開放式網路系統上之身分確認與金匙交換協定

Abstract

本論文提出了兩個適用於開放式網路上的身份確認協定(authentication protocol)，在第一部份，我們提出了一個只需要極少次的訊息傳遞動作 ，即可完成身份確認的協定。雖然這個協定使用較少次的訊息傳遞動作， 但是比起其他的協定(如 kerberos, NS 及 Permuted 協定等等)仍具有更 高的安全性(security)及可靠性(reliability)。根據這個協定，我們實 際在 UNIX 系統上製作出一套採用主僕式(Master/Slave)架構的安全身份 確認系統。在第二部份，我們提出了一個適用於無線網路(wireless networks)系統的身份確認協定。在這個協定中，身份確認的動作只需在 欲溝通之兩者間完成，不需要借助第三者(trusted third party)的幫忙 ，而且訊息傳遞的次數只需要兩次。此外，我們不僅減少了指數運算( exponential computation)所需的次數，也解決了在 Okamoto and Tanaka's ID-based scheme 中會產生的 安全問題。 In this thesis, two new authentication protocols are proposed. In the first part, we present a four-message protocol for initial authentication that supports subsequent authentication in two messages without contacting the authentication server or using synchronized clocks. This protocol has the property of using fewer messages to provide better security than Kerberos and better reliability and security than the NS and Permuted protocols. Based on the protocol, a secure authentication system is built, which uses the master-slave scheme. In the second part, we propose a secure authentication protocol which supports both the privacy of messages and the authenticity of communicating parties in wireless networks. The trusted third party (key information center) is not needed once the secure network system is set up. Mutual authentication and key distribution can be achieve with two messages merely between two parties involved. With lower computation overhead, this protocol resolves the problems, appeared in the Okamoto and Tanaka's ID-based scheme, that user identities may be forged and user secret information may be discolsed. It can also protect user communication from replay attacks even if system clocks are not synchronized.