研究生: |
李雅雯 Ya-Wen Lee |
---|---|
論文名稱: |
基於自我驗證簽密法之授權機制 Authorization Scheme Based on Self-certified Signcryption Cryptography |
指導教授: |
吳宗成
Tzong-Chen Wu |
口試委員: |
查士朝
Shi-Cho Cha 羅乃維 Nai-Wei Lo |
學位類別: |
碩士 Master |
系所名稱: |
管理學院 - 資訊管理系 Department of Information Management |
論文出版年: | 2018 |
畢業學年度: | 106 |
語文別: | 中文 |
論文頁數: | 55 |
中文關鍵詞: | 橢圓曲線 、自我驗證 、簽密法 、授權 |
外文關鍵詞: | ECC, Self-certified, Signcryption, Authorization |
相關次數: | 點閱:209 下載:0 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
本論文所提出的授權機制能讓組織內使用者可以透過使用裝置獲得該裝置可存取的資料物件。使用者向某些可使用裝置發送經簽密保護的授權內容,然後該裝置能夠驗證簽密並恢復其授權內容。同樣地,當裝置想要存取某些資料物件時,也必須向資料物件發送授權權限內容的簽密。驗證成功後,裝置便可存取資料物件並提供給使用者。
我們的授權內容是利用以橢圓曲線之自我驗證公開金鑰系統進行簽密。首先,藉由使用基於橢圓曲線密碼系統可以使計算更具有效率且使用同樣位元數也比其他公鑰密碼系統的安全強度更好。再來,自我驗證公鑰系統不必透過可信任的第三方(Trusted Third Party, TTP)發行憑證,使得我們在驗證簽密時能夠一同驗證公鑰的正確性,因此可有效降低參數的儲存與計算成本。最後,根據簽密法可在同個邏輯步驟完成簽章與加密的特性,比起傳統先簽後加密,更可以減少計算和通信成本。
總而言之,我們提出的方法不但滿足傳送授權內容時所需的機密性、完整性及不可偽造性等安全需求,也適用於低運算能力與通訊成本較低的裝置。
In this study, we proposed an authorization scheme which allows users of the organization use certain devices to obtain accessible objects. Users send the signcrypted authorization rights to the available devices, recovering needed content with signcryptions verification. Similarly, access certain objects by devices can only be achieved by sending the corresponding signcrypted authorization rights. After successful authentication, devices will be allowed to obtain accessible objects.
Our method of signcrypted authorization rights is a self-certified public key cryptography, which is based on elliptic curve cryptosystems. By integrating the elliptic curve cryptosystems, computation is faster and more efficient. Though utilizing the same bits, the security degree is superior to other public key cryptosystems. Self-certified public key cryptography, which doesn't need certification of trusted third party (TTP), allow concurrent public keys authentication and signcryption validation, thereby lowering storage loads and computation costs. Last but not least, through the advantages of the signcryption, the signature and encryption are achieved within a logical step, making it even more efficient in computation and communication than traditional
signature-then-encryption.
All in all, our scheme not only fulfills the security requirements of confidentiality, integrity and unforgeability in the authorizing process, but can be applied to devices of lower computation and communication cost.
[DH76] W. Diffie, M.E. Hellman, “New direction in cryptography”, IEEE Transactions on Information Theory, Vol. IT-22, No. 6, 1976, pp. 644-654.
[GW76] Patricia P. Griffiths , Bradford W. Wade, “An authorization mechanism for a relational database system”, ACM Transactions on Database Systems (TODS), Vol.1, No.3, Sept. 1976,
pp.242-255,
[GS03] Gustavo H.M.B. Motta and Sergio S. Furuie, “A contextual role-based access control authorization model for electronic patient record”, IEEE Transactions on Information Technology in Biomedicine, Vol.7, No.3, Sept. 2003, pp. 202-207.
[OMEA17] A.Ouaddah, H. Mousannif, A.A. Elkalam, A.A. Ouahman, "Access control in the internet of things: Big challenges and new opportunities", Computer Networks, Vol. 112,2017, pp. 237-262.
[Kob85] N. Koblitz, “Elliptic curve cryptosystems”, Mathematics of Computation, Vol. 48, No. 17, 1985, pp. 203-209.
[Mil85] V.S. Miller, “Use of elliptic curves in cryptography”, Advances in Cryptology- CRYPTO’85, Springer-Verlag, 1985, pp. 417-426.
[Gir91] M. Girault, “Self-certified Public Key”, Lecture Notes in Computer Science, Proceedings of EuroCrypt’91, Lecture Notes in Computer Science, Vol. 547, Springer-Verlag, 1991, pp. 491-497.
[Tsa05] Woei-Jiunn Tsaur, “Several security schemes constructed using ECCbased self-certified public key cryptosystems”, ESLSEVIER Applied Mathematic and Computation 168, 2005, pp.447-464.
[Zhe97] Zheng, Y.: “Digital signcryption or how to achieve cost (Signature & encryption) < < cost(Signature) + cost(Encryption)”, Springer, Heidelberg, In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294,
pp. 165–179.
[ZI98] Y. Zheng, and H. Imai, "How to construct efficient signcryption schemes on elliptic curves", Information Processing Letters, Vol. 68, 1998, pp.227-233.
[Nay14] Biswojit Nayak (2014), Signcryption schemes based on elliptic curve cryptography, Master Thesis, National Institute of Technology Rourkela, India.
[IEEE 1363] IEEE 1363 Working Group, “IEEE P1363 standard specifications for public key cryptography”.
[MOI90] S. Miyaguchi, K. Ohta, and M. Iwata, “128-bit hash function (n-hash)”, Proceedings of SECURICOM'90, 1990, pp. 127-137.
[NIST93] National Institute of Standards and Technology, NIST FIPS PUB 180, “Secure hash standard”, U. S. Department of Commerce, 1993.
[RSA78] R. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems”, Communications of the ACM, Vol.21, No. 2, 1978, pp. 120-126.
[Sae97] S. Saeednia, “Identity-based and self-certified key exchange protocols”, Information Security and Privacy : ACISP’97, 1997, pp. 303-313.
[HLS05] R.J. Hwang, C.H. Lai, and F.-F. Su, "An efficient signcryption scheme with forward secrecy based on elliptic curve," Journal of Applied Mathematics and Computation, Elsevier Inc., Vol. 167, No. 2, 2005, pp. 870-881.
[Sch96] B. Schneier, Applied Cryptography, second ed., John Wiley, New York, 1996