簡易檢索 / 詳目顯示

回結果列表
研究生: 謝文彬
Wen-bin Hsieh
論文名稱: 通訊網路環境中安全身份認證協定之研究
Secure Authentication Schemes in Communication Networks
指導教授: 呂政修
Jenq-Shiou Leu
口試委員: 石維寬
Wei-Kuan Shih
楊武
Wuu Yang
徐讚昇
Tsan-sheng Hsu
阮聖彰
Shanq-Jang Ruan
陳省隆
Hsing-Lung Chen
吳晉賢
Chin-Hsien Wu 
陳俊良
Jiann-Liang Chen
學位類別: 博士
Doctor
系所名稱: 電資學院 - 電子工程系
Department of Electronic and Computer Engineering
論文出版年: 2013
畢業學年度: 101
語文別: 英文
論文頁數: 93
中文關鍵詞: 認證橢圓曲線單向雜湊函數智慧卡行動通訊無線感測網路
外文關鍵詞: one way hash function, elliptic curve, smart card, mobile communication, wireless sensor network, authentication
相關次數: 點閱:344下載:5
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 隨著各式各樣的網路興起及頻寬的改善,透過網路進行通訊的應用比起過去的十年,成長了數百倍,藉由不同的傳輸媒介,應用在如無線感測網路、無線存取網路及行動通訊網路等環境。在多樣化的應用下,如何在不安全的通道下,認證通訊的雙方並建立起一個安全保密的連線便成了一個重要的議題。相互認證確保網路上訊息發送者與接受者的合法性,允許被授權者存取有限的資源,也保護服務提供者不被非法者攻擊。而根據安全強度、通訊成本及計算量的高低,不同的終端設備採用的密碼元件也有所不同。譬如在行動通訊上,在相同安全強度下,基於橢圓曲線密碼系統的相互認證機制更有效率、更節省資源;而建構在單向雜湊函數之相互認證機制,此類方法計算複雜度最低,更適用在無線網路環境之電子交易,如無線感測網路及行動商務。本學位論文重點在發展建立安全通訊的身份認證,研究主題涵蓋以下三項:(一)無線網路環境的身份認證、(二)主從式架構下的認證協定及(三)智慧型手機中機敏資料的保護機制。
    我們首先針對兩種網路環境─無線存取網路及無線感測網路─分別提出適用之安全認證協定。在無線存取網路中,我們利用橢圓曲線密碼系統快速加解密的優點提出了個適用於行動裝置上的使用者匿名認證機制,改善了先前相關文獻的計算效率,並藉由修改運算的步驟,避免先前參考文獻可能遭遇到的惡意攻擊,如阻斷服務攻擊及使用者身份追蹤等。而在感測器網路環境中,我們也提出了植基於單向雜湊函數上之認證協議。由於我們所提出的方法只利用到單向雜湊函數及互斥或的運算,因此與其他感測器網路上之認證協議比較,我們的方法更加地實用且有效率。
    接著,我們進一步利用單向雜湊函數低計算複雜度之特性,提出一個適用於主從式架構的相互身份認證協定,我們根據參考的文獻,分析其可能遭受的攻擊,在嚴格的安全假設下,提出了改善方法,與傳統相似的認證機制相比,所提出的協定能以更好的運算效率達到相同或更高的安全強度。最後,我們針對日異普及且在行動網路上扮演重要角色的終端設備─採用Android平台之智慧型手機─提出了一個安全防護機制,有效的保護儲存在智慧卡之機敏參數。同時參考近年來廣泛提出之基於智慧卡之安全認證協定,將所提出之機敏參數保護機制整合到相關參考文獻,使安全認證機制的整體安全性更加提升。

