1. NCCU Academic Hub
  2. 學術產出
  3. 資訊學院
  4. 學位論文
  5. Item

學術產出-學位論文

文章檢視/開啟

書目匯出

Google ScholarTM

政大圖書館

引文資訊

TAIR相關學術產出

題名 主從式架構下基於晶格之通行碼認證金鑰交換協定之研究
A study of password-based authenticated key exchange from lattices for client/server model
作者 鄭逸修
貢獻者 左瑞麟
鄭逸修
關鍵詞 基於通行碼之認證金鑰交換協定
晶格
誤差學習難問題
金鑰交換協定
雙向驗證機制
主從式架構
PAKE
Lattice
LWE
Key exchange
Mutual authentication
Client/Server model
日期 2017
上傳時間 11-七月-2017 11:56:08 (UTC+8)
摘要 基於通行碼之認證金鑰交換協定(Password-based Authenticated Key Exchange)為一項使要進行交換訊息之雙方做相互驗證並產生一把共享金鑰的技術。藉由通訊雙方共享一組通行碼做為身份驗證的依據,並且在驗證結束後產生一把僅有雙方才知道的祕密通訊金鑰,往後進行傳遞機密資訊時即可透過此金鑰建立安全的通訊管道。
本篇論文提出一個在主從式架構(Client/Server model)下基於晶格(lattice)之通行碼認證金鑰交換協定,用戶端只需記錄與伺服器共享之通行碼,而伺服器端除了通行碼外擁有屬於自己的公私鑰對,雙方間透過共享之通行碼進行相互驗證,並且在兩個步驟內完成認證及金鑰交換。在安全性上基於晶格密碼系統之難問題,若未來量子電腦問世能夠抵擋其強大運算能力之攻擊,達到安全且有效率之通行碼認證金鑰協議。
The password-based authenticated key exchange is a technology that allows both parties to perform mutual authentication and generate a shared session key. They through the shared password as the basis for authentication and generate a session key that is only known by both parties. At last, they can use this key to establish a secure channel to transmit secret message.
We propose a password-based authenticated key exchange from lattices for Client-Server model. The client only need to remember the password rather than the private key, and the server except keep the password and its own public/private key pair. Both parties execute the mutual authentication via the shared password and accomplish the key exchange within two steps. The security of our protocol is based on LWE problem for lattices, so it is secure even an attacker uses a quantum computer.
參考文獻 [1] Diffie, W., Hellman, M.: New directions in cryptography. In : IEEE transactions on Information Theory, 22(6), pp. 644-654(1976).
[2] Shieh, W. G., Wang, J. M.: Efficient remote mutual authentication and key agreement. In : computers & security, 25(1), pp. 72--77 (2006).
[3] Seo, B., Lee, S. W., Kim, H.: Authenticated Key Agreement Based on NFC for Mobile Payment. In : International Journal of Computer and Communication Engineering, 5(1), 71(2016).
[4] Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In : Advances in Cryptology—EUROCRYPT 2000, pp. 139--155. Springer Berlin Heidelberg(2000).
[5] LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In : International Conference on Provable Security, pp. 1--16. Springer Berlin Heidelberg(2007).
[6] 陳柏諭, “身份認證與免憑證式金鑰交換協議之研究.” 亞洲大學資訊多媒體應用學系碩士班學位論文, 2011.
[7] Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In : International Conference on the Theory and Applications of Cryptographic Techniques, pp. 156--171. Springer Berlin Heidelberg(2000).
[8] Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In : International Conference on the Theory and Applications of Cryptographic Techniques , pp. 475--494. Springer Berlin Heidelberg(2001).
[9] Hao, F., Ryan, P.: J-PAKE: authenticated key exchange without PKI. In : Transactions on computational science XI , pp. 192--206. Springer Berlin Heidelberg(2010).
[10] Xun, Y., Tso, R., Okamoto, E.: Identity-based password-authenticated key exchange for client/server model. In: SECRYPT, pp. 45-51(2012).
[11] Hoffstein, J., Pipher, J., Silverman, J.: NTRU: A ring-based public key cryptosystem. In : Algorithmic number theory, pp. 267--288(1998).
[12] Hoffstein, J., Pipher, J., Silverman, J. H.: NSS: An NTRU lattice-based signature scheme. In : International Conference on the Theory and Applications of Cryptographic Techniques, pp. 211--228. Springer Berlin Heidelberg(2001).
[13] López-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In : Proceedings of the forty-fourth annual ACM symposium on Theory of computing, pp. 1219--1234(2012).
