橢圓曲線密碼配對與其應用

Tze-Hsiang Yen; 顏子翔

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/61054

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	陳君明
dc.contributor.author	Tze-Hsiang Yen	en
dc.contributor.author	顏子翔	zh_TW
dc.date.accessioned	2021-06-16T10:43:46Z	-
dc.date.available	2014-08-16
dc.date.copyright	2013-08-16
dc.date.issued	2013
dc.date.submitted	2013-08-13
dc.identifier.citation	[1] S. S. Al-Riyami and K. G. Paterson, “Tripartite Authenticated Key Agreement Protocols from Pairings”, IMA Conference on Cryptography and Coding, Lecture Notes in Computer Science, Vol. 2898, pp. 332-359, 2003. [2] Christophe Arene, Tanja Lange, Michael Naehrig, and Christophe Ritzenthaler, “Faster Computation of the Tate Pairing”, Journal of Number Theory, Vol. 131, Issue 5, pages 842-857, 2011. [3] P. S. L. M. Barreto and M. Naehrig, “Pairing-Friendly Elliptic Curves of Prime Order”, Lecture Notes in Computer Science, Vol. 3897, pp. 319-331, 2006. [4] R. Barua, R. Dutta, and P. Sarkar, “Extending Joux’s Protocol to Multi-Party Key Agreement”, INDOCRYPT 2003, Lecture Notes in Computer Science, Vol. 2904, pp. 205-217, 2003. [5] S. A. Baset and H. G. Schulzrinne,“An Analysis of the Skype Peer-to-Peer Internet Telephony”, Protocol INFOCOM 25th IEEE International Conference on Computer Communications, pp. 1-11, 2006. [6] Daniel J. Bernstein and Tanja Lange, “Faster Addition and Doubling on Elliptic Curves”, ASIACRYPT 2007, Lecture Notes in Computer Science, Vol. 4833, pp. 29-50, 2007. [7] Daniel J. Bernstein and Tanja Lange, “Explicit-formulas Database”, http://www.hyperelliptic.org/EFD. [8] J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-Policy Attribute-Based Encryption”, 2007 IEEE Symposium on Security and Privacy, pp. 321-334, 2007. [9] P. Biondi and F. Desclaux, “Silver Needle in the Skype”, BlackHat Europe, 2006. [10] D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G. Persiano, “Public Key Encryption with Keyword Search”, Eurocrypt 2004, Lecture Notes in Computer Science, Vol.3027, pp. 506-522, 2004. [11] D. Boneh and M. Franklin, “Identity-based Encryption from the Weil Pairing”, Crypto 2001, Lecture Notes in Computer Science, Vol. 2139, pp. 213-229, 2001. [12] D. Boneh, C. Gentry, and B. Waters, “Collusion Resistant Broadcast Encryption With Short Ciphertexts and Private Keys”, Crypto 2005, Lecture Notes in Computer Science, Vol. 3621, pp. 258-275, 2005. [13] E. Brown, E. Errthum, and D. Fu, “Weil Pairing vs. Tate Pairing in IBE systems”, 2003. [14] R. J. Chen, “Pairing-based Cryptography”, http://people.cs.nctu.edu.tw/~rjchen/Delta/PBC_2010.pdf [15] C. Costello, “Pairings for Beginners” notes, 2013, http://www.craigcostello.com.au/pairings/PairingsForBeginners.pdf [16] H. M. Edwards, “A Normal Form for Elliptic Curves”, Bulletin of the American Mathematical Society, Vol.44, pp. 393-422, 2007. [17] M. S. Farash, M. A. Attari, and M. Bayat, “Security of Multiple-Key Agreement Protocols and Propose an Enhanced Protocol”, http://eprint.iacr.org/2011/634.pdf [18] D. Fiore, R. Gennaro, and N. P. Smart, “Constructing Certificateless Encryption and ID-based Encryption from ID-based Key Agreement”, 4th international conference on Pairing-based cryptography, Lecture Notes in Computer Science, Vol. 6487, pp. 167-186, 2010. [19] S. Galbraith, “Advances in Elliptic Curve”, Cambridge University Press, 2005. [20] T. Icart, “How to Hash into Elliptic Curves”, CRYPTO 2009, Lecture Notes in Computer Science, Vol. 5677, pp. 303-316, 2009. [21] A. Joux, “A One Round Protocol for Tripartite Diffie-Hellman”, Journal of Cryptology, Vol. 17, pp. 263-276, 2004. [22] C. H. Lin, H. H. Lin, and J. C. Chang, “Multi-party Key Agreement for Secure Teleconferencing”, IEEE Conference on Systems, Man, and Cybernetics, 2006. [23] S. Matsuda, N. Kanayama, F. Hess, and E. Okamoto, “Optimised Versions of the Ate and Twisted Ate Pairings”, the Eleventh IMA International Conference on Cryptography and Coding, Lecture Notes in Computer Science, Vol. 4887, pp. 302-312, 2007. [24] V. S. Miller, “The Weil Pairing, and Its Efficient Calculation”, Journal of Cryptology, Vol.17, pp. 235-261, 2004. [25] V. S. Miller, “Short Programs for Functions on Curves”, IBM Thomas J. Watson Research Center, 1986. [26] M. Scott, “Implementing Cryptographic Pairings”, The 10th Workshop on Elliptic Curve Cryptography, 2006. [27] Adi Shamir, “Identity-Based Cryptosystems and Signature Schemes”, CRYPTO 1984, Lecture Notes in Computer Science, 1984. [28] J. H. Silverman, “The Arithmetic of Elliptic Curves (2nd Edition)”, Number 106 in Graduate Texts in Mathematics (GTM). [29] D. Zhang, C. Zheng, H. Zhang, and H. Yu, “Identification and Analysis of Skype Peer-to-Peer Traffic”, Internet and Web Applications and Services (ICIW), Fifth International Conference, pp. 200-206, 2010. [30] C. A. Zhao, F. Zhang, and J. Huang, “A note on the Ate pairing”, International Journal of Information Security, Vol. 7, Issue 6, pp. 379-382, 2008. [31] http://magma.maths.usyd.edu.au/calc [32] http://math.mit.edu/~drew/MNTCurves.html
