跳到主要內容

簡易檢索 / 詳目顯示

回結果列表
研究生: 楊梓佑
Tzu-Yu Yang
論文名稱: 具有非法權利轉移偵測能力之匿名不可連結會員驗證系統
Efficient Anonymous and Unlinkable Membership Authentication with Illegal Privilege Transfer Detection
指導教授: 顏嵩銘
Sung-Ming Yen
口試委員:
學位類別: 碩士
Master
系所名稱: 資訊電機學院 - 資訊工程學系
Department of Computer Science & Information Engineering
論文出版年: 2017
畢業學年度: 105
語文別: 英文
論文頁數: 54
中文關鍵詞: 匿名驗證
外文關鍵詞: Anonymous, authentication
相關次數: 點閱:10下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 驗證系統允許使用者在證明其會員資格後,獲取他所提出的服務需求,然而
    使用者與驗證伺服器互動的過程中,可能洩漏過多資訊以至於危害到使用者的個
    人隱私。因此匿名是一個保護使用者隱私的好方法,但這也產生了無法撤銷非法
    使用者的隱憂。為了保護使用者隱私,現今有許多的匿名驗證系統被提出並且廣
    泛的使用於網際網路。然而,有一類的匿名驗證系統是使用假名的方法來達成匿
    名,可是這樣的方法將造成假名可以被連結。部分匿名驗證系統甚至無法抵禦重
    送攻擊或是偽冒攻擊。
    在本論文中,我們提出了一個匿名且不可連結的會員驗證系統。我們所提出
    的系統,允許使用者與單一或多個不同的驗證伺服器進行多次會員身分驗證,並
    且保證所有驗證訊息彼此之間都不會被連結,也不會連結到使用者。我們分析了
    現有相關的匿名驗證系統之優缺點,並且與我們所提出的方法進行比較。分析結
    果顯示,我們的系統不僅同時兼顧高效率與安全性,同時還可以抵禦重送攻擊以
    及偽冒攻擊。

    The authentication schemes allow users to apply server’s services by presenting a
    valid membership. But the information provided by users during the interaction
    with the service providers may damage the privacy of users. Anonymity is an effect
    method to protect user privacy, but it may be misused such that the membership
    of a malicious user cannot be revoked. In order to achieve anonymity without
    revealing users’ privacy several anonymous authentication schemes were proposed
    and are still widely incorporated in Internet servers till present. Certain anonymous
    authentication schemes use a pseudonym to achieve anonymity, but the pseudonym
    is linkable and the scheme is vulnerable to replay attack or impersonation attack.
    Some previous related schemes will be reviewed and analyzed on their strength and
    weakness. Comparison between our proposed scheme and these related ones will be
    provided.
    In this thesis, we proposed a new anonymous and unlinkable membership authentication
    scheme. The proposed scheme allows a valid user to prove his or her
    membership multiple times to a same or different application servers while all the
    authentication messages cannot be linked. Furthermore, our proposed scheme is
    computational efficiency and can preserve user’s privacy, and most importantly it
    can withstand replay attack and impersonation attack.

    1 Introduction 1 1.1 Background and Motivation of the Research . . . . . . . . . . . . . . 1 1.2 Our Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.3 Organization of the Thesis . . . . . . . . . . . . . . . . . . . . . . . . 2 2 Related Works 5 2.1 Bilinear Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.2 Anonymous Authentication Schemes . . . . . . . . . . . . . . . . . . 6 2.3 Lee et al.’s Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.3.1 The Boneh-Boyen signature scheme . . . . . . . . . . . . . . . 7 2.3.2 Linear encryption . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.3.3 Zero-knowledge proof . . . . . . . . . . . . . . . . . . . . . . . 9 2.3.4 Short group signature scheme . . . . . . . . . . . . . . . . . . 10 2.3.5 Lee et al.’s anonymous authentication scheme . . . . . . . . . 12 2.4 Liu et al.’s Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 2.4.1 Cryptographic assumption . . . . . . . . . . . . . . . . . . . . 15 2.4.2 Certificateless signature scheme . . . . . . . . . . . . . . . . . 15 2.4.3 Certificateless remote anonymous authentication scheme . . . 17 3 The Proposed Anonymous Authentication Scheme 22 3.1 Security Assumption . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 3.2 Traitor Tracing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 3.3 The Preliminary Scheme . . . . . . . . . . . . . . . . . . . . . . . . . 24 3.3.1 Remarks and discussions . . . . . . . . . . . . . . . . . . . . . 26 3.4 An Enhanced Version of the Proposed Scheme . . . . . . . . . . . . . 28 4 Security Analysis and Performance Comparison 31 4.1 Security Analysis of Proposed Anonymous Authentication Scheme . . 31 4.2 Performance Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 III 5 Conclusions 36 5.1 Brief Review of Contributions . . . . . . . . . . . . . . . . . . . . . . 36 5.2 Future Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 Bibliography 39

