1. NCCU Academic Hub
  2. 資訊學院
  3. 資訊科學系
  4. 學位論文
Please use this identifier to cite or link to this item: https://ah.lib.nccu.edu.tw/handle/140.119/120258
DC FieldValueLanguage
dc.contributor.advisor左瑞麟zh_TW
dc.contributor.advisorTso, Ray-Linen_US
dc.contributor.author蘇勤文zh_TW
dc.contributor.authorSu, Ching-Wenen_US
dc.creator蘇勤文zh_TW
dc.creatorSu, Ching-Wenen_US
dc.date2018en_US
dc.date.accessioned2018-10-01T04:10:34Z-
dc.date.available2018-10-01T04:10:34Z-
dc.date.issued2018-10-01T04:10:34Z-
dc.identifierG0105753005en_US
dc.identifier.urihttp://nccur.lib.nccu.edu.tw/handle/140.119/120258-
dc.description碩士zh_TW
dc.description國立政治大學zh_TW
dc.description資訊科學系zh_TW
dc.description105753005zh_TW
dc.description.abstractElliptic curve Qu-Vanstone(ECQV)由Daniel等人於2001年提出,為目前眾多系統及標準使用的隱式憑證。隱式憑證確保只有憑證的原始擁有者可以算出相應私鑰,且隱式憑證並不包含簽章,因此可以快速計算,適合用於能力受限的系統設備上。但是我們發現ECQV存在兩個問題。第一個問題,由於隱式憑證不包含簽章的特性,在與對方溝通之前無法驗證用戶是否是正確的對象。第二個問題,由於證書和公鑰是一對一的對應關係,當用戶需要多個密鑰時,他們必須頻繁地與證書頒發機構(CA)溝通,這可能增加傳輸溝通成本。因此本研究提出兩種機制來解決上述問題。代理憑證機制以及憑證更新機制,兩種機制皆可基於原始憑證,自行產生多組公私鑰。代理憑證機制產生的公私鑰可分與他人做使用;憑證更新機制不可分與他人做使用,且生成的憑證具有可驗證性,可證實為原憑證擁有者生成,因此兩個機制可滿足不同的情境。另外我們也針對私鑰的機密性和證書的不可偽造性進行安全性證明。同時我們也透過實作證實,相較RSA或是ECQV我們提出的機制確實可以利用較少的時間、較低的成本生成憑證,因此適用於能力受限系統。zh_TW
dc.description.abstractElliptic curve Qu-Vanstone (ECQV) is now the most commonly used implicit certificate. However, we noticed that ECQV presents two main problems. First, due to the characteristics of the implicit certificate, it is not possible to verify whether the user is the correct object until we communicate with. Second, the certificate and the public key are in a one-to-one correspondence; hence, when users need multiple keys, they have to frequently communicate with the Certificate Authority (CA), which may increase the communication transmission costs. Therefore, we propose two schemes to solve the above issues. The proxy certificate scheme allows users to update their public/private keys without asking for a new certificate from the CA. The certificate update scheme allows users to update their keys and verifiers to check their identities. Then we also make sure that our scheme satisfy the confidentiality of the private key and the unforgeability of the certificate. In addition, we also implement the scheme we proposed and proved that it took a short time. Therefore, the mechanism we propose can indeed reduce the cost and suitable for power-limited systems.en_US
dc.description.tableofcontents摘要 i\nAbstract ii\n誌謝 iii\n目錄 iv\n表目錄 vi\n圖目錄 vii\n1. 緒論 1\n1.1. 研究動機 1\n1.2. 研究背景 2\n1.3. 研究目的 4\n1.4. 論文架構 4\n2. 背景知識 5\n2.1. 橢圓曲線密碼系統(Elliptic Curve Cryptosystem,ECC) 5\n2.1.1. 定義橢圓曲線 5\n2.1.2. 橢圓曲線上的運算 5\n2.1.3. ECC應用 6\n2.1.4. 安全性 7\n2.2. Elliptic Curve Qu-Vanstone(ECQV) 8\n2.2.1. OMC 8\n2.2.2. ECQV 9\n2.2.3. 安全性 11\n2.3. Schnorr協議 12\n2.3.1. Schnorr身分驗證協議 (Schnorr Identification Protocol) 12\n2.3.2. Schnorr簽名協議(Schnorr Signature Protocol) 13\n2.3.3. 安全性 15\n3. 基於ECQV之多重金鑰生成機制 17\n3.1. 定義 17\n3.1.1. 符號定義 17\n3.1.2. 方法定義 17\n3.2. 安全模型 18\n3.2.1. 私鑰安全性之安全模型 18\n3.2.2. 憑證更新機制不可偽造性之安全模型 19\n3.3. 代理憑證機制 20\n3.4. 憑證更新機制 21\n4. 安全性證明 24\n4.1. 私鑰安全性證明 24\n4.2. 憑證更新機制之不可偽造性證明 27\n5. 效能比較 30\n6. 結論 33\n參考文獻 34zh_TW
dc.format.extent713602 bytes-
dc.format.mimetypeapplication/pdf-
dc.source.urihttp://thesis.lib.nccu.edu.tw/record/#G0105753005en_US
dc.subjectElliptic curve Qu-Vanstone(ECQV)zh_TW
dc.subject隱式憑證zh_TW
dc.subject憑證更新zh_TW
dc.subjectElliptic curve Qu-Vanstone(ECQV)en_US
dc.subjectImplicit certificateen_US
dc.subjectCertificate updateen_US
dc.titleECQV自簽名憑證及其延伸應用之研究zh_TW
dc.titleA Study on ECQV Self-singed Certificate and Its Extensionsen_US
dc.typethesisen_US