    With the rise of a variety of networks and the improvement of bandwidth, communication applications over networks have grown hundreds of times than it was decade ago. Through different media, it is applied to wireless sensor networks, wireless access networks, mobile communication networks and so forth. In diversified applications, how to authenticate communication entities and build a secure and confidential connection over an insecure channel becomes a very important issue. Mutual authentication ensures that the legality of the message senders and the receivers on networks, allowing authorized users to access to limited resources, and also protects the service providers avoid attacks from illegal users. Considering security strength, communication cost and computing cost, different terminals adopt different cryptographic components. For example, in the same security strength, elliptic curve cryptosystem-based mutual authentication mechanisms are more efficient and more resource-saving in mobile communications. One way hash function-based mutual authentication mechanisms, which have the lowest computing complexity, are more applicable in electronic transactions on a wireless network such as wireless sensor networks and mobile commerce. The focus of this dissertation is in developing identity authentications to establish a secure communication. The research topics cover the following three: (a) authentication in wireless network environments (b) the master-slave architecture authentication protocol and (c) sensitive data protection mechanisms in smart phones.
    First we propose suitable secure authentication protocols for wireless access networks and wireless sensor networks respectively. In wireless access networks, we utilize the advantage of elliptic curve cryptosystem, fast encryption and decryption, to propose a user anonymous authentication mechanism suitable for mobile devices. The proposed protocols not only improve the efficiency but also avoid the possible malicious attacks on the previous protocol such as a denial of service attack and a user identity trace attack. Moreover, in wireless sensor networks, we also propose an authentication protocol based on one way hash function. Since the proposed protocol only needs one way hash function and exclusive-or operations, compared to other protocols in wireless sensor networks, it is more practical and more efficient.
    Subsequently, we further use the feature of one way hash function which has low computing complexity to propose a mutual identity authentication protocol for client-server architectures. According to reference materials, we analyze the possible attacks and propose an improvement under strict assumptions. Compared to other traditional authentication protocols, the proposed protocol can use more efficient computing cost to achieve the same or higher security strength.
    Finally, in mobile networks, we focus on the popular terminals, android based smart phones, to propose a secure protection mechanism. The mechanism can protect sensitive data in smart cards effectively. Meanwhile, we refer to widely proposed smart card-based authentication protocols in recent years and integrate the proposed protection mechanism into related reference materials to enhance the whole security of the authentication mechanism.

    誌謝 i 中文摘要 ii Abstract iv Chapter 1 Introduction 1 1.1 Background and Objects 1 1.2 Motivation and Contributions 2 1.3 Dissertation Organization 4 Chapter 2 Elliptic Curve Cryptosystem and BAN Logic 5 2.1 Elliptic Curve Cryptosystem 5 2.2 BAN Logic 9 Chapter 3 Related Work 13 3.1 Wireless Access Networks 13 3.2 Wireless Sensor Networks 15 3.3 Client-Server Architectures 16 3.4 Secure Mechanism in Smart Phone 18 Chapter 4 Anonymous Authentication Protocol Based on Elliptic Curve Diffie-Hellman for Wireless Access Networks 20 4.1 Review of the Chen et al. Scheme 20 4.2 The Denial of Authentication Attack 23 4.3 The Proposed Scheme 24 4.4 Security and Performance Analysis 29 4.5 Chapter Summary 35 Chapter 5 A Dynamic Identity User Authentication Scheme in Wireless Sensor Networks 37 5.1 Review of Vaidya et al. Scheme 37 5.2 Attacks on Vaidya et al. Scheme 40 5.3 The Proposed Scheme 42 5.4 Security and Performance Analysis 47 5.5 Chapter Summary 49 Chapter 6 Exploiting Hash Functions to intensify the Remote User Authentication Scheme 51 6.1 Review of Hsiang et al.'s Scheme 51 6.2 Attacks Review 53 6.3 Our Proposed Scheme 57 6.4 Cryptanalysis of the Proposed Scheme 62 6.5 Performance Analysis 65 6.6 Chapter Summary 66 Chapter 7 Securing Smart Phones by using an Improved Mutual Authentication Mechanism 67 7.1 Review of the Li et al. Scheme 67 7.2 Issues Present in the Li et al. Scheme 69 7.3 Attacks on Smart Phones 70 7.4 Proposed Security Mechanism for Smart Phones 72 7.5 Protection Mechanism and Security Analysis 76 7.6 Chapter Summary 80 Chapter 8 Conclusions and Future works 81 8.1 Conclusions 81 8.2 Future works 82 Reference 84 附錄 93

    1. W.S. Juang, C.L. Lei, and C.Y. Chang, “Anonymous channel and authentication in wireless communications,” Computer Communications, Vol. 22, pp. 1502-1511 (1999).

    2. M.G. Rahman, and H. Imai, “Security in wireless communication,” Wireless Personal Communications, Vol. 22, No. 2, pp. 213-228 (2002).

    3. L. Harn, and H. Lin, “Authentication in wireless communications”, IEEE Global Telecommunications Conference GLOBECOM ’93, Houston, USA, November 29~December 2, 1993, pp. 550--554.

    4. A.M. Barbancho, and A. Peinado, “Cryptanalysis of anonymous channel protocol for large-scale area in wireless communications,” Computer Networks, Vol. 43, pp. 777-785 (2003).

    5. J. Zhu, and J. Ma, “A new authentication scheme with anonymity for wireless environments,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 1, pp. 231-235 (2004).

    6. C.C. Lee, M.S. Hwang, and I.E. Liao, “Security enhancement on a new authentication scheme with anonymity for wireless environments,” IEEE Transactions on Industrial Electronics, Vol. 53, No. 5, pp. 1683–1687 (2006).

    7. A. Peinado, “Privacy and authentication protocol providing anonymous channels in GSM,” Computer Communication, Vol. 27, pp. 1709-1715 (2004).

    8. W.D. Lin, and J. Jan, “A wireless-based authentication and anonymous channels for large scale area,” Proceedings of the 6th IEEE Symposium on Computers and Communication, 2001, pp. 36-41.

    9. H. Fathi, S. Shin, K. Kobara, and H. Imai, “Protocols for Authenticated Anonymous Communications,” IEEE 18th International Symposium on Personal, Indoor and Mobile Radio Communications PIMRC ’07 . Athens, Greece, September 3~September 7, 2007, pp. 1-5.

    10. C.Y. Lee, C.C. Chang, C.H. Lin, “User authentication with anonymity for global mobility networks,” Proceedings of IEE Mobility Conference: The Second Asia Pacific Conference on Mobile Technology, Applications and Systems, Guangzhou, China, November 15~November 7, 2005, pp. 1–5.

    11. Y.C. Chen, S.C. Chuang, L.Y. Yeh and J.L. Huang, “A practical authentication protocol with anonymity for wireless access networks,” Wireless Communications and Mobile Computing, Vol. 11, pp. 1366-1375 (2010).

    12. C.C. Yang, Y.L. Tang, R.C. Wang, and H.W. Yang, “A secure and efficient authentication protocol for anonymous channel in wireless communications,” Applied Mathematics and Computation, Vol. 169, No. 2, pp. 1431-1439 (2005).

    13. N. Koblitz. “Elliptic curve cryptosystems,” Mathematics of Computation., Vol. 48, pp. 203-209 (1987).

    14. W. Diffie, and M. E. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, Vol. 22, No. 6, pp. 644-654 (1976).

    15. R. Zucceratto, and C. Adams, “Using Elliptic Curve Diffie-Hellman in the SPKM GSS-API,” IETF Internet Draft, August 1999.

    16. Lidong Chen, “SP 800-56C. Recommendation for Key Derivation through Extraction-then-Expansion,” National Institute of Standards & Technology, Gaithersburg, MD, 2011.

    17. J.M. Pollard, “Monte Carlo Methods for Index Computation (mod p),” Mathematics of Computation, Vol. 32, No. 143, pp. 918-924 (1978).

    18. J.M. Pollard, “Factoring with Cubic Integers.” Reprinted in The Development of the Number Field Sieve, Lecture Notes in Mathematics 1554. A.K. Lenstra, H.W. Lenstra, and Jr., Eds., pp. 4-10 (1993).

    19. S. Pohlig, and M. Hellman, “An Improved Algorithm for Computing Logarithms over GF(p) and its Cryptographic Significance,” IEEE Transactions on Information Theory, Vol. 24, pp 106–110 (1978).

    20. R. Crandall. (1999). Parallelization of Pollard-rho factorization, manuscript [Online]. Available: http://www.perfsci.com.

    21. Digital Signature Standard (DSS), FIPS PUB 186-3, 2009.

    22. Standards for Efficient Cryptography Group (SECG), “SEC 1: Elliptic Curve Cryptography," Version 1.0, September 2000.

    23. M. Burrows, M. Abadi, R. Needham, “A logic of authentication,” ACM Transaction on Computer System, Vol. 8, No. 1, pp. 18-36 (1990).

    24. J.L. Tsai, T.C. Wu, K.Y. Tsai, “New dynamic ID authentication scheme using smart cards,” International Journal of Communication Systems, Vol.23, pp. 1449-1462 (2010).

    25. B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd ed, John Wiley & Sons, Inc., New York, NY, 1995

    26. CCITT, Draft Recommendation X.509, The Directory-Authentication Framework, Consultation Committee, International Telephone and Telegraph, International Telecommunications Union, Geneva, 1987.

