Basic Search / Detailed Display

Author: 呂崇富
Chung-Fu Lu
Thesis Title: 適用於無線網路之無憑證可鑑別群體金鑰協議機制
Certificateless Authenticated Group Key Agreement Schemes for Wireless Networks
Advisor: 吳宗成
Tzong-Chen Wu
Committee: 雷欽隆
Chin-Laung Lei
Chung-Huang Yang
Chien-Lung Hsu
Yuan-Cheng Lai
Degree: 博士
Department: 管理學院 - 資訊管理系
Department of Information Management
Thesis Publication Year: 2011
Graduation Academic Year: 99
Language: 英文
Pages: 96
Keywords (in Chinese): 無憑證鑑別橢圓曲線群體金鑰協議非平衡無線網路隱私第三代行動通訊低資源行動裝置
Keywords (in other languages): unbalanced wireless networks
Reference times: Clicks: 386Downloads: 8
School Collection Retrieve National Library Collection Retrieve Error Report
  • 由於無線環境易遭側錄與非平衡等特性,在無線網路中提供群體通訊的安全及隱私保護就更加值得關切。本論文分別針對無線區域網路以及行動通訊網路的群體通訊應用所面臨的相關議題,提出多種安全且有效率的可鑑別群體金鑰協議機制,使群體通訊可達到相互鑑別、抵抗假冒攻擊、金鑰確認及群體金鑰更新等需求與特性。


    欲將既行的群體金鑰協議機制實作應用於通用移動通訊系統(Universal Mobile Telecommunications System,縮寫:UMTS),則仍須在既行的UMTS架構中增加許多額外的密碼函數或模組,因此實作上較不可行。有鑑於此,本論文基於既行的UMTS架構提出一個可鑑別群體金鑰協議(uAGKA)機制,該機制可以同時建立三種會談金鑰,其中群體金鑰可運用於群體機密通訊,另兩種金鑰則可運用於子群體應用服務或群體金鑰更新。本論文提出的uAGKA機制因為僅須使用既行的UMTS安全功能函數及互斥或運算,所以可以直接相容於既行的UMTS架構,並在設計上也可滿足既行的UMTS標準之合法監聽需求與特性。

    Due to the vulnerable to eavesdropping and unbalance properties of the wireless environments, the security and privacy protection for group communication on the open wireless networks has become an increasing concern. This dissertation considers the subjects of group communication applications for wireless local area networks and mobile communication networks to propose secure and efficient authenticated group key agreement schemes. They can achieve the security requirements of mutual authentication, impersonation attack resistance, explicit key confirmation, and group key updating for group communications.

    This dissertation first presents a wireless authenticated group key agreement scheme (wAGKA) for general wireless networks. Then we propose a wireless authenticated group key agreement scheme with privacy-preservation (wAGKA-PP) based on the proposed wAGKA scheme. Elaborating on merits of the certificateless public keys and elliptic curve cryptography, the entity authentication and the authenticity of the intended public keys can be simultaneously verified in a logically single step without requiring any public key certificates. And, bit sizes of the keys and the related messages are relatively smaller than those of the previously proposed schemes for the same security level. They save the required communication overheads, and computational complexities. Furthermore, the proposed wAGKA-PP scheme provides the property of user anonymity. The proposed wAGKA and wAGKA-PP schemes are more secure and efficient than previously proposed schemes for general wireless networks.

    In order to implement the current group key agreement schemes into the UMTS, it needs to increase some extra security functions or modules to the existing UMTS framework but that is non-feasible. Hence, this dissertation proposes a UMTS authenticated group key agreement scheme (uAGKA) based on UMTS framework. The proposed uAGKA scheme can establish three types of secret keys shared by the participant users. One key is used for secure group communication and the other keys can be used for group key updating or subgroup applications. The proposed uAGKA scheme is compatible to UMTS architecture since it exploits only the existing UMTS security functions and exclusive-or (XOR) operation. And, it can achieve the lawful interception requirement and recommendations in existing UMTS standards.

