請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/8088
完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.advisor | 雷欽隆(Chin-Laung Lei) | |
dc.contributor.author | Yun-Hsin Chuang | en |
dc.contributor.author | 莊允心 | zh_TW |
dc.date.accessioned | 2021-05-20T00:48:50Z | - |
dc.date.available | 2023-01-01 | |
dc.date.available | 2021-05-20T00:48:50Z | - |
dc.date.copyright | 2020-11-23 | |
dc.date.issued | 2020 | |
dc.date.submitted | 2020-11-16 | |
dc.identifier.citation | [1] L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, vol. 24, no. 11, pp. 770-772, 1981. [2] T. Hwang, Y. Chen, and C. J. Laih, “Non-interactive password authentications without password tables,” in: Proceedings of IEEE Region 10 Conference on Computer and Communication Systems (TENCON'90), IEEE, Hong Kong, 1990, vol. 1, pp. 429-431. [3] Y.H. Chuang and Y.M. Tseng, “Towards generalized ID-based user authentication for mobile multi-server environment,” International Journal of Communication Systems, vol. 24, no. 4, pp. 447-460, 2012. [4] Y.H. Chuang, Y.M. Tseng, and C.L. Lei, “Efficient mutual authentication and key agreement with user anonymity for roaming services in global mobility networks,” International Journal of Innovative Computing, Information and Control, vol. 8, no. 9, pp. 6415-6428, 2012. [5] Y.M. Tseng, S.S. Huang, T.T. Tsai, and J.H. Ke, “List-free ID-based mutual authentication and key agreement protocol for multi-server architectures,” IEEE Transactions on Emerging Topics in Computing, vol. 4, no. 1, pp. 102-122, 2016. [6] W. Wang, Y. Chen, and Q. Zhang, “Privacy-preserving location authentication in Wi-Fi networks using fine-grained physical layer signature,” IEEE Transactions on Wireless Communications, vol. 15, no. 2, pp. 1218-1225, 2016. [7] M. Bellare and P. Rogaway, “Random oracles are practical: a paradigm for designing efficient protocols,” in: Proceedings of 1st ACM conference on Computer and Communications Security (CCS1993), Fairfax, Virginia, USA, 1993, pp. 62-73. [8] Y. Dodis, L. Reyzin, and A. Smith, “Fuzzy Extractors: how to generate strong keys from biometrics and other noisy data,” in: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2004), Interlaken, Switzerland, May 26 2004, vol. 3027, pp. 523-540. [9] D. Mukhopadhyay, “PUFs as promising tools for security in internet of things,” IEEE Design and Test, vol. 33, no. 3, pp. 103-115, June 2016. [10] P. Tuyls and B. Skoric, “Secret key generation from classical physics: physical uncloneable functions,” In: S. Mukherjee, R.M. Aarts, R. Roovers, F. Widdershoven, and M. Ouwerkerk (eds), AmIware Hardware Technology Drivers of Ambient Intelligence, Philips Research, vol. 5, pp. 421-447, 2006. [11] D. Lim, J. W. Lee, B. Gassend, G. Edward Suh, M. van Dijk, and S. Devadas, “Extracting secret keys from integrated circuits,” IEEE Transactions on VLSI Systems, vol. 13, no. 10, pp. 1200-1205, 2005. [12] C. Herder, M.D. Yu, F. Koushanfar, and S. Devadas, “Physical unclonable functions and applications: a tutorial,” Proceedings of the IEEE, vol. 102, no. 8, pp.1126-1141, 2014. [13] U. Chatterjee, V. Govindan, R. Sadhukhan, D. Mukhopadhyay, R.S. Chakraborty, D. Mahata, and M.M. Prabhu, “Building PUF based authentication and key exchange protocol for IoT without explicit CRPs in verifier database,” IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 3, pp.424-437, MAY/JUNE 2019. [14] H. Kang, Y. Hori, T. Katashita, M. Hagiwara, and K. Iwamura, “Cryptographie key generation from PUF data using efficient fuzzy extractors,” in: Proceedings of 16th International Conference on Advanced Communication Technology (ICACT), IEEE, Feb. 2014, pp. 23-26. [15] J. Delvaux, D. Gu, I. Verbauwhede, M. Hiller, and M.M. Yu, “Efficient fuzzy extraction of PUF-induced secrets: theory and applications,” in: Proceedings of 18th International Conference on Cryptographic Hardware and Embedded Systems, (CHES 2016), Santa Barbara, CA, USA, 2016, pp. 412-431. [16] D. Hankerson, A. Menezes, and S. Vanstone, Guide to Elliptic Curve Cryptography, Springer-Verlag, New York, USA, 2004. [17] K.Y. Choi, J.Y. Hwang, and D.H. Lee, “Efficient ID-based group key agreement with bilinear maps,” in: Proceedings of 7th International Workshop on Theory and Practice in Public Key Cryptography(PKC 2004), Springer, Singapore, March 14, 2004, vol. 2947, pp: 130-144. [18] K.Y. Choi, J.Y. Hwang, D.H. Lee, and I.S. Seo, “ID-based authenticated key agreement for low-power mobile devices” in: Proceedings of 10th Australasian Conference on Information Security and Privacy (ACISP2005), Springer, Brisbane, Australia, 2005, vol. 3574, pp. 494-505. [19] D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing,” in: Proceedings of 21st Annual International Cryptology Conference (Crypto 2001), Springer, Santa Barbara, California, USA, August 19-23, 2001, vol. 2139, pp. 213-229. [20] M.K. Khan and S. Kumari, “An improved biometrics-based remote user authentication scheme with user anonymity,” Biometrics and Biosecurity, vol. 2013, no. 491289, pp. 1-9, 2013. [21] A. Chaturvedi, D. Mishra, and S. Mukhopadhyay, “Improved biometric-based three-factor remote user authentication scheme with key agreement using smart card,” in: Proceedings of International Conference on Information Systems Security (ICISS), ACM, Kolkata, India, 2013, pp. 63-77. [22] Y. An, “Improved biometrics-based remote user authentication scheme with session key agreement,” in: Proceedings of Computer Applications for Graphics, Grid Computing, and Industrial Environment, Springer, Gangneug, Korea, 2012, vol. CCIS, pp: 307-315. [23] X. Li, J. Niu, Z. Wang, and C. Chen, “Applying biometrics to design three-factor remote user authentication scheme with key agreement,” Security and Communication Networks, vol. 7, pp. 1488-1497, 2014. [24] S.H. Islam, “Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps,” Nonlinear Dynamics, vol. 78, no. 3, pp. 2261-2276, 2014. [25] L. Cao and W. Ge, “Analysis and improvement of a multi-factor biometric authentication scheme,” Security and Communication Networks, vol. 8, no, 4, pp. 617-625, 2015. [26] Y. An, “Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards,” Journal of Biomedicine and Biotechnology, no. 519723, 2012. [27] Y. Choi, Y. Lee, J. Moon, and D. Won, “Security enhanced multi-factor biometric authentication scheme using bio-hash function,” PLoS ONE, vol. 12, no. 5, e0176250, 2017. [28] Y. Park, K. Park, and K. Lee, “Security analysis and enhancements of an improved multi-factor biometric authentication scheme,” International Journal of Distributed Sensor Networks, vol. 13, no. 8, pp. 1-12, 2017. [29] Y. Zhao, S. Li, L. Jiang, and T. Liu, “Security-enhanced three-factor remote user authentication scheme based on Chebyshev chaotic maps,” International Journal of Distributed Sensor Networks, vol. 15, no. 4, pp. 1-12, 2019. [30] A.G. Reddy, A.K. Das, V. Odelu, A. Ahmad, and J.S. Shin, “A privacy preserving three-factor authenticated key agreement protocol for client-server environment,” Journal of Ambient Intelligence and Humanized Computing, vol. 10, no. 2, pp. 661-680, 2019. [31] M. Qi and J. Chen, “An efficient two-party authentication key exchange protocol for mobile environment,” International Journal of Communication Systems, vol. 30, no. 16, e3341, 2017. [32] Y. Lu, L. Li, H. Peng, and Y. Yang, “Robust anonymous two-factor authenticated key exchange scheme for mobile client-server environment,” Security and Communication Networks, vol. 9, no. 11, pp. 1331-1339, 2016. [33] M.C. Chuang and M.C. Chen, “An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics,” Expert Systems with Applications, vol. 41, no. 4, pp. 1411-1418, 2014. [34] T. Maitra and D. Giri, “An efficient biometric and password-based remote user authentication using smart card for telecare medical information systems in multi-server environment,” Journal of Medical Systems, vol. 38, no. 142, 2014. [35] Y. Choi, J. Nam, D. Lee, J. Kim, J. Jung, and D. Won, “Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics,” The Scientific World Journal, no. 281305, 2014. [36] D. Mishra, A.K. Das, and S. Mukhopadhyay, “A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards,” Expert Systems with Applications, vol. 41, no. 18, pp. 8129-8143, 2014. [37] C. Wang, X. Zhang, and Z. Zheng, “Cryptanalysis and improvement of a biometric-based multi-server