傳統的換手鑑別（Handover authentication）機制大多關注在行動節點與欲換手至新存取點之間的相互鑑別（Mutual authentication）與金鑰交換（Key exchange），並著重在解決鑑別伺服器金鑰洩漏、減少各角色的儲存空間、通訊成本以及計算效能問題。基於外積運算（Cross product）的特性，本研究將提出一個兼具安全及效能考量的匿名換手鑑別（Anonymous handover authentication）機制。此機制的特點是，允許同一存取點的行動節點可以在不透露自己任何秘密參數的情況下，仍然可以鑑別在同一範圍的其他行動節點及進行金鑰交換，以滿足通訊安全性、身分匿名性及不可追蹤性的要求。

Traditional handover authentication mechanisms are mostly concerned with mutual authentication and key exchange between the mobile node and the new access point which mobile node move from. A lot of research focus on solving authentication server key leakage, reducing storage space for each role, communication costs, and computational performance issues. Based on the characteristics of cross product, this study will propose an anonymous handover authentication mechanism with both security and performance considerations. The feature of this mechanism is allowed mobile nodes at the same access point can authenticate other mobile nodes in the same range and key exchange without revealing any secret parameters of their own, in order to satisfy the requirements of communication security, user anonymity and un-traceability.

[1] D.E. Knuth, “The Art of Computer Programming,” Sorting and Searching, Addison-Wesley, MA , Volume 2 , 1981
[2] D. Boneh, B. Lynn and H. Shacham, “Short signatures from the weil pairing,” Advances in Cryptology — ASIACRYPT 2001, Vol. 2248, 2001, pp. 514-532
[3] D. He, C. Chen, S. Chan, and J. Bu, “Secure and efficient handover authentication based on bilinear pairing functions,” IEEE Transactions Wireless Communications, Vol. 11, No. 1, 2012, pp. 48–53
[4] D. He, C. Chen, S. Chan, and J. Bu, “Analysis and improvement of a secure and efficient handover authentication for wireless networks,” IEEE Communications Letters, Vol. 16, no. 8, 2012, pp. 1270–1273
[5] D. He, M. Khan, and N. Kumar, “A new handover authentication protocol based on bilinear pairing functions for wireless networks,” International Journal of Ad Hoc and Ubiquitous Computing, Vol. 18, 2015, pp. 67–74
[6] G.Li, Q. Jiang, F. Wei, and G.Ma, “A new privacy-aware handover authentication scheme for wireless networks,” Wireless Personal Communications, Vol. 80, 2015, pp. 581–589
[7] J. Choi and S. Jung, “A handover authentication using credentials based on chameleon hashing,” IEEE Communications Letters, Vol. 14, no. 1, 2010, pp. 54-56
[8] J.L. Tsai, N.W. Lo, and T.C. Wu, “Secure handover authentication protocol based on bilinear pairings,” Wireless Personal Communications, Vol. 73, no. 3, 2013, pp. 1037– 1047
[9] K. Tan, and H. Zhu, “Remote password authentication scheme based on cross-product,” Computer Communications, Vol. 18, 1999, pp. 390–393
[10] Ν. Koblitz, “Elliptic curve cryptosystems,” Mathematics of Computation, Vol. 48, 1987, pp. 203-209
[11] NIST FIPS PUB 180, “Secure Hash Standard,” National Institute of Standards and Technology, U.S. Department of Commerce, DRAFT, 1993.
[12] S.C. Pohlig, M.E. Hellman, “An improved algorithm for computing logarithms over GF(p) and its cryptographic significance,” IEEE Transactions on Information Theory, 1978, pp. 106–110.
[13] S.H. Islam, and M.K. Khan, “Provably secure and pairing-free identity-based handover authentication protocol for wireless mobile networks,” International Journal of Communication Systems, Vol. 29, 2014, pp. 2442–2456
[14] S.L. Yeo, W.S. Yap, J.K. Liu, and M. Henricksen, “Comments on “Analysis and Improvement of a Secure and Efficient Handover Authentication Based on Bilinear Pairing Functions”,” IEEE Communications Letters, Vol. 17, no. 8, 2013, pp. 1521- 1523
[15] S.A. Chaudhry, M.S. Farash, H. Naqvi, S.H. Islam, and T. Shon, “A robust and efficient privacy aware handover authentication scheme for wireless networks,” Wireless Personal Communications, 2015, pp. 1-25
[16] T.C. Wu, and Y.S. Yeh, “A conference key distribution system based on cross-product, ” Computers & Mathematics with Applications, Vol. 25 , 1993, pp. 39-46
[17] T.C. Wu, and T.S. Wu, “Group commitment protocol based on zero knowledge proofs,” Computer Communications, Vol. 18, 1995, pp. 654-656
[18] W. Diffie, and M.E. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, Vol. 22, no.6, 1976, pp. 644-654
[19] W.C. Jakes, D.C Cox, “Microwave Mobile Communications,” John Wiley and Sons, 1974
[20] W. Wang, and L. Hu, “A secure and efficient handover authentication protocol for wireless networks,” Sensors, Vol. 14, 2014, pp. 11379–11394
[21] Y. Xie, L. Wu, N. Kumar, and J.Shen, “Analysis and improvement of a privacy-aware handover authentication scheme for wireless network,” Wireless Personal Communications, Vol. 93, 2017, pp. 523-541