進階搜尋


   電子論文尚未授權公開,紙本請查館藏目錄
(※如查詢不到或館藏狀況顯示「閉架不公開」,表示該本論文不在書庫,無法取用。)
系統識別號 U0026-2108202016025400
論文名稱(中文) 在物聯網環境下基於物理不可複製函數的輕量化可撤銷匿名認證
論文名稱(英文) Lightweight Revocable Anonymous PUF-based Authentication in IoT environment
校院名稱 成功大學
系所名稱(中) 資訊工程學系
系所名稱(英) Institute of Computer Science and Information Engineering
學年度 108
學期 2
出版年 109
研究生(中文) 高至柔
研究生(英文) Chih-Jou Kao
學號 P76071129
學位類別 碩士
語文別 英文
論文頁數 50頁
口試委員 指導教授-黃宗立
口試委員-蔡家緯
口試委員-李南逸
口試委員-王智弘
中文關鍵字 物理不可複製函數  匿名認證  可撤銷匿名  物聯網 
英文關鍵字 PUF  Anonymous Authentication  Revocable Anonymity  IoT 
學科別分類
中文摘要 物聯網連結了各種不同可以能夠透過網路連線的裝置,在低運算能力消耗及有限的記憶體空間下,物聯網裝置提供使用者大量的資訊和服務。但急速增長的物聯網裝置在安全及隱私的需求上可能會對使用者造成潛在的危害。因此,開始有許多輕量化的使用者認證研究兩大隱私需求:使用者匿名及訊息的保密性,提供了保護。然而在現行大部分的文獻中,這兩大需求幾乎都是透過一個可信任的第三方(TTP)來提供保證,一旦第三方的保護被破壞,使用者的身分及訊息內容都會被攻擊者知道。另外,雖然有些研究能夠透過分散使用者資訊到不同的實體來提供更好的匿名性保護,但系統需要相當高的成本,對於資源有限的物聯網裝置並不友善。我們提出的方法中,只需要透過一個半可信的第三方(STTP)便能讓身份的匿名保護成為一項獨立的服務。我們設計了一個輕量化可撤銷的匿名認證協定。在我們設計的協定中,只需要使用到負擔極低的輕量化加密方式,如物理不可複製函數(PUF)、雜湊函數和異或運算。並且我們的設計會分散第三方能力,來提供更好的安全性及隱私保證。
英文摘要 The Internet of Things (IoT) represents all physical devices that can be connected to the Internet. With low computational power and limited memory space, billions of IoT devices provide great amount of information and services. However, the dramatically increasing number of the IoT devices cause various security and privacy concerns to the users. Hence, several lightweight user authentication schemes have been proposed recently to achieve two imperative privacy features, user anonymity and message confidentiality. Unfortunately, most of these proposals employ only on trusted third party (TTP) to maintain both features, which let the adversary obtain private information of both identity and content for all users by breaking into the TTP. Although other proposals distribute of user identities into several parties to support anonymity, the following massive cost makes them not attractive to be implemented in IoT environment. Here, we propose that identity protection can be an independent service provided with only a semi-trusted TP (STTP) in IoT environment. This paper proposes a lightweight revocable anonymous authentication scheme using only lightweight cryptographic primitives such as Physically Unclonable Function (PUF), one-way hash function, exclusive-or operations. Through decentralized trust, the proposed scheme fulfills stronger security and privacy guarantee compared to the previous works.
論文目次 中文摘要 i
Abstract ii
致謝 iii
Content iv
List of Tables vi
List of Figures vii
Chapter 1 Introduction 1
1.1 Overview 1
1.2 Motivation and Contribution 2
1.3 Thesis Structure 5
Chapter 2 Preliminaries 6
2.1 Physical Unclonable Function (PUF) 6
Chapter 3 System Model and Assumptions 7
3.1 System Model 7
3.2 Assumptions 8
3.3 Security Requirement 9
3.4 Attack Model 9
Chapter 4 Proposed Scheme 10
4.1 Protocol Overview 10
4.2 Proposed protocol 11
5.1 Mutual Authentication 20
5.2 Informal Analysis 37
5.2.1 User Anonymity and Untraceablility 37
5.2.2 Forward and backward secrecy 38
5.2.3 Resistance to IoT device compromise 39
5.2.4 Resistance to anonymity server compromise 39
5.2.5 Protection against Replay Attacks 39
Chapter 6 Performance and Security Comparison. 40
Chapter 7 Conclusion. 43
Reference 44
Appendix 47