    27. R.J. Anderson, "A Second Generation Electronic Wallet," Proceedings of the Second European Symposium on Research in Computer Security ESORICS ’92, Toulouse, France, November 23~ November 25, 1992, pp. 411-418.

    28. A. Aziz, and W. Diffie, “Privacy and Authentication for Wireless Local Area Networks,” IEEE Personal Communications, Vol. 1, No. 1, pp. 25-31 (1994).

    29. B.C. Neuman, and S. Stubblebine, “A Note on the Use of Timestamps as Nonces,” Operating Systems Review, Vol. 27, No. 2, pp. 10-14 (1993).

    30. T. S. Chen, K. H. Huang, and Y. F. Chung, “Digital multi-signature scheme based on the elliptic curve cryptosystem,” Journal of Computer Science and Technology, Vol. 19, No. 4, pp. 570-573 (2004).

    31. C.T. Li, M.-S. Hwang, and Y.P. Chu, “A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular d hoc networks,” Computer Communication, Vol. 31, pp. 2803-2814 (2008).

    32. N. Koblitz, A.J. Menezes, and S.A. Vanstone, `”The state of elliptic curve cryptography,” Designs, Codes and Cryptography, Vol. 19, No. 2-3 , pp. 173-193 (2000).

    33. L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, Vol. 24, No. 11, pp. 770–772 (1981).

    34. S.M. Yen, and K.H. Liao, “Shared authentication token secure against replay and weak key attack,” Information Processing Letters, Vol. 62, No. 2, pp. 78–80 (1997).

    35. R.E. Lennon, S.M. Matyas, and C.H. Mayer, “Cryptographic authentication of time-invariant quantities,” IEEE Transactions on Communications, Vol. 29, No. 6, pp. 773–777 (1981).

    36. M. Peyravian, and N. Zunic, “Methods for protecting password transmission,” Computers & Security, Vol. 19, No. 5, pp. 466-469 (2000).

    37. J.J. Hwang, and T.C. Yeh, “Improvement on Peyravian-Zunic’s Password Authentication Schemes,” IEICE Transactions on Communications, Vol.E85-B, No.4, pp. 823–825 (2002).

    38. C.C. Lee, L.H. Li, and M.S. Hwang, “A Remote User Authentication Scheme Using Hash Functions,” ACM SIGOPS Operating System Review, Vol. 36. No. 4, pp. 23-29 (2002).

    39. H.Y. Chien, J.K. Jan, Y.M. Tseng, “An efficient and practical solution to remote authentication smart card,” Computers & Security, Vol 21, No. 4, pp. 372–375 (2002).

    40. W.C. Ku, and S.M. Chen, “Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 1 pp. 204–207 (2004).

    41. E.J. Yoon, E.K. Ryu, and K.Y. Yoo, “Further improvement of an efficient password based remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 2, pp. 612–614 (2004).

    42. H. C. Hsiang and W. K. Shih, “Weaknesses and improvements of the Yoon-Ryu-Yoo remote user authentication scheme using smart cards,” Computer Communications, Vol. 32, No. 4, pp. 649-652 (2009).

    43. D. He, J. Chen, and J. Hu, “Weaknesses of a Remote User Password Authentication Scheme Using Smart Card,” International Journal of Network Security, Vol. 13, No. 1, pp. 58-60 (2011).

    44. D. He, M. Ma, Y. Zhang, C. Chen, and J. Bu, “A strong user authentication scheme with smart cards for wireless communications,” Computer Communications, Vol. 34, No. 3, pp. 367-374 (2011).

    45. T. S. Messerges, E. A. Dabbish, and R. H. Sloan, “Examining smart card security under the threat of power analysis attacks,” IEEE Transactions on Computers, Vol. 51, No. 5, pp. 541-552 (2002).

    46. P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” Proceedings of Advances in Cryptology Crypto ’99, Santa Barbara, USA, 1999, pp. 388-397.

    47. K. Huang, Q. Ou, X. Wu, and Y. Song, “Cryptanalysis of a Remote User Authentication Scheme Using Smart Cards,” Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing WiCom ’09, Beijing, China, September 24~September 26, 2009, pp.1-4.

    48. D. J. Cook, and S. K. Das, Wireless sensor networks", Smart environments: Technologies, Protocols, and Application, John Wiley & Sons, Inc., New York, NY, 2004.