    中文摘要 i ABSTRACT iii 誌謝 v TABLE OF CONTENTS vi LIST OF FIGURES ix LIST OF TABLES x SYMBOLS xi Chapter 1 Introduction 1 1.1 Background 2 1.1.1 Issues on AGKA for Wireless Networks 2 1.1.2 Issues on AGKA for UMTS 4 1.1.3 Considerations to Designing Secure AGKA Schemes 6 1.2 Motivation and Objective 9 1.3 Organization of Dissertation 10 Chapter 2 Preliminaries 11 2.1 Self-certified Public Keys 11 2.2 Related Security Problems and Assumptions 13 2.2.1 Elliptic Curve Discrete Logarithm Problem 13 2.2.2 One Way Hash Function Assumption 14 2.2 Related works 15 2.3.1 Authenticated Key Agreement 15 2.3.2 Authenticated Group Key Agreement (AGKA) 22 Review of Bresson et al.’s scheme 23 Review of Tseng’s scheme 26 Chapter 3 Proposed AGKA Schemes for General Wireless Networks 30 3.1 The Proposed wAGKA Scheme 31 3.1.1 System Setup Phase 31 3.1.2 Node Registration Phase 32 3.1.3 Authenticated Group Key Agreement Phase 33 3.1.4 Node Leaving Phase 37 3.1.5 Node Joining Phase 39 3.2 The Proposed wAGKA-PP Scheme 42 3.2.1 System Setup Phase 42 3.2.2 Node Registration Phase 43 3.2.3 Authenticated Group Key Agreement Phase 43 3.2.4 Node Leaving Phase 46 3.2.5 Node Joining Phase 48 3.3 Security Analyses 51 3.4 Performance Evaluations 58 3.5 Discussions 63 Chapter 4 Proposed AGKA Scheme for UMTS 67 4.1 The Proposed uAGKA Scheme 68 4.1.1 User Registration Phase 69 4.1.2 Mutual Authentication Phase 69 4.1.3 Group Key Agreement Phase 70 4.1.4 Key Updating Phase 75 4.2 Security Analyses 76 4.3 Performance Evaluations 78 4.4 Implementation Considerations 79 Chapter 5 Concluding Remarks 82 5.1 Conclusions 82 5.2 Further Works 85 Bibliography 86 Biography 92

