| dc.contributor.advisor | 趙玉 | zh_TW |
| dc.contributor.author (Authors) | 李滎澤 | zh_TW |
| dc.contributor.author (Authors) | Ying-tse Lee | en_US |
| dc.creator (作者) | 李滎澤 | zh_TW |
| dc.creator (作者) | Ying-tse Lee | en_US |
| dc.date (日期) | 2002 | en_US |
| dc.date.accessioned | 8-Dec-2010 01:54:39 (UTC+8) | - |
| dc.date.available | 8-Dec-2010 01:54:39 (UTC+8) | - |
| dc.date.issued (上傳時間) | 8-Dec-2010 01:54:39 (UTC+8) | - |
| dc.identifier (Other Identifiers) | A2010000115 | en_US |
| dc.identifier.uri (URI) | http://nccur.lib.nccu.edu.tw/handle/140.119/48978 | - |
| dc.description (描述) | 碩士 | zh_TW |
| dc.description (描述) | 國立政治大學 | zh_TW |
| dc.description (描述) | 資訊管理研究所 | zh_TW |
| dc.description (描述) | 89356016 | zh_TW |
| dc.description (描述) | 91 | zh_TW |
| dc.description.abstract (摘要) | The Synchronize Choice Petri net, a subclass of Petri nets that is constructed based on special structural objects, can improve analytical power to make solving the behavioral problems of Petri nets practically possible. The fact that proving liveness and verifying reachability of a Synchronize Choice Petri net are feasible may lead to several applications. This thesis contributes to one of the applications: building a dynamic key exchange mechanism embedded in Virtual Private Network products by applying Synchronize Choice Petri nets. Based on modern symmetric-key algorithms, such as DES, the dynamic key exchange mechanism enables two communicating sides to use the changing keys to encrypt or decrypt messages correctly without requiring any key transmission during the communication session after the initiation. A proper use of the mechanism is to be integrated with Virtual Private Network products to make the information transmitting between two peers more confidential. | en_US |
| dc.description.tableofcontents | Abstract-----i Acknowledgements-----ii Contents-----iii List of Figures-----v List of Tables-----vi 1 Introduction-----1 1.1 The Use of Virtual Private Networks-----1 1.2 Drawbacks of the Modern VPN Security Mechanism-----2 1.3 A Brief Introduction to Synchronized Choice Petri Nets-----7 1.4 Applying Synchronized Choice Petri Nets as a Security Algorithm to VPN-----9 1.5 Research Method and Framework-----10 2 Literature Review-----13 2.1 Security Algorithms in Virtual Private Network-----13 2.1.1 Symmetric-key Algorithms-----13 2.1.2 Asymmetric-key Algorithms-----21 2.1.3 IPsec-----26 2.2 Synchronized Choice Petri Net-----33 2.2.1 Preliminaries-----33 2.2.2 Analysis Techniques-----37 2.2.3 Subclasses of Petri nets-----40 2.2.4 Additional Structural Properties of Petri Nets-----41 2.2.5 Liveness for Synchronized Choice Petri Nets-----43 2.2.6 Formal Proof of Liveness Conditions-----46 2.2.7 The Algorithm for Verification of SNC and Liveness-----48 3 System Analysis and Design-----50 3.1 System Overview-----50 3.2 System Module Analysis-----51 3.3 System Module Design-----53 4 Prototype System Implementation-----57 4.1 Development Platform-----57 4.2 Development Tools57 4.2.1 Access Database System-----57 4.2.2 Borland C++ Builder Component-----58 4.3 The Core of SNC Security-----59 4.3.1 Data Representation of SNC net-----60 4.3.2 Generating a New Marking-----61 4.3.3 Checking Firability-----62 4.3.4 Generating a Firing Sequence-----63 4.3.5 Using a Marking as an Encryption Key-----64 5 Conclusions and Suggestions-----66 5.1 Conclusions-----66 5.2 Suggestions-----66 5.3 Research Limitations-----67 Bibliography-----68 List of Figures Figure 1.1 The concept of VPN-----1 Figure 1.2 The use of Petri nets for the modeling and analysis of systems-----7 Figure 1.3 The mutual exclusion problem modeled by Petri nets-----8 Figure 1.4 The research framework-----12 Figure 2.1 The symmetric-key encryption model-----14 Figure 2.2 The simplified depletion of DES-----16 Figure 2.3 The asymmetric-key encryption model-----22 Figure 2.4 An example of elliptic curves-----25 Figure 2.5 Classes of elliptic curves used by cryptographers-----25 Figure 2.6 Host-to-host and gateway-to-gateway secure communication-----27 Figure 2.7 Transport and tunnel modes of IPsec-----28 Figure 2.8 (a) AH transport mode (b) AH tunnel mode (c) ESP transport mode (d) ESP tunnel mode-----31 Figure 2.9 (a) an example of a Petri net (b) the reachability tree of (a)-----38 Figure 2.10 (a) an example of a Petri net (b) the incidence matrix of (a)-----39 Figure 2.11 The bridge B and the subhandle Hs-----45 Figure 3.1 The architecture of the prototype system-----50 Figure 3.2 The idea of dynamic identity generation-----51 Figure 3.3 The idea of dynamic encryption key generation-----51 Figure 3.4 The design of user authentication module-----51 Figure 3.5 The design of data encryption module-----53 Figure 3.6 The design of the SNC crypto engine-----55 Figure 4.1 A simplified database system environment-----56 Figure 4.2 The concept of SNC security-----58 Figure 4.3 The transpose of incidence matrix A in figure 2.10 (b)-----60 Figure 4.4 The code snippet of transferring the incidence matrix into the transpose of incidence matrix-----60 Figure 4.5 (a) a Petri net in figure 2.10 with a marking state (b) the marking vector of (a) (c) the firing transition vector of (a)-----61 Figure 4.6 The code snippet of generation of a new marking-----62 Figure 4.7 The code snippet of checking firability-----63 Figure 4.8 The code snippet of generation of a firing sequence-----64 Figure 4.9 Using a marking as an encryption key-----65 List of Tables Table 1.1 Drawbacks of security algorithms or of security concepts-----6 Table 2.1 Other DES replacements-----21 | zh_TW |
| dc.language.iso | en_US | - |
| dc.source.uri (資料來源) | http://thesis.lib.nccu.edu.tw/record/#A2010000115 | en_US |
| dc.subject (關鍵詞) | Synchronized Choice Petri Nets | en_US |
| dc.subject (關鍵詞) | Dynamic Key Exchange | en_US |
| dc.subject (關鍵詞) | One Time Pads | en_US |
| dc.subject (關鍵詞) | Virtual Private Networks | en_US |
| dc.title (題名) | 同步選擇派翠網路在虛擬私人網路上的應用 | zh_TW |
| dc.title (題名) | Application of Synchronized Choice Petri Nets to Virtual Private Networks | en_US |
| dc.type (資料類型) | thesis | en |
| dc.relation.reference (參考文獻) | [Brown 1999] Steven Brown, Implementing Virtual Private Networks, McGraw-Hill, 1999. | zh_TW |
| dc.relation.reference (參考文獻) | [Burnett 2000] Steve Burnett, Crypto Blunders, RSA Security, Inc., 2000. | zh_TW |
| dc.relation.reference (參考文獻) | [Burnett and Paine 2001] Steve Burnett and Stephen Paine, RSA Security’s Official Guide to Cryptography, McGraw-Hill, 2001. | zh_TW |
| dc.relation.reference (參考文獻) | [Chao and Nicdao 2001] Daniel Y. Chao and Jose A. Nicdao, Liveness for Synchronized Choice Petri Nets, The Computer Journal, Vol. 44, No. 2, 2001, pp124 — 136. | zh_TW |
| dc.relation.reference (參考文獻) | [Desel and Reisig 1998] Jörg Desel and Wolfgang Reisig, Place/Transition Petri Nets, Lectures on Petri Nets I: Basic Models — Advances in Petri nets, Lecture Notes in Computer Science, Vol. 1491, 1998, pp122 — 173. | zh_TW |
| dc.relation.reference (參考文獻) | [Ellison and Schneier 2000] Carl Ellison and Bruce Schneier, Ten Risks of PKI: What You’re not Being Told about Public Key Infrastructure, Computer Security Journal, Vol. 16, No. 1, 2000. | zh_TW |
| dc.relation.reference (參考文獻) | [Elmasri and Navathe 2000] Ramez Elmasri and Shamkant B. Navathe, Fundamentals of Database Systems, third edition, Addison-Wesley, 2000. | zh_TW |
| dc.relation.reference (參考文獻) | [Ferguson and Schneier 2002] Niels Ferguson and Bruce Schneier, A Cryptographic Evaluation of IPsec, Counterpane Internet Security, Inc., http://www.counterpane.com, 2002. | zh_TW |
| dc.relation.reference (參考文獻) | [Lipton 1976] Lipton, R.J., The Reachability Problem Requires Exponential Space, New Haven, CT, Yale University, Dept. of Computer Science, Res. Rep. 62, 1976. | zh_TW |
| dc.relation.reference (參考文獻) | [Nicdao 2000] Jose A. Nicdao, Fundamental Structures in Petri Nets, Master Thesis, National Cheng Chi University, Taipei, Taiwan, 2000. | zh_TW |
| dc.relation.reference (參考文獻) | [Peterson 1981] James L. Peterson, Petri Net Theory and the Modeling of Systems, Prentice-Hall, 1981. | zh_TW |
| dc.relation.reference (參考文獻) | [Rozenberg and Engelfriet 1998] Grzegorz Rozenberg and Joost Engelfriet, Elementary Net Systems, Lectures on Petri Nets I: Basic Models — Advances in Petri nets, Lecture Notes in Computer Science, Vol. 1491, 1998, pp12 — 121. | zh_TW |
| dc.relation.reference (參考文獻) | [Schneier 1998] Bruce Schneier, Security Pitfalls in Cryptography, Counterpane Systems, 1998. | zh_TW |
| dc.relation.reference (參考文獻) | [Stallings 1999] William Stallings, Cryptography and Network Security — Principles and Practice, second edition, Prentice-Hall, 1999. | zh_TW |
| dc.relation.reference (參考文獻) | [Tanenbaum 1996] Andrew S. Tanenbaum, Computer Networks, third edition, Prentice-Hall, 1996. | zh_TW |
| dc.relation.reference (參考文獻) | [Yuan and Strayer 2001] Ruixi Yuan and W. Timothy Strayer, Virtual Private Networks — Technologies and Solutions, Addison-Wesley, 2001. | zh_TW |
| dc.relation.reference (參考文獻) | [Wiener 1990] Wiener M., Cryptanalysis of Short RSA Secret Exponents, IEEE Transactions on Information Theory, vol. IT-36, 1990. | zh_TW |
