研究生: |
陳華嶽 Hua-Yueh Chen |
---|---|
論文名稱: |
適用於第三代行動通訊系統之金鑰協議機制 Key Agreement Scheme for 3G Mobile Communication Systems |
指導教授: |
吳宗成
Tzong-Chen Wu |
口試委員: |
楊維寧
Wei-Ning Yang 查士朝 Shi-Cho Cha |
學位類別: |
碩士 Master |
系所名稱: |
管理學院 - 資訊管理系 Department of Information Management |
論文出版年: | 2007 |
畢業學年度: | 95 |
語文別: | 中文 |
論文頁數: | 62 |
中文關鍵詞: | 第三代行動通訊 、低資源行動裝置 、群體金鑰協議 |
外文關鍵詞: | Third Generation Mobile Communication, Low-power Devices, Group Key Agreement |
相關次數: | 點閱:176 下載:1 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
使用第三代行動通訊(3G)進行溝通及資訊交換是未來的趨勢。然而,第三代行動通訊系統的安全性只限於用戶與網路端,並無法達到用戶端對端(End-to-end)的安全保護。具身分鑑別之金鑰協議(Key Agreement)機制,可達到用戶之間的身分鑑別並建立交談金鑰(Session Key)以達到秘密通訊的目的。然而,目前適用於3G系統的金鑰協議機制中,除3G系統中既有的密碼模組外,仍需增加許多其他的密碼模組,因此不易實作。有鑑於此,本論文提出的方法利用第三代行動通訊系統現有的函數、簡單的XOR運算、單向雜湊函數(One-way Hash Function)等模組設計出適用於3G系統上的金鑰協議機制,並考量群體通訊的應用,提出群體金鑰協議機制。本論文提出的方法具有以下特點:(1)易於實作於既有的3G系統中;(2)可同時達成身分鑑別與金鑰交換之功能,以達到會議內容的機密性;(3)可以建立群體金鑰,(4)會議成員位置隱密性;(5)可抵抗假冒攻擊與重送攻擊;(6)具金鑰非揭露性(Nondisclosure)、金鑰獨立性(Independence)以及金鑰完整性(Integrity)等安全需求。
Communicating and exchanging information with others by using third generation mobile communication (3G) is the future trend. However, the third generation mobile telecommunication system security is only limited to user-to-network or vice versa. It can not provide end-to-end protection. Mutual authentication and session key establishment can be achieved by authenticated key agreement scheme. Unfortunately, we still need to increase some modules to the current 3G system in order to implement the published low-power device key agreement schemes. Hence we use XOR, one-way hash function and one-way functions existing in the current third generation communication system to design key agreement scheme for 3G. We also propose a group key agreement scheme for the application of group communication. Our scheme will satisfy the following properties: (1) Implement on 3G system easily. (2) Achieve authentication and key agreement to ensure confidentiality of conferences. (3) Establish group key. (4) Ensure privacy of conferees’ locations. (5) Detect fake devices and avoid replay attack. (6) Has session key that is of nondisclosure, independence and integrity.
[1] Wikipedia, “High-Speed Downlink Packet Access”, http://en.wikipedia.org/wiki/High-Speed_Downlink_Packet_Access, 2007
[2] Diffie, W. and Hellman, M.E., “New directions in cryptography”, IEEE Trans. on Information Theory, Vol. IT-22, No.6, pp. 644-654, 1976.
[3] Ingemarsson, I., Tang, I.D., and Wong, C.K., “A conference key distribution system”, IEEE Transactions on Information Theory, Vol. 28, No. 5, pp. 714-720, 1982.
[4] Chang, C.C., Wu, T.C., and Chen, C.P., “The design of a conference key distribution system”, Advances in Cryptology – AUSCRYPT’92, Springer-Verlag, Berlin, pp. 459-466, 1992.
[5] Chen, J.L. and Hwang, T., “Identify-based conference key broadcast schemes with user authentication”, Computer and Security, Vol. 13, No. 1, pp. 53-57, 1994.
[6] Koyama, K. and Ohta, K., “Identity-based conference key distribution system”, Advances in Cryptology – EUROCRYPT’87, Springer-Verlag, Berlin, pp. 175-184, 1987.
[7] Koyama, K. and Ohta, K., “Security of improved identity-based conference key distribution system”, Advances in Cryptology – EUROCRYPT’88, Springer-Verlag, Berlin, pp. 11-19, 1988.