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/61054	-
dc.description.abstract	由於橢圓曲線雙線性Diffie-Hellman問題之計算困難度，藉由配對（pairing）實現之協定陸續被提出，例如：身份加密（ID-based encryption）及密鑰協議機制。密鑰協議機制為透過不安全的通訊管道，讓欲進行通聯的使用者協議出共同密鑰（common secret key）；多方密鑰協議機制則是允許多位使用者在進行通聯之前，立即協議出加解密之共同密鑰。本論文將藉由雙線性配對函數提出一套密鑰協議機制，可以在通聯者低於四人時，透過一次訊息交換，同時完成身份驗證與密鑰協議。此外，該機制大幅降低使用者必須妥善保存的私鑰量，僅為橢圓曲線上的一點。我們將說明任何成功假扮公證第三方（TTP, trusted third party）的第三者，必定具備對應的私鑰資訊或超級強大的計算能力。我們也將透過magma的實作，說明此篇論文提出的機制確實可行。	zh_TW
dc.description.abstract	Due to the computational infeasibility of Bilinear Diffie-Hellman Problem on elliptic curves, many protocols based on pairings are constructed, such as ID-based encryption and key agreement. A key agreement protocol is a cryptographical primitive which allows participants to share a common secret key via insecure channel. In particular, a multiparty key agreement protocol manages arbitrary number of participants. In the thesis, we present a new authenticated multiparty key agreement protocol by using pairing. The authentication and the key agreement in our scheme can be done in just one round if the number of participants is less than four. Another advantage is that all participants only need to possess one piece of secret information of their own (a point on elliptic curve), hence the cost of secret protection is reduced in embedded systems. In security aspects, we show that if the system is compromised by Eve (a malicious user), then Eve either has secret information or has overwhelming computational ability to fool others by acting as the TTP (Trusted Third Party). We also show our scheme is efficient by using “magma”.	en
dc.description.provenance	Made available in DSpace on 2021-06-16T10:43:46Z (GMT). No. of bitstreams: 1 ntu-102-R97221048-1.pdf: 567726 bytes, checksum: e896f5553e4f6fa75d9fb4fdbd830691 (MD5) Previous issue date: 2013	en
dc.description.tableofcontents	口試委員會審定書 # 誌謝 i 中文摘要 ii Abstract iii Contents iv List of Figures vi 1. Introduction 1 2. Basics of Pairings 3 2.1 Admissible Pairing 3 2.2 Practical Bilinear Maps 3 2.2.1 Weil Pairing 3 2.2.2 Tate Pairing 4 2.2.3 Ate pairing 5 2.2.4 Eta pairing 5 2.2.5 Bilinear Diffie-Hellman Assumption (BDHA) 6 3. Feasibility of Pairings 7 4. Some Applications of Pairings 14 4.1 Identity-Based Encryption 14 4.2 Searchable Encryption 15 4.3 Broadcast Encryption 17 4.4 Attribute-Based Encryption 19 5. Pairing-Based Key Agreement Scheme 24 5.1 KASSS in Two Parties 24 5.2 Extension to Tripartite Authenticated Key Agreement 26 5.3 Extension to Multiparty Authenticated Key Agreement 28 6. Security Analysis 33 6.1 Authentication 33 6.1.1 Resistance to Man-in-the-Middle Attack 33 6.1.2 Hardness in Solving ECDLP and DLP 34 6.2 Key Agreement 34 7. Comparison and Experimental Results 36 7.1 Comparison 36 7.2 Experimental Results 37 8. Conclusion and Future Work 39 References 40 Appendix 44
dc.language.iso	en
dc.subject	橢圓曲線離散對數	zh_TW
dc.subject	橢圓曲線密碼學	zh_TW
dc.subject	多方密鑰協議機制	zh_TW
dc.subject	雙線性配對函數	zh_TW
dc.subject	Multiparty Key Agreement Protocol	en
dc.subject	Elliptic Curve Discrete Logarithm Problem	en
dc.subject	Bilinear Pairing	en
dc.subject	Elliptic Curve Cryptography	en
dc.title	橢圓曲線密碼配對與其應用	zh_TW
dc.title	Pairing-based Elliptic Curve Cryptography and Its Applications	en
dc.type	Thesis
dc.date.schoolyear	101-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	陳榮傑,楊柏因
dc.subject.keyword	雙線性配對函數,多方密鑰協議機制,橢圓曲線密碼學,橢圓曲線離散對數,	zh_TW
dc.subject.keyword	Bilinear Pairing,Multiparty Key Agreement Protocol,Elliptic Curve Cryptography,Elliptic Curve Discrete Logarithm Problem,	en
dc.relation.page	63
dc.rights.note	有償授權
dc.date.accepted	2013-08-13
dc.contributor.author-college	理學院	zh_TW
dc.contributor.author-dept	數學研究所	zh_TW
顯示於系所單位：	數學系

文件中的檔案：

檔案	大小	格式
ntu-102-1.pdf 未授權公開取用	554.42 kB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。