參考文獻 [1] Y. Lindell, "Anonymous authentication," Journal of Privacy and Confidentiality, 2(2):4, 2007..
[2] D. Goldschlag, M.Reed and P. Syverson, "Onion Routing for Anonymous and Private Internet Connections," Communications of the ACM, 1999, pp. 39-41
[3] P. Syverson G.Tsudik, M.Reed and C. Landwehr, "Towards an Analysis of Onion Routing Security, " Workshop on Design Issues in Anonymity and Unobservability, 2000
[4] M.K. Reiter and A.D. Rubin, "Crowds: Anonymity for Web Transactions, " ACM Transactions on Information and System Security, 1998, PP66-92.
[5] P. Venkitasubramaniam and A. Mishra, "Anonymity of memory limited Chaum mixes under timing analysis: An information theoretic perspective", IEEE Trans. Inf. Theory, vol. 61, no. 2, pp. 996-1009, Feb. 2015.
[6] R.L. Rivest, A. Shamir and Y. Tauman, "How to Leak a Secret, "ASIACRYPT 2001, Springer-Verlag(LNCS 2248), 2001, pp. 552-565.
[7] David Chaum and Eug`ene Van Heyst, "Group signatures," In D.W. Davies, editor, Advances in Cryptology — Eurocrypt ’91, pages 257–265, Berlin, 1991. SpringerVerlag. Lecture Notes in Computer Science No. 547
[8] U. Chatterjee, R. S. Chakraborty, and D. Mukhopadhyay, “A PUF-based secure communication protocol for IoT,” ACM Trans. Embedded Comput. Syst., vol. 16, no. 3, p. 67, 2017.
[9] A. Braeken, “PUF based authentication protocol for IoT,” Symmetry,vol. 10, no. 8, p. 352, 2018.
[10] S. Garg, K. Kaur, G. Kaddoum and K.-K. R. Choo, "Towards secure and provable authentication for Internet of Things: Realizing industry 4.0", IEEE Internet Things J
[11] S. Janbabaei, H. Gharaee and N. Mohammadzadeh, "Lightweight, anonymous and mutual authentication in IoT infrastructure," 2016 8th International Symposium on Telecommunications (IST), Tehran, 2016, pp. 162-166, doi: 10.1109/ISTEL.2016.7881802.
[12] A. J. Paverd, A. Martin, and I. Brown, “Modelling and Automatically Analysing Privacy Properties for Honest-but-Curious Adversaries,” Tech. Rep., 2014. [Online]. Available: https://www.cs.ox.ac.uk/people/ andrew.paverd/casper/ca -sper-privacy-report.pdf.
[13] Charles Herder, Meng-Day (Mandel) Yu, Farinaz Koushanfar, and Srinivas Devadas, "Physical Unclonable Functions and Applications: A Tutorial," Proceedings of the IEEE, vol. 102, Aug. 2014, pp. 1126-1141.
[14] G. E. Suh, and S. Devadas, "Pysical Unclonable Functions for Device Authentication and Secret Key Generation," Proceedings of IEEE/ACM DAC, June 2007, pp. 9-14.
[15] V. T. Kilari, S. Misra and G. Xue, "Revocable anonymity based authentication for vehicle to grid (V2G) communications," 2016 IEEE International Conference on Smart Grid Communications (SmartGridComm), Sydney, NSW, 2016, pp. 351-356, doi: 10.1109/SmartGridComm.2016.7778786.
[16] H. Xiong and Z. Qin, "Revocable and Scalable Certificateless Remote Authentication Protocol With Anonymity for Wireless Body Area Networks," in IEEE Transactions on Information Forensics and Security, vol. 10, no. 7, pp. 1442-1455, July 2015, doi: 10.1109/TIFS.2015.2414399.
[17] M. Aman, K. Chua, C. Kee and B. Sikdar, "Mutual Authentication in IoT Systems using Physical Unclonable Functions", IEEE Internet of Things Journal, vol. PP, no. 99, pp. 1-1, May 2017
[18] N.N. Anandakumar, M.S. Hashmi and S.K. Sanadhya, "Compact Implementations of FPGA based PUFs with Enhanced Performance", 2017 30th International Conference on VLSI Design and 2017 16th International Conference on Embedded Systems (VLSID), pp. 161-166, 2017..
[19] M Majzoobi, R University, Houston et al., Automated Design Implementation and Evaluation of Arbiter-based PUF on FPGA using Programmable Delay Lines, [online] Available: eprint.iacr.org
[20] Durga Prasad Sahoo, Debdeep Mukhopadhyay, Rajat Subhra Chakraborty, and Phuong Ha Nguyen. A Multiplexer-Based Arbiter PUF Composition with Enhanced Reliability and Security. IEEE Transactions on Computers, 67(3):403–417, 2018.
[21] M. Burrows, M. Abadi, and R. Needham, “A logic of authentication”, ACM Transactions on Computer Systems, 8, February 1990.
[22] W. Mao and C. Boyd, “Towards formal analysis of security protocols”, Proc. Computer Security Foundations Workshop VI, pp. 147-158, June 1993.
[23] D. Dolev and A.C. Yao, "On the security of public-key protocols", IEEE Transactions on Information Theory, vol. 29, no. 8, pp. 198-208, August 1983.
[24] M. Kocheta, N. Sujatha, K. Sivakanya, R. Srikanth, S. Shetty and P. V. Ananda Mohan, "A review of some recent stream ciphers," 2013 International conference on Circuits, Controls and Communications (CCUBE), Bengaluru, 2013, pp. 1-6.
[25] F. De Santis, A. Schauer and G. Sigl, "ChaCha20-Poly1305 authenticated encryption for high-speed embedded IoT applications," Design, Automation & Test in Europe Conference & Exhibition (DATE), 2017, Lausanne, 2017, pp. 692-697, doi: 10.23919/DATE.2017.7927078.
[26] Hwang, T-L., & Gope, P. (2015). IAR-CTR and IAR-CFB: Integrity aware real-time based counter and cipher feedback modes. Security and Communication Networks, 8(18), 3939-3952. https://doi.org/10.1002/sec.1312
[27] M. A. Kumar and R. Bhakthavatchalu, "FPGA based delay PUF implementation for security applications," 2017 International Conference on Technological Advancements in Power and Energy ( TAP Energy), Kollam, 2017, pp. 1-6.
論文全文使用權限
  • 同意授權校內瀏覽/列印電子全文服務,於2025-08-24起公開。
  • 同意授權校外瀏覽/列印電子全文服務,於2025-08-24起公開。


  • 如您有疑問,請聯絡圖書館
    聯絡電話:(06)2757575#65773
    聯絡E-mail:etds@email.ncku.edu.tw