查詢結果分析
來源資料
頁籤選單縮合
題 名 | 強化國軍智慧卡身分認證及機密機制之設計=The Design of Identity Authentication and Confidentiality Mechanism for Enhancing Military Smart Card Functionality |
---|---|
作 者 | 蘇品長; 陳柏諭; 楊顓豪; | 書刊名 | 中正嶺學報 |
卷 期 | 45:2(A) 2016.11[民105.11] |
頁 次 | 頁53-63 |
分類號 | 312.76 |
關鍵詞 | 國軍智慧卡; 身分認證; 橢圓曲線; 自我認證; 機密機制; Military smart card; Identity authentication; Elliptic curve; Self-certified; Confidentiality mechanism; |
語 文 | 中文(Chinese) |
中文摘要 | 為精進身分認證及機密機制,國軍智慧卡於2012 起即提供國軍入口網站身分認證 及公文系統線上簽核運用。惟其認證機制未臻完整,且運用RSA 演算法所支援之1024 及2048 位元(bits)金錀長度較長,使其在認證及加解密的計算成本及安全強度產生疑 慮。有鑑於此,本研究以國軍某單位內部線上影音系統為例,提出:(1)採橢圓曲線建置 快速安全的身分認證機制,符合鑑別性及不可否認性等安全需求。(2)採低運算成本之串 流加密演算法,符合快速加解密目的。(3)結合會議金鑰與隨機亂數π(PI),使對稱式 加密金鑰長度恆大於訊息,增加暴力破密難度,並提昇約4 倍運算速度。(4)通訊階段不 需線上憑證中心參與認證。 |
英文摘要 | To improve the identity authentication and confidentiality mechanism, the military smart card has been used for identity authentication at web portals as well as submission/authorization in the online documentation system since 2012. However, its functionality is not complete, and the RSA-supported keys (1024/2048 bits) are fairly long to cause issues of increasing authentication and encryption/decryption costs as well as providing an insufficient security strength. To resolve this, this research takes the intranet AV system of a military organization as an example, and proposes the following: (1) using elliptic curves for building a rapid/secure mechanism to meet the authenticity and non-repudiation requirements, (2) adopting the computationally low-cost stream cipher to achieve rapid encryption and decryption, (3) combining session keys with the user-defined random number π to make symmetric encryption keys longer than messages for increasing brute-force decryption difficulty and enhancing the computation speed by 4 times, and (4) not requiring participation of online key generation centers during communication sessions. |
本系統中英文摘要資訊取自各篇刊載內容。