    49. C.Y. Chong, and S. Kumar, “Sensor Networks: evolution, opportunities and challenges,” Proceedings of the IEEE, Vol. 91, No. 8, pp. 1247–1256 (2003).

    50. Draft Amendment to IEEE Standard for Information technology-Telecommunications and information exchange between systems-PART 15.4:Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks (LR-WPANs): Amendment to add alternate PHY (Amendment of IEEE Std 802.15.4), IEEE Std P802.15.4a/D5, 2006

    51. IEEE WPAN Task Group 6, http://www.ieee802.org/15/pub/TG6.html.

    52. IEEE Std 802.15.4-2003, Institute of Electrical and Electronics Engineers, Inc., 1 October 2003.

    53. IEEE802.15.4 WPANTaskGroup4(TG4), URL: http://ieee802.org/15/pub/TG4.html.

    54. P. Kinney, “ZigBee Technology: Wireless Control that Simply Works,” White Paper dated 2 October 2003.

    55. M. L. Das, “Two-Factor User Authentication inWireless Sensor Networks,” IEEE Transactions on Wireless Communications, Vol. 8, pp. 1086-1090 (2009).

    56. M. K. Khan, and K. Alghathbar, “Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’,” Sensors, Vol. 10, No. 3, pp. 2450-2459 (2010).

    57. B. Vaidya, D. Makrakis, and H.T. Mouftah, “Improved two-factor user authentication in wireless sensor networks,” The 6th IEEE International Conference on Wireless and Mobile Computing, Networking and Communications WiMob ’2010, Niagara Falls, Canada, October 11~October 13, 2010, pp. 600-606.

    58. P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” Proceedings of Advances in Cryptology Crypto ’99, Santa Barbara, USA, 1999, pp. 388-397.

    59. T. S. Messerges, E. A. Dabbish, and R. H. Sloan, “Examining smart card security under the threat of power analysis attacks,” IEEE Transactions on Computers, Vol. 51, No. 5, pp. 541-552 (2002).

    60. C.H. Wei, M.S. Hwang, and A.Y. Chin, “A Mutual Authentication Protocol for RFID,” IT Professional, Vol.13, No.2, pp.20-24 (2011).

    61. Y. J. Huang, C. C. Yuan, M. K. Chen, W. C. Lin, and H. C. Teng, “Hardware implementation of RFID mutual authentication protocol,” IEEE Transactions on Industrial Electronics, Vol. 57, No. 5, pp. 1573–1582 ( 2010).

    62. Y. Jiang, C, Lin, X, Shen, and M, Shi, “Mutual Authentication and Key Exchange Protocols for Roaming Services in Wireless Mobile Networks,” IEEE Transactions on Wireless Communications , Vol.5, No.9, pp.2569-2577 (2006).

    63. K. Xue, C. Ma, P. Hong, and R. Ding, “A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks,” Journal of Network and Computer Applications, Vol. 36, No. 1, pp. 316-323 (2013).

    64. Z. Li, and G. Gong, “Computationally efficient mutual entity authentication in wireless sensor networks,” Ad Hoc Networks, Vol. 9, No. 2, pp. 204-215 (2011).

    65. L. Lamport, “Password authentication with insecure communication.” Communications of the ACM, Vol. 24, No. 11, pp. 770-772 (1981).

    66. M.S. Hwang, and L.H. Li, “A new remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 1, pp. 28–30 (2000).

    67. T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” IEEE Transactions on Information Theory, Vol. 32 , No. 4, pp. 469–472 (1985).

    68. T. Hwang, and W.C. Ku, “Reparable key distribution schemes for Internet environments,” IEEE Transactions on Consumer Electronics, Vol. 43, No. 5, pp. 1947–1949 (1995).

    69. H.M. Sun, “An efficient remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, pp. 958–961 (2000).

    70. J.J. Shen, C.W. Lin, and M.S. Hwang, “A modified remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 49, No. 2, pp. 414–416 (2003).

    71. A.K. Awashti, and S. Lal, “An enhanced remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 2, pp. 583–586 (2004).

    72. C. Chang, and K.F. Hwang, “Some forgery attacks on a remote user authentication scheme using smart cards,” Informatics, Vol. 14, No. 3, pp. 289–294 (2003).

    73. M.L. Das, A. Saxena, and V.P. Gulati, “A dynamic ID-based remote user authentication scheme,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 2, pp. 629–631 (2004).

