電子資料傳輸安全機制之研究

Abstract

在本論文中，我們著重在電子資料經由開放性網路傳輸的安全性。我們研究了以下三個部分：1.電子資料交換之安全架構；2.全球資訊網站之安全監控機制；3.GSM網路之安全通訊機制。 在第一部分，主要目的在於設計一套適用於EDI的安全機制。我們先綜覽EDI安全機制的現狀，包括其配合的傳輸格式及通訊協定；其次分析各種驗證協定、數位簽章、雜湊函數和金鑰管理，討論這些方法在安全性及實際建構上的優缺點，予以比較分析；最後建議較為適用的方法，以作為EDI的核心安全機制。 在第二部分，我們先以攻擊的觀點來著手，研究針對全球資訊網站的攻擊方式，再進而提出一套全球資訊網站的安全監控機制，從而使網站能更安全。一般網路監督軟體，如Sniffer，可以達到即時監督的需求，但卻無法提供系統管理者控制的能力，屬於被動的方式；這裡我們對於現有的安全機制作一番研究，包括瞭解SSL、S-HTTP等協定的運作方式，探討其所可能面臨的安全問題和攻擊方式，並提出一個主動式的網路安全監控機制，讓系統管理者除了監督外，還有能力進行控制。 在第三部分，我們以GSM網路的安全性為主，探討它的安全機制，對它所使用的身份驗證協定、金鑰交換方法、金鑰產生方法與訊息加解密方法作研究，討論它們的優點以及缺失，然後提出一套針對GSM網路的安全通訊機制。在所提出的安全架構中，我們採用公開金鑰演算法作雙向的身份驗證和金鑰交換，並使用輸入訊息為亂數值，設計了新的金鑰產生方法，還設計了適用於GSM網路的串流加密器來作訊息加解密。透過密碼學分析、操作分析和程式模擬，顯示我們所提出新的安全通訊機制可以兼顧安全與效率，能夠明顯增加GSM網路的安全性和效率性。 基於上述三個部分的研究結果，我們能夠明顯地加強電子資料在開放性網路上傳輸的安全性。

In this thesis, we focus on the security of electronic data transmission over an open network. Three areas, the Electronic Data Interchange (EDI), the World Wide Web (WWW), and the Global System for Mobile communication (GSM) networks, have been studied. In the first area, we investigate the current status of EDI technologies as they exist today, and then present a survey of authentication protocols, digital signature, hash function, and key management. A security architecture for EDI is proposed. In the second area, we first investigate all possible attacks on the web. Then, on the basis of these attacks, we suggest a security monitoring mechanism. This security monitoring mechanism is an active control mechanism, which is different from the traditional passive mechanisms, like Sniffer. This active security monitoring mechanism will allow the system administrator to actively protect his web site. In the third area, we focus on the security of the GSM networks. A secure communication architecture for the GSM network is proposed. In the proposed architecture, we use public-key cryptography for user authentication and stream cipher for message encryption and decryption. An authentication protocol and a key generation method are presented in conjunction with the proposed architecture. Stream cipher is recommended for message encryption and decryption. First, a key generator is presented. Then, on the basis of the key generator, stream ciphers are designed with respect to different levels of securities of GSM networks. Cryptanalysis and operational analysis show that the authentication protocol and stream ciphers are secure and efficient. Simulation results indicate that the key generation method can always produce key strings of evenly distributed 0's and 1's and with infinite period. Consequently, they provide a comprehensive set of secure communication mechanisms for GSM networks. Based on the results obtained from the three research areas aforementioned, we have significantly enhanced the security of electronic data transmission over an open network.