Summary: | 博士 === 國立交通大學 === 資訊管理所 === 88 === In this thesis, we focus on the security of electronic data transmission over an open network. Three areas, the Electronic Data Interchange (EDI), the World Wide Web (WWW), and the Global System for Mobile communication (GSM) networks, have been studied.
In the first area, we investigate the current status of EDI technologies as they exist today, and then present a survey of authentication protocols, digital signature, hash function, and key management. A security architecture for EDI is proposed.
In the second area, we first investigate all possible attacks on the web. Then, on the basis of these attacks, we suggest a security monitoring mechanism. This security monitoring mechanism is an active control mechanism, which is different from the traditional passive mechanisms, like Sniffer. This active security monitoring mechanism will allow the system administrator to actively protect his web site.
In the third area, we focus on the security of the GSM networks. A secure communication architecture for the GSM network is proposed. In the proposed architecture, we use public-key cryptography for user authentication and stream cipher for message encryption and decryption. An authentication protocol and a key generation method are presented in conjunction with the proposed architecture. Stream cipher is recommended for message encryption and decryption. First, a key generator is presented. Then, on the basis of the key generator, stream ciphers are designed with respect to different levels of securities of GSM networks. Cryptanalysis and operational analysis show that the authentication protocol and stream ciphers are secure and efficient. Simulation results indicate that the key generation method can always produce key strings of evenly distributed 0''s and 1''s and with infinite period. Consequently, they provide a comprehensive set of secure communication mechanisms for GSM networks.
Based on the results obtained from the three research areas aforementioned, we have significantly enhanced the security of electronic data transmission over an open network.
|