authentication and key agreement scheme,” PLoS ONE, vol. 11, no. 2, e0149173, 2016. [38] L. Yang and Z. Zheng, “Cryptanalysis and improvement of a biometrics-based authentication and key agreement scheme for multi-server environments,” PLoS ONE, vol. 13, no. 3, e019409, 2018. [39] Y. Lu, L. Li, X. Yang, and Y. Yang, “Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards,” PLoS ONE, vol. 10, no. 5, e0126323, May 2015. [40] Y. Lu, L. Li, H. Peng, and Y. Yang, “A biometrics and smart cards-based authentication scheme for multi-server environments,” Security and Communication Networks, vol. 8, pp. 3219-3228, March 2015. [41] J. Moon, Y. Choi, J. Jung, and D. Won, “An improvement of robust biometrics-based authentication and key agreement scheme for multi-server environments using smart cards,” PLoS ONE, vol. 10, no. 12, e0145263, 2015. [42] H. Guo, P. Wang, X. Zhang, Y. Huang, and F. Ma, “A robust anonymous biometric-based authenticated key agreement scheme for multi-server environments,” PLoS ONE, vol. 12, no. 11, e0187403, 2017. [43] S.A. Chaudhry, H. Naqvi, M.S. Farash, T. Shon, and M. Sher, “An improved and robust biometrics-based three factor authentication scheme for multiserver environments,” Journal of Supercomput, vol. 74, pp. 3504-3520, 2018. [44] M. Wazid, A.K. Das, Saru Kumari, X. Li, and F. Wu, “Provably secure biometric-based user authentication and key agreement scheme in cloud computing,” Security and Communication Networks, vol. 9, pp. 4103-4119, 2016. [45] H. Lin, F. Wen, and C. Du, “An improved anonymous multi-server authenticated key agreement scheme using smart cards and biometrics,” Wireless Personal Communications , vol. 84, pp. 2351-2362, 2015. [46] R. Amin and G. Biswas, “Design and analysis of bilinear pairing based mutual authentication and key agreement protocol usable in multi-server environment,” Wireless Personal Communications, vol. 84, no. 1, pp. 439-462, 2015. [47] W.B. Hsieh and J.S. Leu, “An anonymous mobile user authentication protocol using self-certified public keys based on multi-server architectures,” Journal of Supercomput, vol. 70, no. 1, pp. 133-148, 2014. [48] P. Chandraka and H. Om, “Cryptanalysis and improvement of a biometric-based remote user authentication protocol usable in a multiserver environment,” Transactions on Emerging Telecommunications Technologies, vol. 28, no. 12, e3200, 2017. [49] Y.H. Chuang, C.L. Lei, and Hung-Jr Shiu, “Cryptanalysis of four biometric based authentication schemes with privacy-preserving for multi-server environment,” in: Proceedings of the 15th Asia Joint Conference on Information Security (ASIAJCIS2020), IEEE, Taipei, Taiwan, 2020, pp. 66-73. [50] P. Chandrakar and H. Om, “A secure and robust anonymous three-factor remote user authentication scheme for multi-server environment using ECC,” Computer Communications, vol. 110, pp. 26-34, 2017. [51] P. Jiang, Q. Wen, W. Li, Z. Jin, and H. Zhang, “An anonymous and efficient remote biometrics user authentication scheme in a multi server environment,” Frontiers of Computer Science, vol. 9, no. 1, pp. 142-156, 2015. [52] D. He and D. Wang, “Robust biometrics-based authentication scheme for multiserver environment,” IEEE Systems Journal, vol. 9, no. 3, pp. 816-823, 2015. [53] V. Odelu, A.K. Das, and A. Goswami, “A secure biometrics-based multi-server authentication protocol using smart cards,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 9, pp. 1953-1966, 2015. [54] Y.H. Park and Y.H. Park, “Three-Factor user authentication and key agreement using elliptic curve cryptosystem in wireless sensor networks,” Sensors, vol. 16, no. 12, pp. 2123, 17 pages, 2016. [55] I.P. Chang, T.F. Lee, T.H. Lin, and C.M. Liu, “Enhanced two-factor authentication and key agreement using dynamic identities in wireless sensor networks,” Sensors, vol. 15, no. 12, pp. 29841-29854, 2015. [56] Y. Choi, J. Nam, D. Lee, J. Kim, J. Jung, and D. Won, “Security improvement on biometric based authentication scheme for wireless sensor networks using fuzzy extraction,” International Journal of Distributed Sensor Networks, no. 8572410, 2016. [57] E.J. Yoon and C. Kim, “Advanced biometric-based user authentication scheme for wireless