    74. W.C. Ku, and S.T. Chang, “Impersonation attack on a dynamic ID-based remote user authentication scheme using smart cards,” IEICE Transactions on Communications, Vol. 5, pp. 2165–2167 (2005).

    75. M.S. Hwang, C.C. Lee, and Y.L. Tang, “A simple remote user authentication scheme,” Mathematical and Computer Modelling, Vol. 36, No. 1-2, pp. 103–107 (2002).

    76. C. Ku, and S.M. Chen, “Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 1, pp. 204–207 (2004).

    77. C. Lee, M.S. Hwang, and W.P. Yang, “A flexible remote user authentication scheme using smart cards,” ACM SIGOPS Operating Systems Review, Vol. 36, No. 3, pp. 46–52 (2002).

    78. C.I. Fan, P.H. Ho, and R.H. Hsu, “Provably Secure Nested One-Time Secret Mechanisms for Fast Mutual Authentication and Key Exchange in Mobile Communications,” IEEE/ACM Transactions on Networking, Vol.18, No.3, pp. 996-1009 (2010).

    79. S.H. Lin, J.H. Chiu, G.R. Lee, “A fast iterative localized re-authentication protocol for heterogeneous mobile networks,” IEEE Transactions on Consumer Electronics, Vol.56, No.4, pp.2267-2275 (2010).

    80. W.S. Juang, S.T. Chen, H.T. Liaw, “Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards,” IEEE Transactions on Industrial Electronics, Vol.55, No.6, pp.2551-2556 (2008).

    81. H. Sun, “An efficient remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, pp.958 -961 (2000).

    82. X. Li, W. Qiu, D. Zheng, K. Chen, and J. Li, “Anonymity Enhancement on Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards,” IEEE Transactions on Industrial Electronics, Vol.57, No.2, pp.793-800 (2010).

    83. N.W. Lo, and K.H. Yeh, “Cryptanalysis of two three-party encrypted key exchange protocols,” Computer Standards & Interfaces, Vol. 31, No. 6, pp. 1167-1174 (2009).

    84. W.C. Ku, “Weaknesses and drawbacks of a password authentication scheme using neural networks for multi-server architecture,” IEEE Transactions on Neural Networks, Vol.16, No.4, pp.1002-1005 (2005).

    85. J.W. Byun, D.H. Lee, and J.I. Lim, “Security analysis and improvement of a gateway-oriented password-based authenticated key exchange protocol,” IEEE Communications Letters, Vol.10, No.9, pp.683-685 (2006).

    86. Hao-Rung Chung, Wei-Chi Ku, Maw-Jinn Tsaur, Weaknesses and improvement of Wang et al.'s remote user password authentication scheme for resource-limited environments, Computer Standards & Interfaces, Volume 31, Issue 4, Pages 863-868, June 2009.

    87. H.R. Chung, W.C. Ku, and M.J. Tsaur, “Weaknesses and improvement of Wang et al.'s remote user password authentication scheme for resource-limited environments,” Computer Standards & Interfaces, Vol. 31, No. 4, pp. 863-868 (2009).

    88. Z. Xu, K. Bai, and S. Zhu, “TapLogger: inferring user inputs on smartphone touchscreens using on-board motion sensors,” Proceedings of the 5th ACM conference on Security and Privacy in Wireless and Mobile Networks WISEC ’12, Tucson, Arizona, USA, April 16~April 18, 2012, pp. 113-124.

    89. C. Shen, E. Nahum, H. Schulzrinne, and C.P. Wright, “The Impact of TLS on SIP Server Performance: Measurement and Modeling,” IEEE/ACM Transactions on Networking, Vol.20, No.4, pp.1217-1230 (2012).

    90. D. Eastlake and P. Jones, “US Secure Hash Algorithm 1 (SHA1),” RFC 3174, 2001.

    91. J.Z. Yang, Y.J. Wanf, H.F. Qian, Y. Zhou, “On the security of two password authenticated key agreement scheme using smart cards,” The Journal of China Universities of Posts and Telecommunications, Vol. 19, pp. 137-141 (2012).

    無法下載圖示 全文公開日期 2018/07/24 (校內網路)
    全文公開日期 本全文未授權公開 (校外網路)
    全文公開日期 本全文未授權公開 (國家圖書館:臺灣博碩士論文系統)
    QR CODE