    [1] D. Boneh and M. Franklin, “Identity-Based Encryption from the Weil Pairing,”
    SIAM Journal on Computing, Vol 32, pp. 586–615, 2003.
    [2] D. Boneh and X. Boyen, “Short Signatures without Random Oracles,” Advances
    in Cryptology – EUROCRYPT ’04, LNCS 3027, pp. 56–73, 2004.
    [3] D. Boneh, X. Boyen and H. Shacham, “Short Group Signatures,” Advances in
    Cryptology – CRYPTO ’04, LNCS 3152, pp. 41–55, 2004.
    [4] P. S. L. M. Barreto and M. Naehrig, “Pairing-Friendly Elliptic Curves of Prime
    Order,” Selected Areas in Cryptography – SAC ’05, LNCS Vol. 3897, pp. 319–
    331, 2006.
    [5] D. Boneh, A. Sahai, and B. Waters., “Fully Collusion Resistant Traitor Tracing
    with Short Ciphertexts and Private Keys,” Advances in Cryptology - EUROCRYPT
    ’06, LNCS Vol. 4004, pp. 573–592, 2006.
    [6] J. L. Camenisch, “Group Signature Schemes and Payment Systems Based on
    the Discrete Logarithm Problem,” PhD thesis, ETH Zurich ¨ , 1998.
    [7] D. Chaum, J. H. Evertse, and J. van de Graaf, “An Improved Protocol for
    Demonstrating Possession of Discrete Logarithms and Some Generalizations,”
    Advances in Cryptology – EUROCRYPT ’87, LNCS 304, pp. 127–141, 1988.
    [8] B. Chor, A. Fiat, and M. Naor, “Tracing Traitors,” Advances in Cryptology -
    CRYPTO ’94, LNCS 839, pp. 257–270, 1994.
    [9] J. Camenisch and A. Lysyanskaya, “Signature Schemes and Anonymous Credentials
    from Bilinear Maps,” Advances in Cryptology - CRYPTO ’04, LNCS
    3152, pp. 56–72, 1998.
    [10] R. J. F. Cramer and T. P. Pedersen, “Improve Privacy in Wallets with Observers,”
    Advances in Cryptology - EUROCRYPT ’93, LNCS 765, pp.561–575,
    1993.
    [11] W. Diffie and M. Hellman, “New Directions in Cryptography,” IEEE Transactions
    on Information Theory, Vol. 22, pp. 644–654, 1976.
    [12] T. ElGamal, “A Public Key Cryptosystem and a Signature Scheme Based on
    Discrete Logarithms,” Advances in Cryptology – CRYPTO ’84, LNCS 196, pp.
    10–18, 1985.
    [13] Federal Financial Institutions Examination Council (FFIEC), “Authentication
    of Internet Banking Environment” , http://www. ffiec.gov,, 2001.
    [14] U. Feige, A. Fiat and A. Shamir, “Zero-knowledge Proofs of Identity,” Advances
    in Cryptology – CRYPTO ’88, Vol. 1, pp. 77–94, 1988.
    [15] E. Fujisaki and T. Okamoto, “Statistical Zero Knowledge Protocols to Prove
    Modular Polynomial Relations,” Advances in Cryptology – CRYPTO ’97, LNCS
    1294, pp. 16–30, Springer-Verlag, 1997.
    [16] G. Frey, M. Muller, and H. Ruck, “The Tate Pairing and the Discrete Logarithm
    Applied to Elliptic Curve Cryptosystems,” IEEE Transactions on Information
    Theory, Vol. 45, No. 5, pp. 1717–1718, 1999.
    [17] A. Fiat and A. Shamir, “How to Prove Yourself: Practical solutions to identification
    and signature problems,” Advances in Cryptology – CRYPTO ’86,
    LNCS 263, pp. 186–194, 1986.
    [18] T. Gao, Q. Miao, and N.Guo, “Anonymous Authentication Scheme Based on
    Proxy Group Signature for Wireless MESH Network,” Proc. of the 8th International
    Conference on Innovative Mobile and Internet Services in Ubiquitous
    Computing, pp. 533–537, 2014.
    [19] S. Goldwasser, S. Micali,C. Rackoff, “The Knowledge Complexity of Interactive
    Proof Systems,” SIAM Journal on Computing, Vol. 18, pp. 186–208, 1989.
    [20] L. C. Guillou and J. J Quisquater, “A Practical Zero-Knowledge Protocol Fitted
    to Security Microprocessor Minimizing Both Transmission and Memory,”
    Advances in Cryptology – EUROCRYPT 88, LNCS 330, pp. 123–128, 2009.
    [21] A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, “Handbook of Applied
    Cryptography,” CRC Press, 1997.