sensor networks,” Sensor Letters, vol. 11, no. 9, pp. 1836-1843, 2013. [58] A. Irshad, M. Sher, S.A. Chaudhary, H. Naqvi, and M.S. Farash, “An efficient and anonymous multi-server authenticated key agreement based on chaotic map without engaging registration Centre,” Journal of Supercomput, vol. 72, pp. 1623-1644, 2016. [59] A.G. Reddy, E.J. Yoon, A.K. Das, V. Odelu, and K.Y. Yoo, “Design of mutually authenticated key agreement protocol resistant to impersonation attacks for multi-server environment,” IEEE Access, vol. 5, no. 99, pp, 3622-3639, 2017. [60] D. Xu, J, Chen, and Q. Liu, “Provably secure anonymous three‑factor authentication scheme for multi‑server environments,” Journal of Ambient Intelligence and Humanized Computing , vol. 10, pp. 611-627, 2019. [61] M. Qi, J. Chen, and Y. Chen, “A secure biometrics-based authentication key exchange protocol for multi-server TMIS using ECC,” Computer Methods and Programs in Biomedicine, vol. 164, pp. 101-109, 2018. [62] R. Ali, and A. K. Pal, “An efficient three factor–based authentication scheme in multiserver environment using ECC,” Communication Systems, vol. 31, no. 4, pp. e3484, 2018. [63] A.K. Das and A.Goswami, “A secure and efficient uniqueness and anonymity preserving remote user authentication scheme for connected health care,” Journal of Medical System., vol. 37, no. 9948, 2013. [64] F. Wen, “A robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care,” Journal of Medical Systems, vol. 37, no. 9980, 2013. [65] Q. Xie, W. Liu, S. Wang, L. Han, B. Hu, and T. Wu, “Improvement of a uniqueness-and-anonymity-preserving user authentication scheme for connected health care,” Journal of Medical Systems, vol. 38, no. 91, 2014. [66] L. Xu and F. Wu, “Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care,” Journal of Medical Systems, vol. 39, no. 10, 2015. [67] Z. Tan, “A user anonymity preserving three-factor authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 38, no. 16, 2014. [68] H. Arshad and M. Nikooghadam, “Three-factor anonymous authentication and key agreement scheme for telecare medicine systems information,” Journal of Medical Systems, vol. 38, no. 136, 2014. [69] A.K. Das, “A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems,” Journal of Medical Systems, vol. 39, no. 30, 2015. [70] Y. Lu, L. Li, H. Peng, and Y. Yang, “An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem,” Journal of Medical Systems, vol. 39, no. 32, 2015. [71] R. Amin, S.H. Islam, G.P. Biswas, M.K. Khan, and M.S. Obaidat, “Design and analysis of an enhanced patient-server mutual authentication protocol for telecare medical information system,” Journal of Medical Systems, vol. 39, no.11, 2015. [72] Q. Jiang, Z. Chen, B. Li, J. Shen, L.Yang, and J. Ma, “Security analysis and improvement of bio-hashing based three factor authentication scheme for telecare medical information systems,” Journal of Ambient Intelligence and Humanized Computing, vol. 9, pp. 1061-1073, 2018. [73] D. Mishra, S. Mukhopadhyay, A. Chaturvedi, S. Kumari, and M. Khan, “Cryptanalysis and improvement of Yan et al.’s biometric-based authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 38, no. 24, pp. 1-12, Jun. 2014. [74] X. Yan, W. Li, P. Li, J.Wang, X. Hao, and P. Gong, “A secure biometrics based authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 37, no. 9972, pp. 1-6, Oct. 2013. [75] R. Amin and G.P. Biswas, “A secure three-factor user authentication and key agreement protocol for TMIS with user anonymity,” Journal of Medical Systems, vol. 39, no. 78, 2015. [76] M. Wazid, A.K. Das, S. Kumari, X. Li, and F. Wu, “Design of an efficient and provably secure anonymity preserving three-factor user authentication and key agreement scheme for TMIS,” Security and Communication Networks , vol. 9, no. 13, pp. 1983-2001, 2016. [77] Q. Jiang, M.K. Khan, X. Lu, J. Ma, and D. He, “A privacy preserving three-factor authentication protocol for e-Health clouds,” Journal of Supercomput, vol. 72, pp. 3826-3849, 2016. [78] A. Irshad and S.A. Chaudhry, “Comments on “A privacy preserving three-factor authentication protocol for e-health clouds”,” Journal of Supercomput, vol. 73, pp. 1504-1508, 