Font Size: a A A

Research On Authenticated Key Exchange Protocols And Their Applications In Wireless Mobile Network

Posted on:2013-08-21Degree:DoctorType:Dissertation
Country:ChinaCandidate:Y J FanFull Text:PDF
GTID:1228330374999513Subject:Cryptography
Abstract/Summary:
Nowadays, with the rapid development of the computer networks and the related technologies, the levels of digitization and network of our society have been improved significantly. Smart mobile devices used in wireless mobile networks (WMNs) are gradually subverting the traditional mode of network access. Various types of WMNs are widely distributed and carrying a large quantity of network services. There are various security threats and many special security requirements in the application scenario of WMNs.Authenticated key agreement (AKE) is an important research object of modern cryptography for providing entity authentication and establishing secure communications over insecure networks. This paper focuses on how to use AKE to meet the security requirements of WMNs. We analyzed these security requirements and proposed several AKE protocols for WMNs. And we strictly discussed their securities by the technologies of cryptographic analysis and the theory of provable security.The major contributions of the dissertation are as follows:1. Proposed a novel smart card-based AKE protocol for WMNs which is combined with CAPTCHAs to effectively prevent legitimate users’abuse. Compared with the other related protocols, the protocol provides perfect forward secrecy and resists several kinds of attacks. It also protects the CAPTCHAs’instances from being gained freely.2. Proposed a novel password-based AKE protocol for mobile-commerce environments to solve the problem that CAPTCHAs are vulnerable to analytical attacks. The protocol elaborately combines the CAPTCHA challenge/response progress with the AKE interaction. It introduces symmetric encryption scheme to make CAPTCHAs secure without additional communication rounds. And it is based on smart-cards to obtain stronger security and adopts elliptic curve cryptosystem which is suitable for the environments. It is provably secure in random oracle model.3. Pointed out that many existing smart card-based AKE protocols are not able to resist the key compromise impersonation (KCI) attack and that KCI-resilience is the necessary security property for AKE protocols. We gave out the methods of KCI attack on the five representative smart card-based AKE protocols with different characteristics.4. Proposed a smart card-based AKE protocol with KCI-resilience. It can resist the dictionary attack and provide perfect forward security. In particular, the protocol is able to resist the KCI attack in the two cases of the user’s secret disclosure and the server’s information leakage.5. Proposed a two-phase software protection scheme for Android Operating System (OS). The scheme prevents adversaries from obtaining the plaintext of the executable files’byte-code in each of the exposure cases. It is more suitable for Android than the other schemes proposed in recent years which were directly derived from the traditional technologies of Java software protection.6. Analyzed the ideal role of the mobile application markets and proposed a smart card-based secure software distribution scheme for mobile application market. The scheme provides perfect forward secrecy for the distributed applications, resists several kinds of dictionary attacks on customers’password and protects the installed applications by a practical secure method based on smart card.
Keywords/Search Tags:authentication, key agreement, smart card, completelyautomatic public Turing test to tell computer and human apart, random oraclemodel, wireless mobile network, software protection, mobile applicationmarket, key compromise impersonation attack
Related items