    [3GPP01] 3GPP TS 33.103, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Integration Guidelines,” V4.2.0 (2001).
    [3GPP09a] 3GPP TS 33.102, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Security Architecture,” V9.1.0 (2009).
    [3GPP09b] 3GPP TS 33.105, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Cryptographic Algorithm Requirements,” V9.0.0 (2009).
    [3GPP09c] 3GPP TS 33.106, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Lawful Interception Requirements,” V9.0.0 (2009).
    [3GPP09d] 3GPP TS 33.107, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Lawful Interception Architecture and Functions,” V9.0.0 (2009).
    [3GPP09e] 3GPP TS 33.108, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Handover Interface for Lawful Interception (LI),” V9.1.0 (2009).
    [AST00] Ateniese, G., Steniner, M., and Tsudik, G., “New Multiparty Authentication Services and Key Agreement Protocols,” IEEE Journal on Selected Areas in Communications, Vol.18, No.4, pp.628-639 (2000).
    [AST98] Ateniese, G., Steiner, M., and Tsudik, G., “Authenticated Group Key Agreement and Friends,” Proceedings of the 5th ACM Conference on Computer and Communications Security, San Francisco, CA, USA, pp.17-26 (1998).
    [BCEP04] Bresson, E., Chevassut, O., Essiari A., and Pointcheval, D., “Mutual Authentication and Group Key Agreement for Low-Power Mobile Devices,” Computer Communications, Vol.27, No.17, pp. 1730-1737 (2004).
    [BCP01] Bresson, E., Chevassut, O., and Pointcheval, D., “Provably Authenticated Group Diffie-Hellman Key Exchange – the Dynamic Case,” Advances in Cryptology - ASIACRYPT 2001, 7th International Conference on the Theory and Application of Cryptology and Information Security, Gold Coast, Australia, pp.290-309 (2001).
    [BM98] Blake-Wilson, S., and Menezes, A., “Authenticated Diffie-Hellman Key Agreement Protocols,” Proceedings of the 5th Annual Workshop on Selected Areas in Cryptography:SAC’98, Kingston, Ontario, Canada, pp.339-361 (1998).
    [BPR00] Bellare, M., Pointcheval, D., and Rogaway, P., “Authenticated Key Exchange Secure Against Dictionary Attacks,” Advances in Cryptology - EUROCRYPT 2000, International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, pp.139-155 (2000).
    [BSS99] Blake, I., Seroussi, G., and Smart, N., “Elliptic Curves in Cryptography,” Cambridge University Press, Cambridge, UK. (1999).
    [CC07] Chow, S.S.M., and Choo, K.K.R., “Strongly-Secure Identity-Based Key Agreement and Anonymous Extension,” proceedings of the 10th Information Security Conference (ISC 2007), Delft, Netherlands, pp.203-220 (2007).
    [Chi07] Chien, H.Y., “ID-Based Key Agreement with Anonymity for Ad Hoc Networks,” Proceedings of the 2007 international conference on Embedded and ubiquitous computing, Taipei, Taiwan, pp.333-345 (2007).
    [CHY06] Chen, T.S., Hsu, E.T., and Yu, Y.L., “A New Elliptic Curve Undeniable Signature Scheme,” International mathematical Journal, Vol.1, No.31, pp. 1529-1536 (2006).
    [CLS06] Contini, S., Lenstra, A.K., and Steinfeld, R., “VSH, an Efficient and Provable Collision-Resistant Hash Function,” Advances in Cryptology - EUROCRYPT 2006, 25th Annual International Conference on the Theory and Applications of Cryptographic Techniques, St. Petersburg, Russia, pp. 165-182 (2006).
    [DH76] Diffie, W., and Hellman, M., “New Directions in Cryptography,” IEEE Transactions on Information Theory, Vol.22, No.6, pp. 644-654 (1976).
    [DOW92] Diffie, W., van Oorschot, P.C., and Wiener, M.J., “Authentication and Authenticated Key Exchange,” Designs, Codes, and Cryptography, Vol.2, No.2, pp. 107-125 (1992).
    [ElG85] ElGamal, T., “A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,” IEEE Transactions on Information Theory, Vol.31, No.4, pp. 469-472 (1985).
    [Gir91] Girault, M., “Self-certified Public Keys,” Advances in Cryptology - EUROCRYPT '91, Workshop on the Theory and Application of Cryptographic Techniques, Brighton, UK, pp.490-497 (1991).
    [HHM00] Hankerson, D., Hernandez, J.L., and Menezes, A., “Software Implementation of Elliptic Curve Cryptography over Binary Fields,” Proceedings of Second Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '00), C.K. Koc and C. Paar, eds., pp. 1-24 (2000).
    [IEEE09] IEEE P1363, “Standard Specifications for Public Key Cryptography,” IEEE Working Group, (2009).
    [JKC09] Jing, D., Kurt, A., and Cristina, N.R., “Secure Group Communication in Wireless Mesh Networks,” Ad Hoc Networks, Vol.7, No.8, pp. 1563-1576 (2009).
    [Jua04] Juang, W.S., “Efficient Password Authenticated Key Agreement Using Smart Cards,” Computers and Security, Vol.23, No.2, pp. 167-173 (2004)
    [KMV00] Koblitz, N., Menezes, A., and Vanstone, S., “The State of Elliptic Curve Cryptography,” Designs, Codes and Cryptography, Vol.19, No.2, pp.173-193 (2000).
    [Kob87] Koblitz, N., “Elliptic Curve Cryptosystems,” Mathematics of Computation, Vol.48, No.177, pp. 203-209 (1987).
    [KRIY05] Kim, W.H., Ryu, E.K., Im, J.Y., and Yoo, K.Y., “New Conference Key Agreement Protocol with User Anonymity,” Computer Standards & Interfaces, Vol.27, No.2, pp.185-190 (2005).
    [KW00] Ku, W.C., and Wang, S.D., “Cryptanalysis of Modified Authenticated Key Agreement Protocol,” IEE Electronics Letters, Vol.36, No.21, pp. 1770-1771 (2000).
    [LKKY03] Lee, S.W., Kim, W.H., Kim, H.S., and Yoo, K.Y., “Parallizable Simple Authenticated Key Agreement Protocol,” ACM Operating Systems Review, Vol.37, No.3, pp. 17-22 (2003).
    [LLT09] Lee, C.C., Lin, T.H., and Tsai, C.S., “A New Authenticated Group Key Agreement in a Mobile Environment,” Annals of Telecommunications, Vol.64, No.11-12, pp. 735-744 (2009).
    [LWH09] Lu, C.F., Wu, T.C., and Hsu, C.L., “Certificateless Authenticated Group Key Agreement Protocol for Unbalanced Wireless Mobile Networks,” WSEAS Transactions on Communications, Vol.11, No.8, pp.1145-1159 (2009).
    [Men93] Menezes, A., “Elliptic Curve Public Key Cryptosystems,” Kluwer Academic Publishers, Boston, MA. (1993).
    [Mil85] Miller, V., “Use of Elliptic Curves in Cryptography,” Advances in Cryptology- CRYPTO’85, Santa Barbara, California, USA, pp. 417-426 (1985).
    [MK06] Mangipudi1, K., and Katti, R., “A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) “, Computers & Security, Vol.25, No.6, pp.420-425 (2006).
    [MOV97] Menezes, A., van Oorschot, P.C., and Vanstone, S., “Handbook of Applied Cryptography,” CRC Press, Boca Raton (1997).
    [MS10] Manulis, M., Sadeghi, A.R., “Key Agreement for Heterogeneous Mobile Ad-Hoc Groups,” International Journal of Wireless and Mobile Computing, Vol.4, No.1, pp. 17-30 (2010).
    [NIST00] NIST FIPS 186-2, “Digital Signature Standard (DSS),” NIST, Gaithersburg, MD, USA (2000).
    [NIST07] NIST FIPS 180-3, “Secure Hash Standard (SHS),” NIST, Gaithersburg, MD, USA (2007).
    [NKW05] Nam, J., Kim, S., and Won, D., “A Weakness in The Bresson-Chevassut-Essiari-Pointcheval’s Group Key Agreement Scheme for Low-Power Mobile Devices,” IEEE Communications Letters, Vol.9, No.5, pp.429-431 (2005).
    [NLKW05] Nam, J., Lee, J., Kim, S., and Won, D., “DDH-Based Group Key Agreement in a Mobile Environment,” The Journal of System and Software, Vol.78, No.1, pp. 73-83 (2005).
    [NM04] Ng, S.L., and Mitchell, C., “Comments on Mutual Authentication and Key Exchange Protocols for Low Power Wireless Communications,” IEEE Communications Letters, Vol.8, No.4, pp. 262-263 (2004).
    [PH97] Petersen, H., and Horster, P., “Self-Certified Keys Concepts and Applications,” Communications and Multimedia Security: Volume 3: Proceedings of the 3rd Joint Working Conference of IFIP TC6 and TC11, Athens, Greece, pp.102-116 (1997).
    [PKK09] Park, H., Kim, Z., and Kim, K., “Forward Secure ID-Based Group Key Agreement Protocol with Anonymity,” Proceedings of of the Third International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2009), Athens/Glyfada, Greece, pp.274-279 (2009).
    [RFC06] RFC 4992, “Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS),” TLS Working Group, Internet Engineering Task Force (IETF) (2006).
    [Rom01] Romer, K., “Time Synchronization in Ad Hoc Networks,” Proceedings of the 2nd ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 01), Long Beach, CA, USA, pp. 173-182 (2001).
    [SS99] Seo, D., and Sweeny P., “Simple Authenticated Key Agreement Algorithm,” IEE Electronics Letter, Vol.35, No.13, pp. 1073-1074 (1999).
    [ST01] Shamir, A., and Tauman, Y., “Improved On-Line/Off-Line Signature Schemes,” Proceedings of Advances in Cryptology - Crypto’01, LNCS 2139, pp. 355-367 (2001).
    [SY09] Sun, B., and Yu, B., “The Three-Layered Group Key Management Architecture for MANET,” Proceedings of the 11th International Conference on Advanced Communication Technology, Phoenix Park, Gangwon-do, South Korea, pp.1378-1381 (2009).
    [Tsa05] Tsaur, W.J., “Several Security Schemes Constructed Using ECC-Based Self-Certified Public Key Cryptosystems,” Applied Mathematics and Computation, Vol.168, No.1, pp.447-464 (2005).
    [Tse00] Tseng, Y.M., “Weakness in Simple Authenticated Key Agreement Protocol,” IEE Electronics Letter, Vol.36, No.1, pp. 48-49 (2000).
    [Tse06] Tseng, Y.M., “On the Security of Two Group Key Agreement Protocols for Mobile Devices,” In International Workshop on Future Mobile and Ubiquitous Information Technologies (FMUIT2006), Nara, Japan, pp.59-62 (2006).
    [Tse07] Tseng, Y.M., “A Secure Authenticated Group Key Agreement Protocol for Resource-Limited Mobile Devices,” The Computer Journal, Vol.50, No.1, pp. 41-52 (2007).
    [UD06a] Um, H., and Delp, E.J., “A Secure Group Key Management Scheme for Wireless Cellular Networks,” Proceedings of the Third International Conference on Information Technology: New Generations (ITNG’06), Las Vegas, Nevada, USA, pp. 414-419 (2006).
    [UD06b] Um, H., and Delp, E.J., “A New Secure Group Key Management Scheme for Multicast over Wireless Cellular Networks,” Proceedings of the 25th IEEE International Performance Computing and Communications Conference (IPCCC’06), Phoenix, Arizona, USA, pp. 23-30 (2006).
    [WJWL07] Wang, R.C., Juang, W.S., Wu, C.C., and Lei, C.L., “A Lightweight Key Agreement Protocol with User Anonymity in Ubiquitous Computing Environments,” Proceedings of International Conference on Multimedia and Ubiquitous Engineering, Seoul, South Korea, pp.313-318 (2007).
    [WRLP08] Wan, Z., Ren, K., Lou, W., and Preneel, B., “Anonymous ID-Based Group Key Agreement for Wireless Networks,” Proceedings of IEEE Wireless Communications and Networking Conference, Las Vegas, USA, pp.2615-2620 (2008).
    [Ys02] Yeh, H.T., and Sun H.M., “Simple Authenticated Key Agreement Protocol Resistant to Password Guessing Attacks,” ACM Operating Systems Review, Vol.36, No.4, pp. 14-22 (2002).