資訊管理學報
曹偉駿;何健豪;
頁: 235-250
日期: 2005/10
摘要: 隨著電子商務發展,行動代理人被應用的層面亦越來越廣,如今,安全性議題已成為行動代理人技術中重要的一環。本文以基於所提出之整合式公開金鑰密碼系統,設計出以代理簽章機制為基礎之代理鑑別加密機制來使行動代理人能抵抗惡意代理人主機的攻擊。其中,本文所提出之公開金鑰密碼系統係植基於對偶函數密碼系統,並能兼具身分為基礎之公鑰系統與自我認證公鑰系統之優點以滿足較佳之安全性及效率,而本論文所發展之代理人簽章機制能夠保護使用者的私鑰和提供代理人對合約簽章的完整性。此外,基於本文所提出之密碼系統,我們使用代理人簽章機制進一步設計出代理人鑑別加密機制,使得合約的簽章將滿足使用者的要求,並能使伺服器達到不可否認性;再者,所簽署的訊息亦能保證其機密性。因此就保護行動代理人的安全性而言,本論文所提出之機制能滿足機密性,完整性,驗證性,和不可否認性的安全需求。另根據效率評估結果顯示,植基於本文之公開金鑰密碼系統所設計的各項安全機制亦較其他機制有效率,故本機制是非常適用於保護行動代理人。
關鍵字: 基於對偶函數之密碼系統;代理簽章機制;代理鑑別加密機制;自我認證公開金鑰密碼系統;行動代理人;
Abstract: Nowadays, security is one of key issues for mobile agent technology while mobile agents are applied to the development of e-commerce. By using the proposed integrated public key cryptosystem, this paper presents a proxy authenticated encryption scheme based on a proxy signature scheme for protecting mobile agents against malicious attacks by hosts. The proposed cryptosystem is constructed using the pairing-based cryptosystems, and it also integrates the identity-based public key cryptosystems with the self-certified public key cryptosystems to provide higher security strength and meanwhile maintain a satisfactory performance. Based on the proposed cryptosystem, we first design a proxy signature scheme to protect a user's private key and keep the integrity of the contract which an agent signs. In addition, we further develop a proxy authenticated encryption scheme using the proposed proxy signature scheme such that the signatures of the contracts can not only satisfy users' constraints, but also achieve servers' non-repudiation. Furthermore, the confidentiality of the signed message is also guaranteed in the proposed scheme. Hence, the proposed schemes are able to fulfill the security requirements of confidentiality, integrity, authenticity, and non-repudiation to accomplish mobile agent security. Besides, the performance evaluation results also show the developed schemes are more efficient than other previously proposed schemes. In such a way, we affirm that the proposed schemes are very feasible for mobile agent protection.
Keywords: Pairing-based Cryptosystem;Proxy Signature Scheme;Proxy Authenticated Encryption Scheme;Self-certified Public Key Cryptosystem;Mobile Agent;
瀏覽次數: 9574 下載次數: 86
引用 導入Endnote
頁: 235-250
日期: 2005/10
摘要: 隨著電子商務發展,行動代理人被應用的層面亦越來越廣,如今,安全性議題已成為行動代理人技術中重要的一環。本文以基於所提出之整合式公開金鑰密碼系統,設計出以代理簽章機制為基礎之代理鑑別加密機制來使行動代理人能抵抗惡意代理人主機的攻擊。其中,本文所提出之公開金鑰密碼系統係植基於對偶函數密碼系統,並能兼具身分為基礎之公鑰系統與自我認證公鑰系統之優點以滿足較佳之安全性及效率,而本論文所發展之代理人簽章機制能夠保護使用者的私鑰和提供代理人對合約簽章的完整性。此外,基於本文所提出之密碼系統,我們使用代理人簽章機制進一步設計出代理人鑑別加密機制,使得合約的簽章將滿足使用者的要求,並能使伺服器達到不可否認性;再者,所簽署的訊息亦能保證其機密性。因此就保護行動代理人的安全性而言,本論文所提出之機制能滿足機密性,完整性,驗證性,和不可否認性的安全需求。另根據效率評估結果顯示,植基於本文之公開金鑰密碼系統所設計的各項安全機制亦較其他機制有效率,故本機制是非常適用於保護行動代理人。
關鍵字: 基於對偶函數之密碼系統;代理簽章機制;代理鑑別加密機制;自我認證公開金鑰密碼系統;行動代理人;
基於對偶函數之用以保護行動代理人的鑑別加密機制
Abstract: Nowadays, security is one of key issues for mobile agent technology while mobile agents are applied to the development of e-commerce. By using the proposed integrated public key cryptosystem, this paper presents a proxy authenticated encryption scheme based on a proxy signature scheme for protecting mobile agents against malicious attacks by hosts. The proposed cryptosystem is constructed using the pairing-based cryptosystems, and it also integrates the identity-based public key cryptosystems with the self-certified public key cryptosystems to provide higher security strength and meanwhile maintain a satisfactory performance. Based on the proposed cryptosystem, we first design a proxy signature scheme to protect a user's private key and keep the integrity of the contract which an agent signs. In addition, we further develop a proxy authenticated encryption scheme using the proposed proxy signature scheme such that the signatures of the contracts can not only satisfy users' constraints, but also achieve servers' non-repudiation. Furthermore, the confidentiality of the signed message is also guaranteed in the proposed scheme. Hence, the proposed schemes are able to fulfill the security requirements of confidentiality, integrity, authenticity, and non-repudiation to accomplish mobile agent security. Besides, the performance evaluation results also show the developed schemes are more efficient than other previously proposed schemes. In such a way, we affirm that the proposed schemes are very feasible for mobile agent protection.
Keywords: Pairing-based Cryptosystem;Proxy Signature Scheme;Proxy Authenticated Encryption Scheme;Self-certified Public Key Cryptosystem;Mobile Agent;
瀏覽次數: 9574 下載次數: 86
引用 導入Endnote