賴飛羆臺灣大學：資訊工程學研究所林信宏Lin, Sin-HongSin-HongLin2007-11-262018-07-052007-11-262018-07-052006http://ntur.lib.ntu.edu.tw//handle/246246/53892有別於一般的網際網路，無線隨意網路是一種缺少公共基礎建設可供安全認證的網路，並且它有動態拓樸位置以及需在有限的能源下運作等特性；因此，一般傳統的安全認證機制方法例如公共鑰匙基礎結構不能很順利的應用在無線隨意網路上。根據這個議題，我們提出了建立相互合作之信任群體方式改進公開金鑰在安全認證上的問題，為了避免在形成群體時可能造成太大的網路負擔，因此我們考慮以半徑為兩個節點的星狀拓樸產生相互合作之信任群體，此群體中的每位成員須做到保證彼此是高度互相信任的狀態，並且每位成員都將得到共享的群鑰配對用以簽發憑證。換句話說，藉由使用共享群鑰簽發憑證將可使得每位群體成員成為此群體的代理人，我們深信此觀念可用以改進一般只有點對點之間的無效率認證。An ad hoc network is an “infrastructure-less” network which is much different from Internet networks. The main differences are the lacking of fixed infrastructures, the dynamic topology, and the limited transmission range of mobile hosts. Therefore, it is difficult for us to apply the traditional security solution, such as PKI, from the wired network to the mobile environment. According to the issue, we propose an approach to form cooperative trust groups to solve the authentications among mobile hosts in the ad hoc network. The procedure of forming groups should avoid causing too much overhead, so only a simple star topology with radius at most 2 is taken into consideration to deploy the cooperative trust groups. Each member in the same cooperative group has high trust for its group members and all of them simultaneously own a shared group key used for the authentication of digital signature. In other words, a group member may act as a substitute of one another by issuing the certificate signed with the shared group key. We are convinced that the concept can redeem the inefficient authentication only used with the personal public key.Chapter 1 Introduction 1 1.1 Ad Hoc Network 1 1.2 Motivation and Objective 3 1.3 Thesis Organization 6 Chapter 2 Related Works 7 2.1 Threshold Cryptography 8 2.2 Certificate Chains 9 2.3 Promoting Cooperative Groups 11 Chapter 3 Cooperative Trust Groups 14 3.1 Certificate Graphs 14 3.1.1 Certificate Issuing 15 3.1.2 Certificate Revocation 16 3.2 Trust Models 17 3.3 High-Trust Groups 19 3.3.1 Search Group Members 20 3.3.2 Issue High Trust Certificates for Group Members 24 3.3.3 Set Trust for Group Key 29 Chapter 4 Authentication 30 4.1 Construct Certificate Repositories 30 4.1.1 Certificate Issued Between Distinct Group Members 31 4.1.2 Selecting Certificate Policies (SCP) 33 4.2 Two Main Authentication Ways 35 4.2.1 Direct Authentication 35 4.2.2 Indirect Authentication 36 Chapter 5 Simulation 39 5.1 Simulation Scenarios 39 5.2 Performance of Forming Cooperative Trust Groups 40 5.3 Performance of Authentication 46 Chapter 6 Conclusion and Future Works 53 Reference 551752854 bytesapplication/pdfen-US公共鑰匙基礎結構相互合作之信任群體安全認證點對點機制星狀拓樸群鑰配對個人鑰匙配對數位簽章PKIcooperative trust groupsecurity authenticationpeer-to-peerstar topologygroup key pairpersonal key pairdigital signaturethesishttp://ntur.lib.ntu.edu.tw/bitstream/246246/53892/1/ntu-95-R93922134-1.pdf