题名

A Pairing-Based Proxy Authenticated Encryption Scheme for Protecting Mobile Agents

并列篇名

基於對偶函數之用以保護行動代理人的鑑別加密機制

DOI

10.6382/JIM.200510.0235

作者

曹偉駿(Woei-Jiunn Tsaur);何健豪(Chien-Hao Ho)

关键词

基於對偶函數之密碼系統 ; 代理簽章機制 ; 代理鑑別加密機制 ; 自我認證公開金鑰密碼系統 ; 行動代理人 ; Pairing-based Cryptosystem ; Proxy Signature Scheme ; Proxy Authenticated Encryption Scheme ; Self-certified Public Key Cryptosystem ; Mobile Agent

期刊名称

資訊管理學報

卷期/出版年月

12卷4期(2005 / 10 / 01)

页次

235 - 250

内容语文

英文
中文摘要

隨著電子商務發展,行動代理人被應用的層面亦越來越廣,如今,安全性議題已成為行動代理人技術中重要的一環。本文以基於所提出之整合式公開金鑰密碼系統,設計出以代理簽章機制為基礎之代理鑑別加密機制來使行動代理人能抵抗惡意代理人主機的攻擊。其中,本文所提出之公開金鑰密碼系統係植基於對偶函數密碼系統,並能兼具身分為基礎之公鑰系統與自我認證公鑰系統之優點以滿足較佳之安全性及效率,而本論文所發展之代理人簽章機制能夠保護使用者的私鑰和提供代理人對合約簽章的完整性。此外,基於本文所提出之密碼系統,我們使用代理人簽章機制進一步設計出代理人鑑別加密機制,使得合約的簽章將滿足使用者的要求,並能使伺服器達到不可否認性;再者,所簽署的訊息亦能保證其機密性。因此就保護行動代理人的安全性而言,本論文所提出之機制能滿足機密性,完整性,驗證性,和不可否認性的安全需求。另根據效率評估結果顯示,植基於本文之公開金鑰密碼系統所設計的各項安全機制亦較其他機制有效率,故本機制是非常適用於保護行動代理人。
英文摘要

Nowadays, security is one of key issues for mobile agent technology while mobile agents are applied to the development of e-commerce. By using the proposed integrated public key cryptosystem, this paper presents a proxy authenticated encryption scheme based on a proxy signature scheme for protecting mobile agents against malicious attacks by hosts. The proposed cryptosystem is constructed using the pairing-based cryptosystems, and it also integrates the identity-based public key cryptosystems with the self-certified public key cryptosystems to provide higher security strength and meanwhile maintain a satisfactory performance. Based on the proposed cryptosystem, we first design a proxy signature scheme to protect a user's private key and keep the integrity of the contract which an agent signs. In addition, we further develop a proxy authenticated encryption scheme using the proposed proxy signature scheme such that the signatures of the contracts can not only satisfy users' constraints, but also achieve servers' non-repudiation. Furthermore, the confidentiality of the signed message is also guaranteed in the proposed scheme. Hence, the proposed schemes are able to fulfill the security requirements of confidentiality, integrity, authenticity, and non-repudiation to accomplish mobile agent security. Besides, the performance evaluation results also show the developed schemes are more efficient than other previously proposed schemes. In such a way, we affirm that the proposed schemes are very feasible for mobile agent protection.
主题分类 基礎與應用科學 > 資訊科學
社會科學 > 管理學
参考文献
  1. Barreto, P.,Kim, H.Y.,Lynn, B.,Scott, M.(2002).Efficient Algorithms for Pairing-Based Cryptosystems.Advances in Cryptology-CRYPTO Lecture Notes in Computer Science,2442,354-368.
  2. Boneh, D.,Franklin, M.(2001).Identity-Based Encryption from the Weil Pairing.Advances in Cryptology-CRYPTO 2001, Lecture Notes in Computer Science,2139,213-229.
  3. Boneh, D.,Lynn, B.,Shacham, H.(2001).Short Signatures from the Weil Pairing.Advances in Cryptology-ASIACRYPT 2001, Lecture Notes in Computer Science,2248,514-532.
  4. Chess, D.M.(1998).Security Issues in Mobile Code Systems.Mobile Agents and Security, Lecture Notes in Computer Science,1419,1-14.
  5. Claessens, J.,Preneel, B.,Vandewalle, J.(2003).(How) Can Mobile Agents Do Secure Electronic Transactions on Untrusted Hosts? a survey of the security issues and the current solutions.ACM Transactions on Internet Technology,3(1),28-48.
  6. Frey, G.,Müller, M.,Rück, H.G.(1999).The Tate Pairing and the Discrete Logarithm Applied to Elliptic Curve Cryptosystems.IEEE Transactions on Information Theory,45(5),1717-1719.
  7. Gaibraith, S.D.,Harrison, K.,Soldera, D.(2002).Implementing the Tate pairing.Algorithmic Number Theory Symposium, ANTS-V, Lecture Notes in Computer Science,2369,324-337.
  8. Galbraith, S.D.(2001).Supersingular Curves in Cryptography.Advances in Cryptology-ASIACRYPT 2001, Lecture Notes in Computer Science,2248,495-513.
  9. Girault, M.(1992).Self-Certified Public Keys.Advances in Cryptology-EUROCRYPT `91, Lecture Notes in Computer Science,547,491-497.
  10. He, W.H.,Wu, T.H.(1999).Cryptanalysis and Improvement of Petersen-Michels Signcryption Scheme.TEE Proceedings-Computer and Digital Techniques,146(2),123-124.
  11. Hsu, C.L.(2002).Authenticated Encryption Schemes for Group Oriented Applications.Taiwan:Ph.D dissertation, National Taiwan University of Science and Technology.
  12. Joux, A.(2000).A One-Round Protocol for Tripartite Diffie-Hellman.Algorithm Number Theory Symposium, ANTS-IV, Lecture Notes in Computer Science,1838,385-394.
  13. Jurisic, A.,Menezes, A.J.(1997).Elliptic Curves and Cryptography.Dr. Dobb`s Journal,26-35.
  14. Lee, B.,Kim, H.,Kim, K.(2001).Secure Mobile Agent Using Strong Non-designated Proxy Signature.Proceedings of the Sixth Australasian Conference on Information Security and Privacy, ACISP 2001, Lecture Notes in Computer Science,2119,474-486.
  15. Petersen, H.,Horster, P.(1997).Proceedings of the Third Conference on Communications and Multimedia Security 1997.Chapman & Hall.
  16. Saeednia, S.(1997).Identity-Based and Self-Certified Key Exchange Protocols.Proceedings of the Second Australasian Conference on Information Security and Privacy, ACISP `97, Lecture Notes in Computer Science,1270,303-313.
  17. Sakai, R.,Ohgishi, K.,Kasahara, M.(2000).Cryptosystems Based on Pairing.Proceedings of Symposium on Cryptography and Information Security, SCIS,233-238.
  18. Sander, T.,Tschudin, C.F.(1998).Towards Mobile Cryptography.Proceedings of IEEE Symposium on Security and Privacy,215-224.
  19. Shamir, A.(1984).Identity Based on Cryptosystems and Signature Schemes.Advances in Cryptology-CRYPTO `84, Lecture Notes in Computer Science,196,47-53.
  20. Sun, H.M.(2000).On Proxy Multi-Signature Schemes.Proceedings of the International Computer Symposium,65-72.
  21. Takeda, H.,Iino, K.,Nishida, T.(1995).Agent Organization and Communication with Multiple Ontologies.International Journal of Cooperative Information Systems,4(4),312-337.
print cancel