    [22] V. C. Hu, D. Ferraiolom A. Schnitzer, K. Sandlin, R. Miller and K. Scarfone,
    “Guide to Attribute Based Access Control (ABAC) Definition and Considerations,”
    NIST Special Publication, 2013.
    [23] X. Hu, “Cost-Effective Scalable and Anonymous Certificateless Remote Authentication
    Protocol,” IEEE Transactions on Information Forensics and Security,
    Vol. 9, pp. 2327–2339, 2014.
    [24] D. He, S. Zeadally, and L. Wu, “Certificateless Public Auditing Scheme for
    Cloud-Assisted Wireless Body Area Networks,” IEEE Systems Journal, pp.
    1–10, 2015.
    [25] D. He, S. Zeadally, N. Kumar, and J.H. Lee, “Anonymous Authentication for
    Wireless Body Area Networks with Provable Security,” IEEE Systems Journal,
    pp. 1–12, 2016.
    [26] Security Team, Computer Science Dept, “Specification of the Identity Mixer
    Cryptographic Library,” IBM Research, Zurich, 2009.
    [27] J. Katz and Y. Lindell, “Optimum Traitor Tracing and Asymmetric Schemes.,”
    Advances in Cryptology – EUROCRYPT ’98, LNCS 1403, pp. 145–157, 1998.
    [28] Y. K. Lee, S. W. Han, S. J. Lee., B. H. Chung, and D. G. Lee, “Anonymous
    Authentication System Using Group Signature,” Proc. of Complex, Intelligent
    and Software Intensive Systems, pp. 1235–1239, 2009.
    [29] Y. K. Lee, S. Lee, S. J. Lee., J.Y. Hwang, B. H. Chung, and D.G. Lee, “Anonymous
    Access Control Framework Based on Group Signature,” Proc. of the 2nd
    International Conference on Information Technology Convergence and Services,
    pp. 1–5, 2010.
    [30] J. Liu, Z. Zhang and C. Chen, “Certificateless Remote Anonymous Authentication
    Schemes for Wireless Body Area Networks,” IEEE Transactions on
    Parallel and Distributed Systems, Vol. 25, pp. 332–342, 2014.
    [31] W. Mao, “Modern Cryptography: Theory and Practice,” Prentice Hall PTR,
    2004.
    [32] V. Miller, “The Weil Pairing, and Its Efficient Calculation,” Journal of Cryptology,
    Vol. 17, No. 4, pp. 235–261, 2004.
    [33] V. S. Miller, “Use of Elliptic Curves in Cryptography,” Advances in Cryptology
    – CRYPTO’85, LNCS 218, pp. 417–426, 1986.
    [34] A. Miyaji, M. Nakabayashi, and S. Takano, “New Explicit Conditions of Elliptic
    Curve Traces for FR-Reduction,” IEICE Trans. Fundamentals, Vol. E84-A, No.
    5, pp. 1234–1243, 2001.
    [35] S. Mitsunari, R. Sakai and M. Kasahara,, “A New Traitor Tracing,” IEICE
    Trans. Fundamentals, Vol. E85-A, No. 2, pp. 481–484, 2002.
    [36] M. Naor and B. Pinkas, “Threshold Traitor Tracing,” IEICE Trans. Fundamentals,
    Vol. E84-A, No. 5, pp. 1234–1243, 1998.
    [37] C. P. Schnorr, “Efficient Signature Generation for Smart Cards,” Advances in
    Cryptology – CRYPTO’91, Vol. 4, pp. 161–174, 1991.
    [38] A. Shamir, “Identity-Based Cryptosystems and Signature Schemes,” Advances
    in Cryptology – CRYPTO’84, Vol. 196, pp. 47–53, 1984.
    [39] C. Paquin and G. Zaverucha, “U-Prove Cryptographic Specification V1.1 (Revision
    3),” Microsoft Corporation, 2013.
    [40] K. H. Yeh, C. Su, N. W. Lo, Y. Li, and Y. X. Hung, “Two Robust Remote
    User Authentication Protocols using Smart Cards,” Journal of Systems and
    Software, Vol. 83, pp. 2556–2565 2010.
    [41] Z. H. Zhang, J. J. Lee, J. Wei, Z. Yong, and G. Bei, “An New Anonymous
    Authentication Scheme for Cloud Computing,” Proc. of the 7th International
    conference on Computer Science and Education, pp. 896–898, 2012.
    [42] H. Zheng, Z. Zhao, and X. Zhang, “Access Control Based on Group Signatures
    in Cloud Service,” IEEE International Conference on Computer Science and
    Automation Engineering , Vol. 2, pp. 316–320, 2012.

    QR CODE
    :::