隨著網際網路技術的發展，如何保障使用者在雲端網路商業活動中的安全已成為一項重要的課題，遠端使用者驗證機制提供遠端服務伺服器驗證使用者的合法性，智慧卡則提供驗證密秘金鑰、雜湊函數、橢圓密碼曲線私密金鑰與其他較大長度密鑰的儲存功能。
為確保使用者在雲端網路活動中可以得以安全的保護，本篇論文提出以ID-Based為基礎的智慧卡與遠端伺服器交互驗證的方法，以確保遠端使用者與伺服器的使用安全，並利用此方法衍生至動態ID-Based 的安全驗證機制。
在確認ID-Based為基礎的智慧卡與遠端伺服器交互驗證方法的安全性之後，本篇論文提出以ID-Based與智慧卡的遠端伺服器交互驗證機制的應用方向，包括SIP使用的驗證機制HTTP的改善，與使用動態ID-Based與智慧卡的遠端伺服器交互驗證機制的商業應用。例如: 行動付費電視的動態ID使用者驗證機制。
本篇論文不但提出以ID-Based為基礎的智慧卡與遠端伺服器交互驗證方法，也分析雜湊函數、橢圓密碼曲線等加解密方法的計算成本，以提供更有效率的交互驗證機制方法可以應用於各種商業活動中。

With current developed network technologies, how to assure the security of these activities in an insecure communication channel has become one of the most important issues. Among the most common procedures dealing with security issues, remote user authentication is an effective way which provides a service for remote server verifying the legitimacy of a user. Several studies have provides secured authentication methods, for instance, DH-based (Diffie-Hellman) authentication and ECC-based (Elliptic Curves Cryptography) authentication methods, but some of them need users to memorize long-term private keys, passwords and some other cipher codes for authenticating procedures. It is absurd and inefficient for users. In this study, a Smart Card-based method is employed to make it possible to go further along with those unsolved problems. Smart card-based password authentication has been proved to be a more convenient, effective, and secure way, in that it provides a mechanism with storage space for a secrete code, hash function, ECC (Elliptic Curves Cryptography) private code and other cipher code or long-term code.
To provide a secured activity of a user through an insecure cloudy network, this dissertation proposes an ID-Based mutual authentication using smart cards to assure the security of a remote user and server. In addition, an advanced dynamic ID-Based mutual authentication using smart cards to provide an anonymous mechanism to protect user’s private information is provided in this dissertation.
Furthermore, we propose an ID-based SIP (Session Initiation Protocol) authentication to evade the attack risks of HTTP (Hypertext Transfer Protocol) digest authentication protocol documented in RFC2617 for identity authentication, and a dynamic ID-Based authentication for MPTV (Mobile Pay-TV) to protect a user from the risks of animus attack over an insecure cloudy network.
The proposed protocol of ID-Based authentication using smart cards is not only proved to be a more sophisticated way in respect of current security issues, but also can be applied in many other business activities, such as ATM, and etc.

[1] U.S. Dep. of Commerce / National Institute of Standards and Technology (NIST), Digital Signature Algorithm,FIPS-186, in: DIGITAL SIGNATURE STANDARD (DSS), FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION (FIPS), 1994.
[2] Al-Riyami, S. S. and Paterson, K. G. Certificateless public key cryptography. in Advances in Cryptology - Asiacrypt 2003. 2003.
[3] Allamandri, F., Campion, S., Centonza, A., Chernilov, A., Cosmas, J. P., Duffy, A., Garrec, D., Guiraudou, M., Krisihnapillai, K., Levesque, T., Mazieres, B., Mies, R., Owens, T., Re, M., Tsekleves, E. and Zheng, L., Service platform for converged interactive broadband broadcast and cellular wireless, IEEE Transactions on Broadcasting, 53 (2007) 200-211.
[4] Andreas, S. and Daniel, K., SIP Security,SIP Group, CH-8401, (2004).
[5] Boneh, D., Gentry, C., Lynn, B. and Shacham, H., Aggregate and Verifiably Encrypted Signatures from Bilinear Maps, in: Advances in Cryptology — EUROCRYPT 2003, Springer Berlin Heidelberg, Lecture Notes in Computer Science, 2003, pp. 641-641.
