標題: | 以公開金鑰憑證達成具有認證性的金鑰交換協定 Authenticated Key Agreement Protocols with Public Key Certificates |
作者: | 王國龍 Kuo-Lung Wang 葉義雄 Dr. Yi-Shiung Yeh 資訊學院資訊學程 |
關鍵字: | 金鑰交換協定;公開金鑰憑證;重送攻擊;竄改攻擊;中間人攻擊;時戳;密碼為基礎的方法;橢圓曲線密碼學;key agreement protocol;public key certificate;replay attack;modification attack;man-in-the-middle attack;timestamp;password-based method;Elliptic Curve Cryptography |
公開日期: | 2002 |
摘要: | 在1999年6月Seo和Sweeney提出一個簡單可認證的金鑰交換協定,使用以密碼為基礎的方法,並結合修改的Diffie-Hellman金鑰交換協定。事實上,Seo-Sweeney協定仍舊有招受反向重送攻擊的弱點。從1999年至2000年10月,共提出三個協定,並且將注意力集中於金鑰的確認階段提供交談金鑰認證。若在金鑰的建立階段即招受攻擊,則似乎有點太晚確認交談金鑰。在2003年有提出兩個協定,以密碼為基礎的方法加上時戳的使用,解決上述三個協定所面臨的問題。可是使用以密碼為基礎的方法和時戳,仍然有些問題。根據本論文,以公開金鑰的方式,提出二個新穎且實用,並具有認證性的金鑰交換協定。採用時戳和公開金鑰憑證,處理因使用以密碼為基礎的方法,所引起的問題。希望我們的協定,將會更實用並適合任意的兩個實體,在不安全的網路環境下,溝通並對分享的交談金鑰取得一致的意見。 In June 1999, Seo and Sweeney proposed a simple authenticated key agreement protocol using a password-based method and modified Diffie-Hellman key agreement protocol to provide key authentication. In fact, the Seo-Sweeney protocol is still vulnerable to the reflective replay attack. From June 1999 to October 2000, there were three protocols proposed and they concentrated their attentions on the key validation phase to provide session key authentication. It seems too late to ensure the validation of the session key once the key establishment phase is attacked. In 2003, there are two protocols proposed which use a pre-share password method and the concept of timestamp to solve the problem in the previous three protocols. There are some problems in the use of a password-based method. According to this thesis we propose two novel and practical protocols for authenticated key agreement in the asymmetric (public-key) setting. We adopt the timestamp and public-key certificates to deal with some problems caused by the password-based method. Hope our protocols will be more practical and suitable for two arbitrary entities communicating over an insecure network to agree on a shared session key. |
URI: | http://140.113.39.130/cdrfb3/record/nctu/#NT911706037 http://hdl.handle.net/11536/71330 |
顯示於類別: | 畢業論文 |