[8] Wu, T.C. and Yeh, Y.S., “A conference key distribution system based on cross-product”, Computers and Mathematics with Applications, Vol. 25, No. 4, pp. 39-46, 1993.
[9] Hwang, M. S. and Yang, W. P., “Conference key distribution protocols for digital mobile communication network,” IEEE Journal on Selected Areas in Communications, vol. 13, no. 2, pp. 416-420, 1995.
[10] Hwang, M. S., “Dynamic Participation in a Secure Conference Scheme for Mobile Communications”, IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 48, NO. 5, 1999.
[11] Xun, Y., Chee, K. S., Chik, H. T., and Yiming, Y., “A Secure Conference Scheme for Mobile Communications”, IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, VOL. 2, NO. 6, 2003.
[12] Xun, Y., Chee, K. S., and Chik, H. T., “A Secure and Efficient Conference Scheme for Mobile Communications”, IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 52, NO. 4, 2003.
[13] Ng, S. L. and Mitchell, C., “Comments on Mutual Authentication and Key Exchange Protocols for Low Power Wireless Communications”, IEEE COMMUNICATIONS LETTERS, VOL. 8, NO. 4, 2004.
[14] Bresson, E., Chevassut, O., Essiari, A. and Pointcheval, D., “Mutual authentication and group key agreement for low-power mobile devices,” Computer Communications, vol. 27, no. 17, pp. 1730-1737, 2004.
[15] Even, S., Goldreich, O., Micali, S., “On-Line/Off-Line digital signatures,” In Crypto’89, Lecture Note in Computer Science 435, Springer, pp. 490-497, Berlin, 1990.
[16] Shamir, A., Tauman, Y., “Improved on-line/off-line signature schemes,” In Crypto’01, Lecture Note in Computer Science 2139, Springer, Berlin, pp. 355-367, 2001.
[17] Nam, J., Kim, S. and Won, D. “A weakpess in the Bresson-Chevassut-Essiari-Pointcheval’s group key agreement scheme for low-power mobile devices,” IEEE Communications Letters, vol. 9, no. 5, pp. 429-431 2005.
[18] Nam, J., Kim, S. and Won, D. “DDH-based group key agreement protocols for mobile devices,” The Journal of System and Software, 78, 73-83, 2005.
[19] Tseng, Y. M., “A secure authenticated group key agreement protocol for resource-limited mobile devices,” The Computer Journal, vol. 50, no. 1, 2007.
[20] 3GPP, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Specification of the MILENAGE Algorithm Set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 1: General(Release 5) ,” 3GPP TS 35. 205 V5.0.0, 2002.
[21] 3GPP, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Specification of the MILENAGE Algorithm Set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 2: Algorithm Specification(Release 5) ,” 3GPP TS 35. 206 V5.0.0, 2002.
[22] 3GPP, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Specification of the MILENAGE Algorithm Set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 5: Summary and results of design and evaluation(Release 5),” 3GPP TS 35. 909 V5.0.0, 2002.
[23] 3GPP, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Specification of the 3GPP Confidentiality and Integrity Algorithms; Document 1: f8 and f9 Specification(Release 5) ,” 3GPP TS 35. 201 V5.0.0, 2002.
[24] 3GPP, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Security Architecture(Release 5) ,” 3GPP TS 33.102 V5.0.0, 2002.
[25] 3GPP, “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Specification of the 3GPP Confidentiality and Integrity Algorithms; Document 2: KASUMI Specification Release 5) ,” 3GPP TS 35. 202 V5.0.0, 2002.
[26] Katz, J. and Yung, M., “Scalable protocols for authenticated group key exchange”, In Crypto’03, Lecture Note in Computer Science 2729, Springer, Berlin, pp. 110-125, 2003.
[27] CCITT, Recommendation X.509, “The directory-Authentication framework,” Consultation Committee, ITU Geneva, 1989.
[28] Miyaguchi, S. Ohta, K. and Iwata, M., “128-bit hash function (n-hash)”, Proceedings of SECURICOM'90, 1990.
[29] National Institute of Standards and Technology, NIST FIPS PUB 180, “Secure hash standard”, U. S. Department of Commerence, 1993.
[30] Lacy, J.B. Mitchel, D.P. and Schell, W.M., “CryptoLib: Cryptography in Software”, UNIX Security Symposium IV Proceeding, USENIX Association, 1993