2017. [79] L. Zhang, S. Zhu, and S. Tang, “Privacy protection for telecare medicine information systems using a chaotic map-based three-factor authenticated key agreement scheme,” Journal of Biomedical and Health Informatics, vol. 21, no. 2, pp. 465-475, 2017. [80] J. Wei, W. Liu, X. Hu, “On the security and improvement of privacy preserving 3-factor authentication scheme for TMIS,” International Journal of Communication Systems, vol. 31, no. e3767, 2018. [81] T. Alam, “A reliable communication framework and its use in Internet of Things (IoT),” International Journal of Scientific Research in Computer Science, Engineering and Information Technology, vol. 2, no. 5, pp. 450-456, 2018. [82] M. Rostami, M. Majzoobi, F. Koushanfar, D.S. Wallach, and S. Devadas, “Robust and reverse-engineering resilient PUF authentication and key-exchange by substring matching,” IEEE Transactions on Emerging Topics in Computational, vol. 2, no. 1, pp. 37-49, 2014. [83] A. Aysu, E. Gulcan, D. Moriyama, P. Schaumont, M. Yung, “End-to-end design of a PUF-based privacy preserving authentication protocol,” in: Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems, Saint-Malo, France, 13-16 September 2015; pp. 556-576. [84] M.D. Yu, M. Hiller, J. Delvaux, R. Sowell, S. Devadas, and I. Verbauwhede, “A lockdown technique to prevent machine learning on PUFs for lightweight authentication,” IEEE Transactions on Multi-Scale Computing Systems., vol. 2, issue 3, pp. 146-159, 2016. [85] W. Che, M. Martin, G. Pocklassery, V. K. Kajuluri, F. Saqib , and J. Plusquellic, “A privacy-preserving, mutual PUF-based authentication protocol,” Cryptography, vol. 1, issue 1, article 3, pp. 1-17, 2017. [86] P. Gope and B. Sikdar, “Privacy-aware authenticated key agreement scheme for secure smart grid communication,” IEEE Transactions on Smart Grid, vol. 10, no. 4, pp. 3953-3962, JULY 2019. [87] J.W. Byun, “An efficient multi-factor authenticated key exchange with physically unclonable function,” in: Proceedings of International Conference on Electronics, Information, and Communication (ICEIC), Auckland, New Zealand, May 2019, pp. 1-4. [88] U. Chatterjee, R.S. Chakraborty, D. Mukhopadhyay, “A PUF-based secure communication protocol for IoT,” ACM Transactions on Embedded Computing Systems, no. 3, article 67, pp. 1-25, 2017. [89] A. Braeken, “PUF based authentication protocol for IoT,” Symmetry, vol. 10, no. 8, article 352, pp.1-15, 2018. [90] M. Agiwal, A. Roy, and N. Saxen, “Next generation 5G wireless networks: a comprehensive survey,” IEEE Communications Surveys Tutorials, vol. 18, no. 3, pp.1617-1655, 2016. [91] S. Borkar and H. Pande, “Application of 5G next generation network to Internet of Things,” in: Proceedings of IoT and Applications (IOTA) Maharashtra Institute of Technology, Pune, India, Jan 2016, pp.443-447. [92] S.K. Rao1 and R. Prasad, “Impact of 5G technologies on smart city implementation,” Wireless Personal Communications, vol. 100, pp. 161-176, 2018. [93] M.D. Cia, F. Mason, D. Peron, and F. Chiariotti, “Using smart city data in 5G self-organizing networks,” IEEE IoT, vol. 5, no. 2, pp. 645-654, April 2018. [94] R.T. Tiburski, L.A. Amaral, and F. Hessel, “Security challenges in 5G-Based IoT middleware systems,” in: Mavromoustakis C., Mastorakis G., Batalla J. (eds) Internet of Things (IoT) in 5G Mobile Technologies, Modeling and Optimization in Science and Technologies, vol 8, Springer, Cham, pp. 399-418, April 2016. [95] X. Li, A.K. Sangaiah, S. Kumari, F. Wu, J. Shen, and M.K. Khan, “An efficient authentication and key agreement scheme with user anonymity for roaming service in smart city,” Personal and Ubiquitous Computing , vol. 21, pp. 791-805, 2017. [96] J.L. Li, W.G. Zhang, V. Dabra, K.K. R. Choo, S. Kumari, D. Hogrefe, “AEP-PPA: an anonymous, efficient and provably-secure privacy- preserving authentication protocol for mobile services in smart cities,” Journal of Network and Computer Applications, vol. 134, pp. 52-61, May 2019. [97] A.G. Reddy, D. Suresh, K. Phaneendra, J.S. Shin, and V. Odelude, “Provably secure pseudo-identity based device authentication for smart cities environment,” Sustainable Cities and Society, vol. 41, pp. 878-885, Aug. 