An efficient and User-Friendly Remote Password Authentication Scheme for Multi-Server Architecture

Abstract

由於分散式網路日益發達，網路技術日趨成熟，寬頻網路速度更加快速，越來越多伺服器願意提供透過網路來服務使用者的方法。甚至會有多個伺服器組成群體同時提供服務給使用者。因此多重伺服器架構之通行碼身份認證技術在現今也成為重要的研究方向。雖然在2001年以後已有學者把通行碼認證方法的研究方向從單一伺服器延伸到多重伺服器的架構上。然而他們所提出之方法有些需要花費大量的計算時間，有些需在智慧卡中存入大量的資料，且都沒有提供安全的變更密碼功能。所以我們提出了一個新穎且有效率的多伺服器架構之通行碼認證系統。相較之下，我們不僅利用單向赫序函數以及訊息認證碼來加快運算速度，我們亦提供金鑰協定、相互認證以及安全變更密碼的功能，同時也能滿足一般通行碼認證系統中所需之安全性與便利性。Password authentication is used to validate the legal user to access the server and receive the server's service. In addition, key agreement protocol is developed to provide the secure service communication between the communication parties. However, since the networks and information technology has grown quickly, most of services over networks are developed into a multi-server architecture. The traditional single-server password authentication schemes are no longer suitable for remote user authentication. Although some multi-server password authentication schemes had been proposed in past, but they need much computation cost and don't provide security change password stage. In this thesis, we combine user password authentication with key agreement protocol to propose a new efficient solution for a multi-server environment. In the scheme, user only needs to register to the Register Center once and subsequently can retrieve services provided by different servers. Moreover, users can freely choose their own passwords. Furthermore, we also provide the change password stage such that user can use new password to login all servers. In addition, the proposed scheme adopts hash function and exclusive-or operation rather than cryptographic encryption, therefore its computation cost is very low.第一章 緒論 ……………………………………………………………………. 01 1.1 簡介 ……………………………………………………........................ 1.2 研究動機 ……………………………………………………………… 1.3 研究成果與貢獻 ……………………………………………………… 1.4 論文架構 ……………………………………………………………… 01 03 05 06 第二章 基礎知識 ………………………………………………………………. 07 2.1 單向赫序函數 ……..………………………………………………….. 2.2 MAC訊息鑑別碼 …………………….………………………………. 2.3 智慧卡 …………………………………………………...……………. 08 10 12 第三章 相關研究 ………………………………………………………………. 17 3.1 Juang’s scheme …………………………………………………...……. 3.2 Tsaur et al. scheme ..…………………………………………………… 3.3 廖與吳’s scheme ………………………………………………………. 18 21 26 第四章 植基於多重伺服器架構之有效率通行碼確認機制 ………………… 36 4.1 提出的方法 …………………………………………………………… 4.2 安全分析 ……………………………………………………………… 4.3 特殊功能說明 ………………………………………………………… 4.4 效能分析 ……………………………………………………………… 31 37 39 41 第五章 討論與比較 ……………………………………………………………. 42 5.1 功能比較 ……………………………………………………………… 5.2 效能比較 ……………………………………………………………… 43 46 第六章 結論與未來展望 ………………………………………………………. 49 參考文獻 ……………...…………………..…………………………………….. 5