文化大學機構典藏 CCUR:Item 987654321/45127
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 46962/50828 (92%)
Visitors : 12424860      Online Users : 1188
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/45127


    Title: 基於生物識別及智慧卡的遠端使用者認證機制
    A Remote User Authentication Scheme Based on Biometric and Smart Card
    Authors: 廖彥欣
    Contributors: 資訊管理學系
    Keywords: 遠端認證
    智慧卡
    生物識別
    安全性分析
    會議金鑰
    Date: 2019
    Issue Date: 2019-10-24 10:14:29 (UTC+8)
    Abstract: 近年來,網路科技的快速發展,人們在日常生活中已習慣透過網路取得各項工作及生活的資訊,在進行網路服務時,為了保護使用者的資訊,使用者經常需要與伺服器相互驗證,使得遠端驗證的安全機制變得相當重要,亦使許多學者不斷的提出多種加強及改良的機制,以增加使用者遠端認證的安全性。
    Quan, Jung, Kim, Sun, Lee, and Won (2017)指出An (2015)所提出的機制有許多的安全缺失,並提出基於帳號、密碼和生物特徵的三因子遠端用戶認證改善機制。但本研究發現,Quan et al. (2017)的機制仍存在許多安全漏洞,如離線猜密碼攻擊、不具匿名性及偽裝攻擊等問題。另外,Ali and Pal (2017)改善Guo and Wen (2014)所提出在多個伺服器環境中基於帳號、密碼和生物特徵的三因子遠端認證機制。但本研究發現Ali and Pal (2017)在機制上仍因設計缺失而存在安全漏洞,如會議金鑰的前向私密性等問題。
    本研究將透過對Quan et al. (2017)及Ali and Pal (2017)的機制進行安全性分析,探討現有機制具有的安全漏洞,藉此提出一個新的遠端認證機制,除安全性分析外,並與現有機制進行安全性及效能的比較,以證明其可用性,並提出未來可能增強及改進的方向。
    Recently, with the rapid development of the network, people have accustomed to getting information through the Internet in their daily lives. People often need to use servers to access and protect the private data that mutual verification of the secure remote authentication scheme is very significant. Many scholars have proposed many improvement schemes to enhance the security of remote authentication.
    In 2017, Quan et al. pointed out that there are many weaknesses in Ans scheme and introduced an improvement remote user authentication scheme based on identity, passwords, and biometrics three-factor. However, we found that their scheme still has many weaknesses. Such as off-line password guessing attack, no user anonymity, and impersonation attack. In the same year, Ali-Pal improved Guo-Wens three factors, multiple server remote user authentication scheme. However, we also found that there have design flaws of Ali-Pals scheme, such as the session key attack.
    Based on the security analysis to explore the weaknesses of Quan et al.s and Ali-Pals schemes. In this study, we propose an improvement three-factor remote authentication scheme and prove its usability from comparing the security and effectiveness with other schemes. We also suggest enhanced and improved directions in the future.
    Appears in Collections:[Department of Information Management & Graduate Institute of Information Management] Thesis

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML130View/Open


    View Licence

    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback