請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/8088
標題: | 兼容的身分認證與金鑰交換協定 CAKE: Compatible Authentication and Key Exchange Protocol |
作者: | Yun-Hsin Chuang 莊允心 |
指導教授: | 雷欽隆(Chin-Laung Lei) |
關鍵字: | 生物特徵,物聯網,金鑰協議,隱私,物理不可複製函數,智慧城市,遠距醫療系統,第五代行動通訊技術, biometric,IoT,key agreement,privacy,PUF,smart city,TMIS,5G, |
出版年 : | 2020 |
學位: | 博士 |
摘要: | 隨著網際網路和無線網路的普及以及物聯網(IoT)的快速發展,遠端應用程式逐漸融入我們的日常生活。遠端身分認證與金鑰交換或金鑰協議(AKE/AKA)是一種能讓使用者和伺服器相互認證並建立共同會議密鑰的機制,以達到能在開放式網路中安全地進行通訊。認證機制從簡單的單因子密碼認證發展到較複雜的雙因子和三因子(多因子)認證,來保護資訊不被未經授權者存取。與雙因子身分認證機制相比,三因子(多因子)認證機制能抵抗重送攻擊及智慧卡遺失攻擊。近年來由於隱私權意識的抬頭,為了保護個人隱私,使用者會有匿名登入伺服器的需求,許多滿足使用者匿名性的身份認證機制與金鑰交換或金鑰協議(AAKE/AAKA)已陸續被提出,以防止使用者的真實身份被洩露。在傳統的匿名身份認證機制中,即使使用者使用匿名身份登入,由於使用者每次登入皆使用相同的匿名身份,故可藉由登入與相互認證時所傳輸的訊息來追蹤使用者,使用者不可追蹤性的概念因此被提出來討論,以避免使用者因洩漏傳輸資訊而被追蹤。 本論文研究了現今具使用者隱私保護的三因子認證機制,根據對這些機制的觀察與討論,我們提出了「具隱私保護且適用於多重伺服器環境的身分認證及金鑰協定」的設計方針。依據設計方針,我們提出了三個遠端身分認證機制及金鑰協定以及一個兼容的身分認證與金鑰交換,分別是適用於一般多重伺服器環境、遠距醫療系統(TMIS)、及物聯網(IoT),它們因應不同情境的需求而具有不同的特性。傳統的遠端身分認證機制及金鑰交換協定僅提供使用者與伺服器之間的認證或使用者和使用者之間的認證。我們創先提出「兼容的身分認證與金鑰交換(CAKE)」的概念以提供跨類別的身分認證以及金鑰交換,並且就具有第五代行動通訊技術的智慧城市為例提出一個具體實現, 並且將其擴展為具有使用者隱私保護的兼容身分認證與金鑰交換(ACAKE)協定。此協定是史上第一個同時具有兼容身分認證、多因子認證、適用於多重伺服器環境、使用者匿名性、使用者不可追蹤性、完全向前保密性、會員可撤銷、獨立認證、無須儲存表單、無須分配公開金鑰、及正規證明… 等特性的遠端身分認證機制及金鑰交換協定,它不僅適用於智慧城市,也適用於其他具有多角色類別的應用情境。對於所提出的四個協定,我們皆提供了完整的正規安全性證明,並將其與現今相關機制進行比較,以顯示我們的機制的優點與貢獻。 With the popularity of Internet and wireless networks and the rapid growth of Internet of Things (IoT), remote applications gradually participate in our daily lives. A remote authentication and key exchange (AKE) or key agreement (AKA) protocol is a mechanism for letting authorized users and servers authenticate mutually and establish a common session key to communicate securely through open networks. Numerous AKE/AKA protocols have been developed from a simple password based authentication to two-factor and three-factor (multi-factor) authentication for protecting information or resources from unauthorized users. In comparison with the password based and the two-factor AKE/AKA protocols, a three-factor (multi-factor) AKE protocol can withstand replay attacks and prevent stolen smart card attacks. With the rapidly development of the sense of privacy, users want to access remote servers anonymously; hence, many anonymous AKE/AKA (AAKE/AAKA) protocols are proposed to prevent the leakage of user’s identity. In an ordinary AAKE/AAKA protocol, a user logs into servers by a duplicate anonymous identity in each session which causes the relationship between each login is exposed; hence, the concept of user untraceability has been proposed recently to prevent users being tracked by the transmitted messages. In this dissertation, we survey relevant three-factor AAKE/AAKA protocols. According to the observation and discussion of these relevant protocols, we propose guidelines for designing a secure AAKE/AAKE protocol. We then obey the guidelines to propose three AKE protocols, which are designed for general multi-server environments, Telecare Medical Information Systems (TMIS), and Internet of Things (IoT), respectively. All of the existing AKE/AKA protocols are designed for either client-server or client-client authentication. We bring up the concept of a compatible authentication and key exchange (CAKE) protocol, which provides cross-species authentication that any two valid entities can authenticate with each other and create a secure session key to communicate securely. We take a smart city in 5G networks for example to propose a three-factor CAKE protocol, and extend it to an anonymous CAKE (ACAKE). This protocol is the first AAKE protocol that simultaneously achieves compatible authentication, three-factor authentication, applicability of multi-server environments, user anonymity, user untraceability/unlinkability, perfect forward secrecy, member revocation, independent authentication, table free, public key announcement free, and formal security proof. The proposed CAKE/ACAKE protocol is not only applicable to smart cities but also applicable to other present systems. We give formal security proofs of the four proposed protocols, analyze their performances, and compare them to the relevant protocols to show the advantages and contributions. |
URI: | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/8088 |
DOI: | 10.6342/NTU202004337 |
全文授權: | 同意授權(全球公開) |
顯示於系所單位: | 電機工程學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
U0001-1311202015004400.pdf | 6.24 MB | Adobe PDF | 檢視/開啟 |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。