2018. [98] Q. Xie and L. Hwang, “Security enhancement of an anonymous roaming authentication scheme with two-factor security in smart city,” Neurocomputing, vol. 347, pp. 131-138, 2019. [99] S. Jegadeesan, M. Azees, P.M. Kumar, G. Manogaran, N. Chilamkurti, R.Varatharajan, and C.H. Hsu, “An efficient anonymous mutual authentication technique for providing secure communication in mobile cloud computing for smart city applications, ” Sustainable Cities and Society, vol. 49, no. 101522, 2019. [100] Y.M. Tseng, S.S. Huang, and M.L. You, “Strongly secure ID-based authenticated key agreement protocol for mobile multi-server environments,” International Journal of Communication Systems, vol. 30, no.11, e3251, 2017. [101] C.L. Lei and Y.H. Chuang, “Privacy protection for telecare medicine information systems with multiple servers using a biometric-based authenticated key agreement scheme,” IEEE Access, vol.7, pp. 186480-186490, December 2019. [102] M. Burrows, M. Abadi, and R. Needham, “A logic of authentication,” ACM Transactions on Computer Systems, vol. 8, no. 1, pp. 18-36, Feb. 1990. [103] A. Armando et al., “Automated security protocol analysis with the AVISPA tool,” in: Proceedings of International Conference on Computer Aided Verification (CAV2005), Edinburgh, United Kingdom, Jul. 2005, vol. 3576, pp. 281-285. [104] D. Wang and P. Wang, “Two birds with one stone: Two-factor authentication with security beyond conventional bound,” IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 4, pp.708-722, 2018. [105] P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in: Annual International Cryptology Conference, Springer, 1999, pp. 388-397. [106] T.S. Messerges, E.A. Dabbish, and R.H. Sloan, “Examining smart-card security under the threat of power analysis attacks,” IEEE Transactions on Computers, vol. 51, no. 5, pp. 541-552, 2002. [107] S. Rane, Y. Wang, S.C. Draper, and P. Ishwar, “Secure biometrics: Concepts, authentication architectures, and challenges,” IEEE Signal Processing Magazine, vol. 30, no. 5, pp. 51-64, 2013. [108] U. Rührmair et al., “PUF modeling attacks on simulated and silicon data,” IEEE Transactions on Information Forensics and Security, vol. 8, no. 11, pp. 1876-1891, 2013. [109] Y. H. Chuang and C. L. Lei, “An independent three-factor mutual authentication and key agreement scheme with privacy preserving for multi-server environment and a survey,” International Journal of Communication Systems, article in press, DOI: 10.1002/dac.4660, Oct. 2020. [110] R. C. Bose and D. K. Ray-Chaudhuri, “On a class of error correcting binary group codes”, Information and Control, vol. 3, no. 1, pp. 68-79, March 1960. [111] J. Vliegen, N. Mentens, J. Genoe, A. Braeken, S. Kubera, A. Touhafi, and I. Verbauwhede, “A compact FPGA-based architecture for elliptic curve cryptography over prime fields,” in: Proceedings of 21st IEEE International Conference on Application-specific Systems, Architectures and Processors (ASAP 2010), Rennes, France, 2010, pp. 313-316. [112] S. Cavalieri and G. Cutuli, “Implementing encryption and authentication in KNX using Diffie-Hellman and AES algorithms,” in: Proceedings of 35th Annual Conference of IEEE Industrial Electronics, IEEE, Porto, Portugal, November 2009, pp. 2459-2464. [113] M. Scott, N. Costigan, and W. Abdulwahab, “Implementing cryptographic pairings on smartcards,” in: Proceedings of Cryptographic Hardware and Embedded Systems, Springer, Yokohama, Japan, 2006, vol. 4249, pp. 134-147. [114] X. Cao, X. Zeng, W. Kou, and L. Hu, “Identity-based anonymous remote authentication for value-added services in mobile networks,” IEEE Transactions on Vehicular Technology, vol. 58, no. 7, pp. 3508-3517, September 2009. [115] H. Xiong and Z. Qin, “Revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 7, pp. 1442-1455, 2015. [116] G. Alagic et al., “Status report on the second round of the NIST post-quantum cryptography standardization process,” National Institute of Standards and Technology (NIST), https://nvlpubs.nist.gov/nistpubs/ir/2020/NIST.IR.8309.pdf, July 2020. | |
dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/8088 | - |