[6] Buyya, R., Yeo, C. S., Venugopal, S., Broberg, J. and Brandic, I., Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility, Future Generation Computer Systems, 25 (2009) 599-616.
[7] Chen, L. and Kudla, C. Identity based authenticated key agreement protocol from pairings. in CSFW 2003. 2003: IEEE Computer Society Press.
[8] Chen, T.-H., Hsiang, H.-C. and Shih, W.-K., Security enhancement on an improvement on two remote user authentication schemes using smart cards, Future Generation Computer Systems, In Press, Corrected Proof, document of DOI: 10.1016/j.future.2010.08.007 (2010).
[9] Chen, T.-H. and Shih, W.-K., A Robust Mutual Authentication Protocol for Wireless Sensor Networks, ETRI Journal, 32 (2010.) 704-712.
[10] Chien, H. Y., Jan, J. K. and Tseng, Y. M., An efficient and practical solution to remote authentication: Smart card, Computers & Security, 21 (2002) 372-375.
[11] Daniel Nurmi, Rich Wolski, Chris Grzegorczyk, Graziano Obertelli, Sunil Soman, Lamia Youseff and Dmitrii Zagorodnov, The Eucalyptus Open-source Cloud-computing System, (2009).
[12] Das, M. L., Saxena, A. and Gulati, V. P., A dynamic ID-based remote user authentication scheme, IEEE Transactions on Consumer Electronics, 50 (2004) 629-631.
[13] Diffie, W. and Hellman, M. E., New Directions in Cryptography, IEEE Transactions on Information Theory, 22 (1976) 644-654.
[14] Duan, X., Liu, J. and Zhang, Q., Security improvement on Chien Et Al.’s remote user authentication scheme using smart cards, IEEE International Conference on Computational Intelligence and Security (CIS 2006) 2(2006) 1133–1135.
[15] Durlanik, A. and Sogukpinar, I. SIP Authentication Scheme using ECDH. 2005: Proceedings of WORLD ACADEMY OF SCIENCE, ENGINEERING AND TECHNOLOGY (OCTOBER 2005).
[16] ETSI, Digital Video Broadcasting (DVB); IP Datacast Over DVB-H: Service Purchase and Protection, in: ETSI TS 102 474 v1.1.1, 2005.
[17] ETSI, Digital Video Broadcasting (DVB); Transmission System for Handheld Terminals (DVB-H), in: ETSI EN 302 304 V1.1.1, 2004.
[18] Fabio, A., Sebastien, C., Angelo, C., Alex, C., John, P. C., Annette, D., David, G., Michel, G., Kannan, K., Thierry, L., Bertrand, M., Ronald, M., Thomas, O., Michele, R., Emmanuel, T. and Lizhi, Z., Service Platform for Converged Interactive Broadband Broadcast and Cellular Wireless, Broadcasting, IEEE Transactions on, 53 (2007) 200-211.
[19] Faria, G., Henriksson, J. A., Stare, E. and Talmola, P., DVB-H: Digital Broadcast Services to Handheld Devices, Proceedings of the IEEE, 94 (2006) 194-209.
[20] Feldhofer, M., AES implementation on a grain of sand, Information Security (2005),152(1):13, (2005).
[21] Gallery, E. and Tomlinson, A. Conditional access in mobile systems: Securing the application. in First International Conference on Distributed Frameworks for Multimedia Applications(DFMA05). 2005.
[22] Gamal, T. E., A public-key cryptosystem and a signature scheme based on discrete logarithms, IEEE Transactions on Information Theory, 4 (1985) 469–472.
[23] Gardikis, G., Xilouris, G., Skianis, C. and Kourtis, A., Broadband multimedia on the move with DVB-H, Multimedia Tools and Applications, 36 (2008) 133-144.
[24] Geneiatakis, D., Dagiuklas, T., Kambourakis, G. and Lambrinoudakis, C., Survey of security vulnerabilities in session initial protocol, IEEE Communications Surveys & Tutorials, 8(3) (2006) 68-81.
[25] Girault, M., Self-Certified Public Keys, Lecture Notes in Computer Science, 547 (1991) 490-497.
