與傳輸會帶來的負載來分析此流程的性能，並將結果與他人的研究結果比較，結果顯示此流程與先前的研究結果相比是輕量且有效率的，因為此流程只包含了較輕量的運算，例如：橢圓曲線運算與對稱金鑰運算。	zh_TW
dc.description.abstract	In fog computing paradigms, fog nodes are much closer to terminal devices and are able to extend the services to the edge of the network, mitigating the effects of high latency and constrained networking in Internet of things (IoTs). In the applications of fog computing, such as the intelligent transportation system (ITS) in vehicular ad-hoc networks (VANETs), healthcare system and mobile networks, terminal devices are often organized as groups and are usually deployed in environments with limited security protections. Previous studies about the group key establishment of fog computing architectures are with high communication costs and cannot verify the authenticity of each entity. Hence, in this paper, we propose a mutual authenticated group key establishment scheme for the fog computing architecture by using elliptic curve cryptography. Mutual authentication and secure key exchange will be accomplished in this scheme. After mutual authentication, the cloud server can offload the computation overheads to the fog nodes which will be responsible to authenticate the group of devices and distribute the established group session key, which is composed of private keys of each entity and some random and temporarily stored values. We prove that the established group session key is protected from the Canetti–Krawczyk (CK) adversary model. Finally, we evaluate the performance in terms of computational and communication costs. The proposed scheme is lightweight and efficient as compared with the previous study because it involves only elliptic curve operations and symmetric cryptographic operations.	en
dc.description.provenance	Made available in DSpace on 2021-06-16T02:27:47Z (GMT). No. of bitstreams: 1 U0001-0408202017410600.pdf: 1025400 bytes, checksum: 8c3400d4b9b34361ee7ded863a3c7f36 (MD5) Previous issue date: 2020	en
dc.description.tableofcontents	誌謝 i 摘要 ii Abstract iii Chapter 1 Introduction 1 Chapter 2 Related work 7 2.1 Internet of things (IoT) architecture 7 2.2 Fog computing architecture 8 2.3 Group key agreement and establishment 9 Chapter 3 Preliminaries 11 3.1 Elliptic curve cryptosystem (ECC) 11 3.2 Elliptic Curve Qu-Vanstone (ECQV) certificate scheme 12 3.3 Threat model 13 Chapter 4 Proposed scheme 15 4.1 System setup phase 15 4.2 Device registration phase 16 4.3 Fog node registration phase 17 4.4 Mutual authentication and group key establishment phase 18 Chapter 5 Formal proof of security 25 Chapter 6 Security analysis 35 Chapter 7 Performance 37 7.1 Computational costs 37 7.2 Communication costs 39 Chapter 8 Conclusions 41 References 43
dc.language.iso	en
dc.subject	Canetti–Krawczyk攻擊模型	zh_TW
dc.subject	霧運算	zh_TW
dc.subject	團體金鑰建立	zh_TW
dc.subject	橢圓曲線密碼學	zh_TW
dc.subject	相互認證	zh_TW
dc.subject	mutual authentication	en
dc.subject	Canetti–Krawczyk adversary model	en
dc.subject	fog computing	en
dc.subject	group key establishment	en
dc.subject	elliptic curve cryptography	en
dc.title	基於霧運算架構之可證明安全性的團體密鑰建立協議	zh_TW
dc.title	Provable secure group key establishment scheme for fog computing	en
dc.type	Thesis
dc.date.schoolyear	108-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	雷欽隆(Chin-Laung Lei),林宗男(Tsung-Nan Lin)
dc.subject.keyword	霧運算,團體金鑰建立,橢圓曲線密碼學,相互認證,Canetti–Krawczyk攻擊模型,	zh_TW
dc.subject.keyword	fog computing,group key establishment,elliptic curve cryptography,mutual authentication,Canetti–Krawczyk adversary model,	en
dc.relation.page	46
dc.identifier.doi	10.6342/NTU202002402
dc.rights.note	有償授權
dc.date.accepted	2020-08-05
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	電機工程學研究所	zh_TW
顯示於系所單位：	電機工程學系

文件中的檔案：

檔案	大小	格式
U0001-0408202017410600.pdf 未授權公開取用	1 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。