dc.description.abstract | 隨著網際網路和無線網路的普及以及物聯網(IoT)的快速發展,遠端應用程式逐漸融入我們的日常生活。遠端身分認證與金鑰交換或金鑰協議(AKE/AKA)是一種能讓使用者和伺服器相互認證並建立共同會議密鑰的機制,以達到能在開放式網路中安全地進行通訊。認證機制從簡單的單因子密碼認證發展到較複雜的雙因子和三因子(多因子)認證,來保護資訊不被未經授權者存取。與雙因子身分認證機制相比,三因子(多因子)認證機制能抵抗重送攻擊及智慧卡遺失攻擊。近年來由於隱私權意識的抬頭,為了保護個人隱私,使用者會有匿名登入伺服器的需求,許多滿足使用者匿名性的身份認證機制與金鑰交換或金鑰協議(AAKE/AAKA)已陸續被提出,以防止使用者的真實身份被洩露。在傳統的匿名身份認證機制中,即使使用者使用匿名身份登入,由於使用者每次登入皆使用相同的匿名身份,故可藉由登入與相互認證時所傳輸的訊息來追蹤使用者,使用者不可追蹤性的概念因此被提出來討論,以避免使用者因洩漏傳輸資訊而被追蹤。 本論文研究了現今具使用者隱私保護的三因子認證機制,根據對這些機制的觀察與討論,我們提出了「具隱私保護且適用於多重伺服器環境的身分認證及金鑰協定」的設計方針。依據設計方針,我們提出了三個遠端身分認證機制及金鑰協定以及一個兼容的身分認證與金鑰交換,分別是適用於一般多重伺服器環境、遠距醫療系統(TMIS)、及物聯網(IoT),它們因應不同情境的需求而具有不同的特性。傳統的遠端身分認證機制及金鑰交換協定僅提供使用者與伺服器之間的認證或使用者和使用者之間的認證。我們創先提出「兼容的身分認證與金鑰交換(CAKE)」的概念以提供跨類別的身分認證以及金鑰交換,並且就具有第五代行動通訊技術的智慧城市為例提出一個具體實現, 並且將其擴展為具有使用者隱私保護的兼容身分認證與金鑰交換(ACAKE)協定。此協定是史上第一個同時具有兼容身分認證、多因子認證、適用於多重伺服器環境、使用者匿名性、使用者不可追蹤性、完全向前保密性、會員可撤銷、獨立認證、無須儲存表單、無須分配公開金鑰、及正規證明… 等特性的遠端身分認證機制及金鑰交換協定,它不僅適用於智慧城市,也適用於其他具有多角色類別的應用情境。對於所提出的四個協定,我們皆提供了完整的正規安全性證明,並將其與現今相關機制進行比較,以顯示我們的機制的優點與貢獻。 | zh_TW |
dc.description.abstract | With the popularity of Internet and wireless networks and the rapid growth of Internet of Things (IoT), remote applications gradually participate in our daily lives. A remote authentication and key exchange (AKE) or key agreement (AKA) protocol is a mechanism for letting authorized users and servers authenticate mutually and establish a common session key to communicate securely through open networks. Numerous AKE/AKA protocols have been developed from a simple password based authentication to two-factor and three-factor (multi-factor) authentication for protecting information or resources from unauthorized users. In comparison with the password based and the two-factor AKE/AKA protocols, a three-factor (multi-factor) AKE protocol can withstand replay attacks and prevent stolen smart card attacks. With the rapidly development of the sense of privacy, users want to access remote servers anonymously; hence, many anonymous AKE/AKA (AAKE/AAKA) protocols are proposed to prevent the leakage of user’s identity. In an ordinary AAKE/AAKA protocol, a user logs into servers by a duplicate anonymous identity in each session which causes the relationship between each login is exposed; hence, the concept of user untraceability has been proposed recently to prevent users being tracked by the transmitted messages. In this dissertation, we survey relevant three-factor AAKE/AAKA protocols. According to the observation and discussion of these relevant protocols, we propose guidelines for designing a secure AAKE/AAKE protocol. We then obey the guidelines to propose three AKE protocols, which are designed for general multi-server environments, Telecare Medical Information Systems (TMIS), and Internet of Things (IoT), respectively. All of the existing AKE/AKA protocols are designed for either client-server or client-client authentication. We bring up the concept of a compatible authentication and key exchange (CAKE) protocol, which provides cross-species authentication that any two valid entities can authenticate with each other and create a secure session key to communicate securely. We take a smart city in 5G networks for example to propose a three-factor CAKE protocol, and extend it to an anonymous CAKE (ACAKE). This protocol is the first AAKE protocol that simultaneously achieves compatible authentication, three-factor authentication, applicability of multi-server environments, user anonymity, user untraceability/unlinkability, perfect forward secrecy, member revocation, independent authentication, table free, public key announcement free, and formal security proof. The proposed CAKE/ACAKE protocol is not only applicable to smart cities but also applicable to other present systems. We give formal security proofs of the four proposed protocols, analyze their performances, and compare them to the relevant protocols to show the advantages and contributions. | en |
dc.description.provenance | Made available in DSpace on 2021-05-20T00:48:50Z (GMT). No. of bitstreams: 1 U0001-1311202015004400.pdf: 6391060 bytes, checksum: b5b0e7229ca2093023a5b15f320b6d29 (MD5) Previous issue date: 2020 | en |
