政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/110836
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  全文笔数/总笔数 : 109948/140897 (78%)
造访人次 : 46074326      在线人数 : 713
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻
    政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 >  Item 140.119/110836


    请使用永久网址来引用或连结此文件: https://nccur.lib.nccu.edu.tw/handle/140.119/110836


    题名: 主從式架構下基於晶格之通行碼認證金鑰交換協定之研究
    A study of password-based authenticated key exchange from lattices for client/server model
    作者: 鄭逸修
    贡献者: 左瑞麟
    鄭逸修
    关键词: 基於通行碼之認證金鑰交換協定
    晶格
    誤差學習難問題
    金鑰交換協定
    雙向驗證機制
    主從式架構
    PAKE
    Lattice
    LWE
    Key exchange
    Mutual authentication
    Client/Server model
    日期: 2017
    上传时间: 2017-07-11 11:56:08 (UTC+8)
    摘要: 基於通行碼之認證金鑰交換協定(Password-based Authenticated Key Exchange)為一項使要進行交換訊息之雙方做相互驗證並產生一把共享金鑰的技術。藉由通訊雙方共享一組通行碼做為身份驗證的依據,並且在驗證結束後產生一把僅有雙方才知道的祕密通訊金鑰,往後進行傳遞機密資訊時即可透過此金鑰建立安全的通訊管道。
    本篇論文提出一個在主從式架構(Client/Server model)下基於晶格(lattice)之通行碼認證金鑰交換協定,用戶端只需記錄與伺服器共享之通行碼,而伺服器端除了通行碼外擁有屬於自己的公私鑰對,雙方間透過共享之通行碼進行相互驗證,並且在兩個步驟內完成認證及金鑰交換。在安全性上基於晶格密碼系統之難問題,若未來量子電腦問世能夠抵擋其強大運算能力之攻擊,達到安全且有效率之通行碼認證金鑰協議。
    The password-based authenticated key exchange is a technology that allows both parties to perform mutual authentication and generate a shared session key. They through the shared password as the basis for authentication and generate a session key that is only known by both parties. At last, they can use this key to establish a secure channel to transmit secret message.
    We propose a password-based authenticated key exchange from lattices for Client-Server model. The client only need to remember the password rather than the private key, and the server except keep the password and its own public/private key pair. Both parties execute the mutual authentication via the shared password and accomplish the key exchange within two steps. The security of our protocol is based on LWE problem for lattices, so it is secure even an attacker uses a quantum computer.
    參考文獻: [1] Diffie, W., Hellman, M.: New directions in cryptography. In : IEEE transactions on Information Theory, 22(6), pp. 644-654(1976).
    [2] Shieh, W. G., Wang, J. M.: Efficient remote mutual authentication and key agreement. In : computers & security, 25(1), pp. 72--77 (2006).
    [3] Seo, B., Lee, S. W., Kim, H.: Authenticated Key Agreement Based on NFC for Mobile Payment. In : International Journal of Computer and Communication Engineering, 5(1), 71(2016).
    [4] Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In : Advances in Cryptology—EUROCRYPT 2000, pp. 139--155. Springer Berlin Heidelberg(2000).
    [5] LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In : International Conference on Provable Security, pp. 1--16. Springer Berlin Heidelberg(2007).
    [6] 陳柏諭, “身份認證與免憑證式金鑰交換協議之研究.” 亞洲大學資訊多媒體應用學系碩士班學位論文, 2011.
    [7] Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In : International Conference on the Theory and Applications of Cryptographic Techniques, pp. 156--171. Springer Berlin Heidelberg(2000).
    [8] Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In : International Conference on the Theory and Applications of Cryptographic Techniques , pp. 475--494. Springer Berlin Heidelberg(2001).
    [9] Hao, F., Ryan, P.: J-PAKE: authenticated key exchange without PKI. In : Transactions on computational science XI , pp. 192--206. Springer Berlin Heidelberg(2010).
    [10] Xun, Y., Tso, R., Okamoto, E.: Identity-based password-authenticated key exchange for client/server model. In: SECRYPT, pp. 45-51(2012).
    [11] Hoffstein, J., Pipher, J., Silverman, J.: NTRU: A ring-based public key cryptosystem. In : Algorithmic number theory, pp. 267--288(1998).
    [12] Hoffstein, J., Pipher, J., Silverman, J. H.: NSS: An NTRU lattice-based signature scheme. In : International Conference on the Theory and Applications of Cryptographic Techniques, pp. 211--228. Springer Berlin Heidelberg(2001).
    [13] López-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In : Proceedings of the forty-fourth annual ACM symposium on Theory of computing, pp. 1219--1234(2012).
    [14] Lei, X., Liao, X.: NTRU-KE: A Lattice-based Public Key Exchange Protocol. In : IACR Cryptology ePrint Archive, 718(2013).
    [15] Jun, J. I. A. N. G., Chen, H. E.: A novel mutual authentication and key agreement protocol based on NTRU cryptography for wireless communications. In : Journal of Zhejiang University-SCIENCE A, 6(5), pp. 399—404(2005).
    [16] Wang, H., Zhao, C., Xu, Q., Wang, Y.: Identity-Based Authenticate Key Exchange Protocol from Lattice. In : Computational Intelligence and Security (CIS), 2013 9th International Conference on, pp. 564--568. IEEE(2013).
    [17] Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange-a new hope. In : IACR Cryptology ePrint Archive, 1092(2015).
    [18] Katz, J., Vaikuntanathan, V.: Smooth projective hashing and password-based authenticated key exchange from lattices. In : International Conference on the Theory and Application of Cryptology and Information Security, pp. 636--652. Springer Berlin Heidelberg(2009).
    [19] Park, S. W., Lee, I. Y.: Anonymous authentication scheme based on NTRU for the protection of payment information in NFC mobile environment. In : Journal of Information Processing Systems, 9(3), 461-476(2013).
    [20] Tso, R., Jheng, Y. S.: Security analysis of a NTRU-based mutual authentication scheme. In : Network Operations and Management Symposium (APNOMS), 2016 18th Asia-Pacific, pp. 1--3. IEEE(2016).
    [21] Ding, J., Xie, X., Lin, X.: A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem. In : IACR Cryptology EPrint Archive, 688(2012).
    [22] Zhang, J., Zhang, Z., Ding, J., Snook, M., Dagdelen, Ö.: Authenticated key exchange from ideal lattices. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques , pp. 719--751. Springer Berlin Heidelberg(2015).
    [23] Lattice, https://en.wikipedia.org/wiki/Lattice_(group).
    [24] Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In : Journal of the ACM (JACM), 56(6), 34(2009).
    [25] Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 1--23. Springer Berlin Heidelberg(2010).
    [26] Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In : SIAM Journal on Computing, 37(1), pp. 267--302(2007).
    [27] Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In : Advances in Cryptology—EUROCRYPT 2000, pp. 139--155. Springer Berlin Heidelberg(2000).
    [28] Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 27--47. Springer Berlin Heidelberg(2011).
    描述: 碩士
    國立政治大學
    資訊科學學系
    103753035
    資料來源: http://thesis.lib.nccu.edu.tw/record/#G0103753035
    数据类型: thesis
    显示于类别:[資訊科學系] 學位論文

    文件中的档案:

    档案 大小格式浏览次数
    303501.pdf1251KbAdobe PDF2275检视/开启


    在政大典藏中所有的数据项都受到原著作权保护.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回馈