[14] Lei, X., Liao, X.: NTRU-KE: A Lattice-based Public Key Exchange Protocol. In : IACR Cryptology ePrint Archive, 718(2013).
[15] Jun, J. I. A. N. G., Chen, H. E.: A novel mutual authentication and key agreement protocol based on NTRU cryptography for wireless communications. In : Journal of Zhejiang University-SCIENCE A, 6(5), pp. 399—404(2005).
[16] Wang, H., Zhao, C., Xu, Q., Wang, Y.: Identity-Based Authenticate Key Exchange Protocol from Lattice. In : Computational Intelligence and Security (CIS), 2013 9th International Conference on, pp. 564--568. IEEE(2013).
[17] Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange-a new hope. In : IACR Cryptology ePrint Archive, 1092(2015).
[18] Katz, J., Vaikuntanathan, V.: Smooth projective hashing and password-based authenticated key exchange from lattices. In : International Conference on the Theory and Application of Cryptology and Information Security, pp. 636--652. Springer Berlin Heidelberg(2009).
[19] Park, S. W., Lee, I. Y.: Anonymous authentication scheme based on NTRU for the protection of payment information in NFC mobile environment. In : Journal of Information Processing Systems, 9(3), 461-476(2013).
[20] Tso, R., Jheng, Y. S.: Security analysis of a NTRU-based mutual authentication scheme. In : Network Operations and Management Symposium (APNOMS), 2016 18th Asia-Pacific, pp. 1--3. IEEE(2016).
[21] Ding, J., Xie, X., Lin, X.: A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem. In : IACR Cryptology EPrint Archive, 688(2012).
[22] Zhang, J., Zhang, Z., Ding, J., Snook, M., Dagdelen, Ö.: Authenticated key exchange from ideal lattices. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques , pp. 719--751. Springer Berlin Heidelberg(2015).
[23] Lattice, https://en.wikipedia.org/wiki/Lattice_(group).
[24] Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In : Journal of the ACM (JACM), 56(6), 34(2009).
[25] Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 1--23. Springer Berlin Heidelberg(2010).
[26] Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In : SIAM Journal on Computing, 37(1), pp. 267--302(2007).
[27] Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In : Advances in Cryptology—EUROCRYPT 2000, pp. 139--155. Springer Berlin Heidelberg(2000).
[28] Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 27--47. Springer Berlin Heidelberg(2011).
描述 碩士
國立政治大學
資訊科學學系
103753035
資料來源 http://thesis.lib.nccu.edu.tw/record/#G0103753035
資料類型 thesis
dc.contributor.advisor 左瑞麟zh_TW
dc.contributor.author (作者) 鄭逸修zh_TW
dc.creator (作者) 鄭逸修zh_TW
dc.date (日期) 2017en_US
dc.date.accessioned 11-七月-2017 11:56:08 (UTC+8)-
dc.date.available 11-七月-2017 11:56:08 (UTC+8)-
dc.date.issued (上傳時間) 11-七月-2017 11:56:08 (UTC+8)-
dc.identifier (其他 識別碼) G0103753035en_US
dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/110836-
dc.description (描述) 碩士zh_TW
dc.description (描述) 國立政治大學zh_TW
dc.description (描述) 資訊科學學系zh_TW
dc.description (描述) 103753035zh_TW
dc.description.abstract (摘要) 基於通行碼之認證金鑰交換協定(Password-based Authenticated Key Exchange)為一項使要進行交換訊息之雙方做相互驗證並產生一把共享金鑰的技術。藉由通訊雙方共享一組通行碼做為身份驗證的依據,並且在驗證結束後產生一把僅有雙方才知道的祕密通訊金鑰,往後進行傳遞機密資訊時即可透過此金鑰建立安全的通訊管道。
本篇論文提出一個在主從式架構(Client/Server model)下基於晶格(lattice)之通行碼認證金鑰交換協定,用戶端只需記錄與伺服器共享之通行碼,而伺服器端除了通行碼外擁有屬於自己的公私鑰對,雙方間透過共享之通行碼進行相互驗證,並且在兩個步驟內完成認證及金鑰交換。在安全性上基於晶格密碼系統之難問題,若未來量子電腦問世能夠抵擋其強大運算能力之攻擊,達到安全且有效率之通行碼認證金鑰協議。		zh_TW
dc.description.abstract (摘要) The password-based authenticated key exchange is a technology that allows both parties to perform mutual authentication and generate a shared session key. They through the shared password as the basis for authentication and generate a session key that is only known by both parties. At last, they can use this key to establish a secure channel to transmit secret message.
We propose a password-based authenticated key exchange from lattices for Client-Server model. The client only need to remember the password rather than the private key, and the server except keep the password and its own public/private key pair. Both parties execute the mutual authentication via the shared password and accomplish the key exchange within two steps. The security of our protocol is based on LWE problem for lattices, so it is secure even an attacker uses a quantum computer.		en_US
dc.description.tableofcontents 誌謝 I
摘要 II
Abstract III
Table of Contents IV
List of Figures VII
List of Tables VII
Chapter 1 Introduction 1
1.1 Research Background 1
1.2 Organization 7
Chapter 2 Background Knowledge 8
2.1 Lattice 8
2.2 Learning with Error 8
2.3 Ring Learning with Error 9
2.4 NTRU Cryptosystem 10
2.4.1 Initial Parameters Setting 10
2.4.2 Key Generation 11
2.4.3 Encryption 11
2.4.4 Decryption 11
Chapter 3 Related Works 12
3.1 Identity-based Password-Authenticated Key Exchange for Client/Server Model 12
3.1.1 Protocol Execution 12
3.2 Anonymous Authentication Scheme based on NTRU for the Protection of Payment Information in NFC Mobile Environment 13
3.2.1 System Parameters Setting 14
3.2.2 User Registration Phase 14
3.2.3 User Identity Proof Phase 15
3.2.4 Bank Identity Proof Phase 16
3.3 Security Analysis of a NTRU-based Mutual Authentication Scheme 18
3.4 A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem 20
3.4.1 Protocol Execution 20
3.5 Authenticated Key Exchange from Ideal Lattices 21
3.5.1 Protocol Execution 22
3.6 Key Exchange 23
3.7 Implicit Key Authentication v.s. Explicit Key Authentication 24
Chapter 4 Proposed Scheme 26
4.1 Architecture 26
4.1.1 System Parameters Setting 26
4.1.2 Protocol Execution 27
4.1.3 Password Update 28
4.2 Correctness 29
4.2.1 Signal Functions 29
4.2.2 Robust Extractors 29
Chapter 5 Security Analysis 32
5.1 Oracle Definition 32
5.2 Advantage of the Adversary 33
5.2.1 Fresh Definition 33
5.2.2 Succ Definition 33
5.3 Experiment Definition 34
5.4 NTRU 38
5.5 Comparison with Related Works 39
Chapter 6 Experimental Results 41
Chapter 7 Conclusion 46
References 47		zh_TW
dc.format.extent 1281914 bytes-
dc.format.mimetype application/pdf-
dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0103753035en_US
dc.subject (關鍵詞) 基於通行碼之認證金鑰交換協定zh_TW
dc.subject (關鍵詞) 晶格zh_TW
dc.subject (關鍵詞) 誤差學習難問題zh_TW
dc.subject (關鍵詞) 金鑰交換協定zh_TW
dc.subject (關鍵詞) 雙向驗證機制zh_TW
dc.subject (關鍵詞) 主從式架構zh_TW
dc.subject (關鍵詞) PAKEen_US
dc.subject (關鍵詞) Latticeen_US
dc.subject (關鍵詞) LWEen_US
dc.subject (關鍵詞) Key exchangeen_US
dc.subject (關鍵詞) Mutual authenticationen_US
dc.subject (關鍵詞) Client/Server modelen_US
dc.title (題名) 主從式架構下基於晶格之通行碼認證金鑰交換協定之研究zh_TW
dc.title (題名) A study of password-based authenticated key exchange from lattices for client/server modelen_US
dc.type (資料類型) thesisen_US
dc.relation.reference (參考文獻) [1] Diffie, W., Hellman, M.: New directions in cryptography. In : IEEE transactions on Information Theory, 22(6), pp. 644-654(1976).
[2] Shieh, W. G., Wang, J. M.: Efficient remote mutual authentication and key agreement. In : computers & security, 25(1), pp. 72--77 (2006).
[3] Seo, B., Lee, S. W., Kim, H.: Authenticated Key Agreement Based on NFC for Mobile Payment. In : International Journal of Computer and Communication Engineering, 5(1), 71(2016).
[4] Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In : Advances in Cryptology—EUROCRYPT 2000, pp. 139--155. Springer Berlin Heidelberg(2000).
[5] LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In : International Conference on Provable Security, pp. 1--16. Springer Berlin Heidelberg(2007).
[6] 陳柏諭, “身份認證與免憑證式金鑰交換協議之研究.” 亞洲大學資訊多媒體應用學系碩士班學位論文, 2011.
[7] Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In : International Conference on the Theory and Applications of Cryptographic Techniques, pp. 156--171. Springer Berlin Heidelberg(2000).
[8] Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In : International Conference on the Theory and Applications of Cryptographic Techniques , pp. 475--494. Springer Berlin Heidelberg(2001).
[9] Hao, F., Ryan, P.: J-PAKE: authenticated key exchange without PKI. In : Transactions on computational science XI , pp. 192--206. Springer Berlin Heidelberg(2010).
[10] Xun, Y., Tso, R., Okamoto, E.: Identity-based password-authenticated key exchange for client/server model. In: SECRYPT, pp. 45-51(2012).
[11] Hoffstein, J., Pipher, J., Silverman, J.: NTRU: A ring-based public key cryptosystem. In : Algorithmic number theory, pp. 267--288(1998).
[12] Hoffstein, J., Pipher, J., Silverman, J. H.: NSS: An NTRU lattice-based signature scheme. In : International Conference on the Theory and Applications of Cryptographic Techniques, pp. 211--228. Springer Berlin Heidelberg(2001).
[13] López-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In : Proceedings of the forty-fourth annual ACM symposium on Theory of computing, pp. 1219--1234(2012).
[14] Lei, X., Liao, X.: NTRU-KE: A Lattice-based Public Key Exchange Protocol. In : IACR Cryptology ePrint Archive, 718(2013).
[15] Jun, J. I. A. N. G., Chen, H. E.: A novel mutual authentication and key agreement protocol based on NTRU cryptography for wireless communications. In : Journal of Zhejiang University-SCIENCE A, 6(5), pp. 399—404(2005).
[16] Wang, H., Zhao, C., Xu, Q., Wang, Y.: Identity-Based Authenticate Key Exchange Protocol from Lattice. In : Computational Intelligence and Security (CIS), 2013 9th International Conference on, pp. 564--568. IEEE(2013).
[17] Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange-a new hope. In : IACR Cryptology ePrint Archive, 1092(2015).
[18] Katz, J., Vaikuntanathan, V.: Smooth projective hashing and password-based authenticated key exchange from lattices. In : International Conference on the Theory and Application of Cryptology and Information Security, pp. 636--652. Springer Berlin Heidelberg(2009).
[19] Park, S. W., Lee, I. Y.: Anonymous authentication scheme based on NTRU for the protection of payment information in NFC mobile environment. In : Journal of Information Processing Systems, 9(3), 461-476(2013).
[20] Tso, R., Jheng, Y. S.: Security analysis of a NTRU-based mutual authentication scheme. In : Network Operations and Management Symposium (APNOMS), 2016 18th Asia-Pacific, pp. 1--3. IEEE(2016).
[21] Ding, J., Xie, X., Lin, X.: A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem. In : IACR Cryptology EPrint Archive, 688(2012).
[22] Zhang, J., Zhang, Z., Ding, J., Snook, M., Dagdelen, Ö.: Authenticated key exchange from ideal lattices. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques , pp. 719--751. Springer Berlin Heidelberg(2015).
[23] Lattice, https://en.wikipedia.org/wiki/Lattice_(group).
[24] Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In : Journal of the ACM (JACM), 56(6), 34(2009).
[25] Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 1--23. Springer Berlin Heidelberg(2010).
[26] Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In : SIAM Journal on Computing, 37(1), pp. 267--302(2007).
[27] Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In : Advances in Cryptology—EUROCRYPT 2000, pp. 139--155. Springer Berlin Heidelberg(2000).
[28] Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 27--47. Springer Berlin Heidelberg(2011).		zh_TW