dc.description.tableofcontents | 摘要 i Abstract iii 誌 謝 v List of Figures ix Chapter 1 Introduction 1 1.1 Research Motivation 1 1.2 Objectives and Contribution 8 1.3 Dissertation Organization 9 Chapter 2 Preliminaries 11 2.1 Biometric 11 2.2 Physical unclonable function 11 2.3 Fuzzy Extractor 13 2.4 Elliptic Curve Cryptography 15 2.5 Bilinear Pairing 15 2.6 Mathematical Problems and Assumptions 16 2.7 Notations 17 Chapter 3 Related Work 19 3.1 Three-factor AAKA 19 3.1.1 Single Server Environments 20 3.1.2 Pseudo Multi-server Environments 21 3.1.3 Multi-server Environments 23 3.2 Three-Factor AAKA for TMIS 26 3.3 AKE for IoT 28 3.4 AKE for a Smart City 31 3.5 Design Guideline 32 Chapter 4 Security Model 40 4.1 Threat Assumptions 40 4.2 Adversarial Model 41 Chapter 5 An Independent Three-factor AKA Protocol with Privacy Preserving for Multi-server Environments 47 5.1 Framework of a Multi-server Environment 47 5.2 The Proposed Protocol (Protocol 1: General AAKA) 48 5.2.1 Initialization Phase 48 5.2.2 Registration Phase 49 5.2.3 Login and AKA Phase 51 5.2.4 Password and Biometric Change Phase 55 5.3 Characteristic Analysis 56 5.4 Security Analysis 58 Chapter 6 Privacy Protection for TMIS with Multiple Servers Using a Biometric-based AKA Protocol 73 6.1 Framework of a TMIS 74 6.2 The Proposed Protocol (Protocol 2: AAKA for TMIS) 75 6.2.1 Initialization Phase 75 6.2.2 Registration Phase 76 6.2.3 On-line Update Phase 78 6.2.4 Login and AAKA Phase 80 6.2.5 Password and Biometric Change Phase 82 6.3 Characteristic Analysis 83 6.4 Security Analysis 85 Chapter 7 PUF Based AKE Protocol for IoT without Verifiers and Explicit CRPs 94 7.1 Framework of a PUF based AKE Protocol for IoT 94 7.2 The Proposed Protocol (Protocol 3: AKE for IoT) 95 7.2.1 System Assumptions 95 7.2.2 Initialization Phase 96 7.2.3 Registration Phase 97 7.2.4 IoT Node AKE Phase 101 7.3 Characteristic Analysis 103 7.4 Security Analysis 104 Chapter 8 CAKE: Compatible Authentication and Key Exchange Protocol Taking a Smart City for Example in 5G Networks 113 8.1 Framework of a CAKE/ACAKE Protocol 114 8.2 The Proposed Protocol (Protocol 4: CAKE) 117 8.2.1 Initialization Phase 117 8.2.2 Registration Phase 118 8.2.3 Online Update Phase 122 8.2.4 CAKE Phase 124 8.2.5 Password and Biometric Change Phase 127 8.3 The Proposed Protocol (Protocol 4: ACAKE) 128 8.3.1 ACAKE Phase 129 8.4 Characteristic Analysis 130 8.5 Security Analysis 132 Chapter 9 Performance Analysis and Comparisons 150 9.1 Performance Analysis of the Proposed Protocols 150 9.1.1 Our Protocol 1 (General AAKA) 153 9.1.2 Our Protocol 2 (AAKA for TMIS) 153 9.1.3 Our Protocol 3 (AKE for IoT) 154 9.1.4 Our Protocol 4 (CAKE/ACAKE) 156 9.2 Comparisons 157 9.2.1 Four Proposed Protocols 157 9.2.2 Our Protocol 1, Protocol 2, and Relevant Secure AAKA Protocols 159 9.2.3 Our Protocol 2 and Relevant Secure AAKA Protocols for TMIS 161 9.2.4 Our Protocol 3 and Relevant PUF Based AKE Protocols for IoT 162 9.2.5 Our Protocol 4 and Relevant AKE Protocols for a Smart City 162 Chapter 10 Conclusions and Future Work 166 10.1 Conclusions 166 10.2 Future Work 167 Bibliography 170 | |
dc.language.iso | en | |
dc.title | 兼容的身分認證與金鑰交換協定 | zh_TW |
dc.title | CAKE: Compatible Authentication and Key Exchange Protocol | en |
dc.type | Thesis | |
dc.date.schoolyear | 109-1 | |
dc.description.degree | 博士 | |
dc.contributor.author-orcid | 0000-0003-0432-1533 | |
dc.contributor.advisor-orcid | 雷欽隆(0000-0002-9011-5025) | |
dc.contributor.oralexamcommittee | 郭斯彥(Sy-Yen Kuo),顏嗣鈞(Hsu-chun Yen),王勝德(Sheng-De Wang),謝續平(Shiuhpyng Shieh),李育杰(Yuh-Jye Lee) | |
dc.contributor.oralexamcommittee-orcid | 郭斯彥(0000-0002-3021-8321),李育杰(0000-0002-9939-1659) | |
dc.subject.keyword | 生物特徵,物聯網,金鑰協議,隱私,物理不可複製函數,智慧城市,遠距醫療系統,第五代行動通訊技術, | zh_TW |
dc.subject.keyword | biometric,IoT,key agreement,privacy,PUF,smart city,TMIS,5G, | en |
dc.relation.page | 180 | |
dc.identifier.doi | 10.6342/NTU202004337 | |
dc.rights.note | 同意授權(全球公開) | |
dc.date.accepted | 2020-11-17 | |
dc.contributor.author-college | 電機資訊學院 | zh_TW |
dc.contributor.author-dept | 電機工程學研究所 | zh_TW |
顯示於系所單位: | 電機工程學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
U0001-1311202015004400.pdf | 6.24 MB | Adobe PDF | 檢視/開啟 |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。