文化大學機構典藏 CCUR:Item 987654321/37406
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 47225/51091 (92%)
Visitors : 13983788      Online Users : 230
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/37406


    Title: 一個基於智慧卡的使用者遠端認證機制改良之研究
    An Improvement of Remote User Authentication Scheme with Smart Card
    Authors: 楊仁銘
    Contributors: 資訊管理學系
    Keywords: 智慧卡
    認證
    離線猜密碼攻擊
    偽裝攻擊
    生物特徵
    smart card
    authentication
    off-line password guessing attack
    impersonation attack
    biometrics feature
    Date: 2017
    Issue Date: 2017-08-16 09:26:35 (UTC+8)
    Abstract: 隨著科技的日新月異,新興的科技不斷地影響我們的生活,例如智慧卡廣泛的應用於各種通訊機制中。然而智慧卡的認證機制之中,仍存在許多惡意的攻擊,如猜密碼攻擊、偽裝攻擊、重送攻擊以及阻斷服務攻擊等。為了防止諸多攻擊, Mishra等人於2015年針對Jiang以及Li等人的機制提出弱點分析及分別改進機制,但其中仍存在有弱點使其遭受阻斷服務、離線猜密碼等攻擊。
    本研究首先介紹Mishra等人所提出基於密碼認證與金鑰協商認證機制中,仍存在的安全性問題,如內部攻擊及換卡機制等問題。接著再介紹Mishra等人另一個基於密碼與生物特徵的雙因子認證機制,本研究發現該機制雖然能改善Li等人所提的機制,但仍有無匿名性以及換卡機制弱點等安全性問題。本研究利用探討Mishra等人兩項機制的安全性分析,說明現有機制的問題。以改善問題為基礎,提出新的改良機制及安全性分析,並與其他機制進行安全性及效能分析,證明本研究所提出新的機制具有更佳的安全性。
    With the rapid development of science and technology, it has gradually changed our life. For example, the smart card has been widely used and becomes an essential item in daily life. However, there are many malicious attacks, such as password guessing, impersonation, replay and denial of service. Therefore, the secure authentication schemes become very important and there are many researcher proposed their schemes. In 2015, Mishra et al. proposed an authentication scheme to improve the weaknesses of Li et al.’s scheme, but there are still with some weaknesses and vulnerabilities like guessing and denial of service attack.
    In this study, we firstly introduce Mishra et al.’s scheme based on the password authentication and key agreement, and security problems, such as insider attacks and the weaknesses of smart card revocation phase. Secondly, we introduce another Mishra et al.’s scheme two-factor authentication mechanism based on password and biometrics identification. Although this scheme can improve the scheme of Li et al. and Jiang et al., there are still with some security problems such as the weaknesses of smart card revocation phase and user anonymity. Finally based on indicated we propose a new improved authentication scheme with security and performance analysis that proved the new scheme has better security.
    Appears in Collections:[Department of Information Management & Graduate Institute of Information Management] Thesis

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML275View/Open


    View Licence

    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback