| Summary: | 碩士 === 朝陽科技大學 === 資訊管理系碩士班 === 89 === Today, mobile communication is widespread in the world and
its technologies have undergone rapid development. It brings
convenience to people in their daily life, such that each user can
communicate and transfer data with others at any place, at any time.
Despite the convenience of mobile communication, an important
issue, the security of communication, has drawn the attention of
researchers and manufactures. There are two major security
requirements, privacy and authentication, in mobile
communications. Privacy involves ensuring that an eavesdropper
cannot intercept the communications information of mobile users.
Authentication involves ensuring that the services are not
obtained fraudulently. However, to meet the rapidly evolution of
mobile communications, higher different security requirements are
essential for different mobile communication systems.
In this study, without losing the two major security requirements,
we first discuss the characteristics and requirements for four
user authentication schemes of mobile communications: an efficient
Global System for Mobile communication (GSM) authentication
scheme, certificate-based scheme, subscriber anonymity scheme, and
a flexible scheme. To achieve this study, we then introduce
related theories and schemes. Afterward, we anticipate utilizing
them and cryptography to propose our secure and efficient user
authentication schemes in the four subjects. First subject, we
propose a new authentication protocol for GSM networks, which is
able not only to reduce the network traffic, but also to reduce
mobile station power consumption. Moreover, this protocol is
highly secure. We also give a comparison between the recently
proposed GSM authentication protocols. Second subject, we propose
a certificate-based authentication scheme in mobile
communications. This scheme can withstand the replaying attack and
achieve perfect forward secrecy and key authentication. Third
subject, we propose an authentication scheme to achieve anonymity
and non-repudiation between mobile users and HLR in personal
communication systems. Last subject, we propose a new remote user
authentication scheme. This scheme can achieve five goals: (1)it
does not require password or verification tables. (2)password
should not be exposed during the process of authentication. (3)it
can withstand the message replay attack. (4)any legal user can
freely choose and change his/her own password at will. (5)the
password of users is not known to server.
|
|---|
