| As communication equipments grow popular, a lot of applications on theseequipments have become cross-disciplinary and networked. If any security defectsexist in these application protocols, many other users may be influenced by somemalicious users through the network. Hence, security plays a more and moreimportant role in network communication applications. In most conditions, the mainfunction of a secure communication protocol includes: the secret information among agroup of users are kept safe against other people out of others and how a user’sidentity is authorized. These protocols should decrease the computation,communication and storage costs under the security requirements. In some specialapplication areas, e.g. battlefield communications, secure communication protocolsalso include identity anonymity, position anonymity, and some other functions.This dissertation summarizes the network topology structures formed by thecommunication nodes. For realizing the basic security requirements under differentnetwork topology, based on public key encryption, symmetric encryption, and discretelogarithm technologies, this dissertation proposes how to construct signcryptionprotocols and authenticated key agreement protocols and how to get new protocolsthat meet more security functions from current protocols on basic theory research area.On security application research area, this dissertation proposes completelyanonymous unicast routing protocols and anonymous multicast routing protocol inhostile environment of ad hoc network, and points out how to achieve serial eventssignature under peer to peer network.We research the security of communication protocols by two methods. One methodis to find the security flaws in current protocols by detailed attacks. Then we cananalyze the reasons of the problems and find out corresponding countermeasures sothat the improved protocols can prevent the known attacks. Another method is todesign a new protocol following the security requirements, and to prove its generalsecurity with common security model. We can also analyze how the new protocolresists current attacking methods. The key of the security analysis includes followingthree points.1. Analyze the whole features, the detailed steps and the sub features of a currentprotocol.2. How these sub features assembled to achieve the whole features are. 3. Find a method to design a protocol that meets the security requirements under thetargeted network.Specifically, the contributions of my dissertation are as follows.1. In the field of signcryption, the forgery attack and public key replacement attackto a two-party protocol are proposed. Next, its security flaws are discussed and animproved suggestion is presented. Then I extend the two-party protocol to multi-partysigncryption protocol and threshold signcryption protocol under linear networkstructure and prove that both of these two protocols can resist the forgery attack andpublic key replacement attack.2. In the field of authenticated key agreement protocol, this dissertation makes adeeply research on the password based authenticated key agreements and the identitybased authenticated key agreements under many different kinds of network structure.The password based authenticated key agreement protocol appears earlier thanother kinds of key agreement protocols, its structure is easier, and its operations is less.Users only need to remember a short and low-entropy password. When a group ofusers start their conversations, the corresponding authenticated key agreementprocesses are set up to negotiate a high-entropy session key at first. Hence, thepassword based protocols need more communication times but each user needs lesscomputation costs. Password based protocols have two types, the first one is that eachuser shares a password with a trust third party, and the key agreement processes arefinished with the help of the third party. The second one is that all users share acommon password, the key agreement processes are finished without any other’s help.We present a man-in-the-middle attack, an offline dictionary attack, and an onlinedictionary attack on a first type of protocol under linear network structure, and thenanalyze why these attacks are efficient and how to improve that protocol. Next, weconstruct a four-round password based authenticated key agreement protocol withpolynomial interpolation algorithm under star network. We also propose an improvedonline dictionary attack on a second type of protocol, and then point out how toovercome this attack. Finally, a two-round multi-party authenticated key agreementprotocol is proposed based on Diffie-Hellman algorithm under ring network.The identity based authenticated key agreement protocol develops from the publickey based authenticated key agreement protocol. Since the public key should beassociated to the identity of its owner and then can be used to authentication, theusage cost of the public key based protocol is higher than the identity based protocol.The identity based authenticated key agreement protocol utilizes the user’s identity asits public key directly. The preconditions of public key protocol are simplified. As theresult, the identity based protocols need less support on infrastructure. We analyze thesecurity of a star network protocol, a tree network protocol, and a linear networkprotocol, point out their secure flaws in authentication area, and improve them separately. The improved protocols can resist forgery attack.3. In the field of anonymous routing protocol, we propose a public key basedunicast completely anonymous routing protocol, an identity based unicast completelyanonymous routing protocol, and an identity based multicast completely anonymousrouting protocol under the hostile environment of ad hoc networks. The genericanonymous routing protocols usually hide the source node and the destination nodefrom the network. The complete anonymity in this dissertation includes moreconnotations: After the protocol has been successfully executed, the source node andthe destination node do not know which intermediate nodes have transferred routingpackets for them. Each intermediate node also does not know which node is thesource, which node is the destination, and which nodes have transferred routingpackets except itself. The complete anonymity puts forward a higher standard on thestructure of the routing packet and the routing protocol than the generic anonymousrouting protocols. To achieve complete anonymity, we encrypt all the fields thatcontain meaningful information of the routing packet with different encryptionalgorithms. Both the temporary public key and the identity (or public key) are appliedto achieve above mixed encryption. Different nodes get different information from thesame packet with the same algorithm and their own secret key. As the result, theprotocols in this dissertation can resist packet analysis attack, redirection attack,forgery attack, reply attack, impersonation attack, denial of service attack, and etc. Inaddition, since each node do not master others’ identity, position, and interrelationship,in hostile environment, even some nodes defect, and other nodes are safe.The main application of serial event signature is peer-to-peer massive multiplayeronline game.4. In the field of event signature protocol, we start from a one-time signature andhash chains based protocol, present attacks on that protocol, and summarize its secureflaws. Then we introduce two improved schemes base on that protocol. One is toprevent reply attack, and another is to resist forgery attack. The problems in the twoimproved protocols are pointed out. At last, we propose a new serial event signatureprotocol under peer-to-peer network structure based on discrete logarithm. Securityanalysis and efficiency analysis show that the new protocol is secure and practical. |
PDF Full Text Request