dc.relation.reference[1] Cooper, David, et al. Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile. No. RFC 5280. 2008.\n[2] Brown, Daniel RL, Robert Gallant, and Scott A. Vanstone. "Provably secure implicit certificate schemes." International Conference on Financial Cryptography. Springer, Berlin, Heidelberg, 2001.\n[3] IEEE 1609.2-Standard for Wireless Access in Vehicular Environments (WAVE) - Security Services for Applications and Management Messages, available from ITS Standards Program, http://www.standards.its.dot.gov/StdsSummary.asp.\n[4] Miller, Victor S. "Use of elliptic curves in cryptography." Conference on the theory and application of cryptographic techniques. Springer, Berlin, Heidelberg, 1985.\n[5] Koblitz, Neal. "Elliptic curve cryptosystems." Mathematics of computation 48.177 (1987): 203-209.\n[6] Menezes, Alfred J., and Scott A. Vanstone. " Elliptic curve cryptosystems and their implementation." Journal of Cryptology 6.4 (1993): 209-224.\n[7] Law, L., and J. Solinas. Suite B cryptographic suites for IPsec. No. RFC 4869. 2007.\n[8] Pintsov, Leon A., and Scott A. Vanstone. "Postal revenue collection in the digital age." Financial Cryptography. Vol. 1962. 2000.\n[9] Brown, Daniel RL, Matthew J. Campagna, and Scott A. Vanstone. "Security of ECQV-Certified ECDSA Against Passive Adversaries." IACR Cryptology ePrint Archive 2009 (2009): 620.\n[10] D. R. L. Brown. Generic groups, collision resistance, and ECDSA. Designs, Codes and Cryptography, 35:119–152, 2005. http://eprint.iacr.org/2002/026.\n[11] D. R. L. Brown. On the provable security of ECDSA. In I. F. Blake, G. Seroussi, and N. P. Smart, editors, Advances in Elliptic Curve Cryptography, volume 317 of London Mathematical Society Lecture Note Series, pages 21–40. Cambridge University Press, 2005.\n[12] P. Paillier and D. Vergnaud. Discrete-log-based signatures may not be equivalent to discrete log. In B. Roy, editor, Advances in Cryptology — ASIACRYPT 2005, volume 3788 of Lecture Notes in Computer Science, pages 1–20. International Association for Cryptologic Research, Springer, Dec. 2005.\n[13] Brown, Daniel RL, Robert Gallant, and Scott A. Vanstone. "Provably secure implicit certificate schemes." International Conference on Financial Cryptography. Springer, Berlin, Heidelberg, 2001.\n[14] Brown, D. "Standards for efficient cryptography, SEC 1: elliptic curve cryptography." Released Standard Version 1 (2009)\n[15] Kapoor, Vivek, Vivek Sonny Abraham, and Ramesh Singh. "Elliptic curve cryptography." Ubiquity 2008.May (2008): 7.\n[16] Kosters, Michiel, and Sze Ling Yeo. "Notes on summation polynomials." arXiv preprint arXiv:1503.08001 (2015).\n[17] Maletsky, Kerry. "RSA vs ECC comparison for embedded systems." White Paper, Atmel (2015): 5.\n[18] Campagna, M. "SEC 4: Elliptic curve Qu-Vanstone implicit certificate scheme (ECQV)." Certicom Res., Mississauga, ON, Canada, Tech. Rep (2013).\n[19] Schnorr, Claus-Peter. "Efficient identification and signatures for smart cards." Conference on the Theory and Application of Cryptology. Springer, New York, NY, 1989.\n[20] Schnorr, Claus-Peter. "Efficient signature generation by smart cards." Journal of cryptology 4.3 (1991): 161-174.\n[21] Pointcheval, David, and Jacques Stern. "Security proofs for signature schemes." International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, 1996.\n[22] Pointcheval, David, and Jacques Stern. "Security arguments for digital signatures and blind signatures." Journal of cryptology 13.3 (2000): 361-396.\n[23] D. Pointcheval and J. Stern, “Security proofs for signature schemes”, Advances in Cryptology – Eurocrypt’96, 1996, pp. 387-398.\n[24] Seurin, Yannick. "On the exact security of schnorr-type signatures in the random oracle model." Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, 2012.zh_TW
dc.identifier.doi10.6814/THE.NCCU.CS.021.2018.B02en_US
item.fulltextWith Fulltext-
item.openairecristypehttp://purl.org/coar/resource_type/c_46ec-
item.grantfulltextopen-
item.openairetypethesis-
item.cerifentitytypePublications-
Appears in Collections:學位論文
Files in This Item:
File SizeFormat
300501.pdf696.88 kBAdobe PDF2View/Open
Show simple item record

Google ScholarTM

Check

Altmetric

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.