雷欽隆臺灣大學:電機工程學研究所施翔騰Shih, Hsiang-TengHsiang-TengShih2010-07-012018-07-062010-07-012018-07-062009U0001-2707200916214500http://ntur.lib.ntu.edu.tw//handle/246246/188080無線網路相較於傳統有線網路具備了架設容易、高度可擴充性、使用便利性等特質，在使用者市場的高度需求下，近年來各類無線網路技術快速發展，如：GPRS (General Packet Radio Service)、3G network、Bluetooth、IEEE 802.11…等，然而每一種無線網路技術皆有其優缺點及適用的情境 － GPRS及3G network的訊號覆蓋率較廣，但其傳輸速度較低 (384 Kbps)；反之，雖然IEEE 802.11的訊號覆蓋率較小，卻提供了較高的傳輸速度 (54 Mbps)。因此，有效整合各類無線網路技術，在不同的情境下提供最適合使用者需求的網路服務，將是無線網路持續發展的一個重要趨勢 [4][5]。論文中，以3GPP (3rd Generation Partnership Project)所規範的異質網路整合架構及情境為基礎 [1]，透過「公開金鑰密碼系統」 [14][15]、「單向雜湊鏈」 [11][12]及「代理簽章」 [13]等技術，提出一套在整合3G及IEEE 802.11的異質網路環境下的認證機制。該機制除可達到原有EAP-AKA所提供的認證服務，並進一步改善序號 (SQN, Sequence Number)重新同步及認證向量 (Authentication Vector)可能被破解的問題。此外，透過單向雜湊鏈的特性，提升當移動終端機 (Mobile Station)與HSS / HLR兩者間距離很遠時的認證效率。較於其他認證機制，本機制加強了使用者身分隱私性 (identity privacy)及完整雙方認證 (complete mutual authentication)等能力，並簡化目前的訊息交換量。比起以「公開金鑰密碼系統」[14][15]為基礎的認證機制，移動終端機的運算負載及相對的金鑰管理複雜度也較低。不可否認性 (Non-repudiation)也涵蓋在本機制之中，用以提供未來公平帳務機制的建立。外，針對惡意網路使用者的各類攻擊，本機制也具備良好的防禦功能，以減少資訊外洩的可能性。In comparison with traditional wired network, it has characteristics such as easy deployment, high scalability, and ease of use, etc, in wireless network. Under high demand of end-user, a variety of wireless technologies, e.g. GPRS (General Packet Radio Service), 3G network, Bluetooth, IEEE 802.11, etc, develop rapidly in recent years. Nevertheless, each wireless technology has its pros & cons and suitable situation. For example, GPRS and 3G network have a large coverage but they only provide services with transmission rate from 144Kbps to 2Mbps. On the contrary, IEEE 802.11 provides higher transmission rate though it has limited (only hot spot) coverage. As a result, it’s an important trend to integrate various wireless technologies to provide end users best network selection based on his / her service needs [4][5].n this thesis, under the definition of 3GPP (3rd Generation Partnership Project) [1], we propose an authentication protocol in heterogeneous (3G-WLAN) networks using techniques like public-key cryptosystems [14][15], one-way hash chain [11][12], and proxy-signature [13]. It not only provides authentication services as EAP-AKA but also improves the issues of SQN resynchronization and possible Authentication Vector compromise. Also, the characteristic of one-way hash chain value is utilized to provide fast re-authentication to enhance the authentication efficiency of EAP-AKA while the MS is far away from HLR / HSS.n comparison with other proposed authentication protocols, we have enhanced the capabilities such as identity (IMSI) privacy, complete mutual authentication, and decreased the amount of exchange messages during authentication. The computational load of MS and the complexity of key management are much lower while compared with Public-key based authentication protocols. The non-repudiation property is included to provide fair billing mechanism in the future. Besides, our proposed protocol has stronger capabilities to withstand various attack patterns to decrease the possibility of information disclosure.口試委員會審定書 Icknowledgement II要 IIIbstract IVable of Contents VIist of Tables VIIIist of Figures IXhapter 1. Introduction 1.1 Background 1.2 Objective 2.3 Thesis Outline 3hapter 2. Preliminary 5.1 Interworking Scenario & Architecture 5.1.1 Interworking Scenario 5.1.2 Interworking Architecture 8.2 Authentication and Key Agreement 11.2.1 802.1x 11.2.2 GSM-AKA 13.2.3 UMTS-AKA 15.2.4 EAP-SIM 17.2.5 EAP-AKA 20.3 Related Work 22.3.1 Password Based Protocol 22.3.2 Public Key Based Protocol 24.3.3 Hash Chain Based Protocol 26hapter 3. Solution 31.1 Technique 31.1.1 Public-Key Cryptosystems 31.1.2 Hash Chain 33.1.3 Proxy Signature 34.2 Notation 35.3 Proposed Protocol 36.3.1 Full Authentication 39.3.2 Fast Re-Authentication 43.3.3 Roaming Scenario 1 46.3.4 Roaming Scenario 2 50hapter 4. Analysis and Comparison 55.1 Security Analysis 55.1.1 Passive Attack (Information Disclosure) 56.1.2 Replay Attack 60.1.3 Guessing and Dictionary Attack 62.1.4 Impersonation Attack 64.1.5 Man-In-the-Middle (MITM) Attack 66.1.6 WEP Weakness 67.2 Performance Comparison 69.2.1 Computational Load (MS) 69.2.2 Communicational Load 70hapter 5. Conclusion and Future Work 71.1 Conclusion 71.2 Future Work 72eference 73689588 bytesapplication/pdfen-US無線網路異質網路代理簽章單向雜湊鏈公開金鑰密碼系統認證機制Wireless NetworkHeterogeneous NetworkProxy SignatureOne-way Hash ChainPublic-key CryptosystemAuthentication Protocolthesishttp://ntur.lib.ntu.edu.tw/bitstream/246246/188080/1/ntu-98-R92921034-1.pdf