[26] Gupta, V., Stebila, D. and Fung, S. Speeding up secure web transactions using elliptic curve cryptography. in 11th Network and Distributed Systems Security Symposium. 2004.
[27] Gupta, V., Stebila, D., Fung, S., Shantz, S. C., Gura, N. and Eberle, H., Speeding up Secure Web Transactions Using Elliptic Curve Cryptography, in: Proceedings of 11th Network and Distributed Systems Security Symposium, (2004) 231-239.
[28] Gura, N., Patel, A., Wander, A., Eberle, H. and Shantz, S. C., Comparing elliptic curve cryptography and RSA on 8-bit CPUs, Cryptographic Hardware and Embedded Systems - Ches 2004, Proceedings, 3156 (2004) 119-132.
[29] Han-Cheng Hsiang, Tien-Ho Chen and Wei-Kuan Shih, Security Enhancement on an Improvement on Two Remote User Authentication Scheme Using Smart Cards, in: Advances in Communication and Networking Springer Berlin Heidelberg, 2009, pp. 65-73.
[30] Han, J. H., Kim, Y. J., Jun, S. I., K.I., C. and C.H., S. Implementation of ECC/ECDSA cryptography algorithms based on Java card in 22nd International Conference on Distributed Computing Systems Workshops. 2002.
[31] Handley, M., Schulzrinne, H., U., C., E. Schooler, Tech, C., J. Rosenberg and Bell, L., SIP: Session Initiation Protocol, in, IETF RFC2543, Mar. 1999.
[32] Hsiang, H. C. and Shih, W. K., Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment, Computer Standards & Interfaces, 31 (2009) 1118-1123.
[33] Hsiang, H. C. and Shih, W. K., Weaknesses and improvements of the Yoon-Ryu-Yoo remote user authentication scheme using smart cards, Computer Communications, 32 (2009) 649-652.
[34] Hwang, M. S. and Li, L. H., A new remote user authentication scheme using smart cards, IEEE Transactions on Consumer Electronics, 46 (2000) 28-30.
[35] Hwang, T., Chen, Y. and Laih, C. S., Non-interactive password authentication without password tables, IEEE Region 10 Conference on Computer and Communication System, 1 (1990) 429-431.
[36] J. Franks, Northwestern, U., P. Hallam-Baker, J. Hostetler, AbiSource, I., S. Lawrence, Agranat Systems, I., P. Leach, Microsoft, C., A. Luotonen, Netscape, C. C., L. Stewart and Open Market, I., HTTP Authentication: Basic and Digest Access Authentication, in, IETF RFC2617, June. 1999.
[37] Kaliski, B., The MD2 Message-Digest Algorithm, RFC Editor, 1992.
[38] Koblitz, N., Elliptic Curve Cryptosystems, Mathematics of Computation, 48 (1987) 203-209.
[39] Kong, L., Balasubramaniyan, V. B. and Ahamad, M. A lightweight scheme for securely and reliably locating SIP users. in VoIP Management and Security, IEEE Workshop. 2006.
[40] Kornfeld, M. and May, G., DVB-H and IP Datacast—Broadcast to Handheld Devices, Broadcasting, IEEE Transactions on, 53 (2007) 161-170.
[41] Ku, W. C., Chen, C. M. and Lee, H. L., Cryptanalysis of a variant of Peyravian-Zunic's password authentication scheme, IEICE Transactions on Communications, E86b (2003) 1682-1684.
[42] Ku, W. C. and Chen, S. M., Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards, IEEE Transactions on Consumer Electronics, 50 (2004) 204-207.
[43] Lamport, L., Password Authentication with Insecure Communication, Communications of the Acm, 24 (1981) 770-772.
[44] Lee, C. C., On security of an Efficient Nonce-based Authentication Scheme for Session Initiation Protocol, International Journal of Network Security, 9 (2009) 201-203.
[45] Lee, N.-Y., Chang, C.-C., Lin, C.-L. and Hwang, T., Privacy and non-repudiation on pay-TV systems, Consumer Electronics, IEEE Transactions on, 46 (2000) 20-27.
[46] Lee, N. Y. and Chiu, Y. C., Improved remote authentication scheme with smart card, Computer Standards & Interfaces, 27 (2005) 177-180.
[47] Lee, S. W., Kim, H. S. and Yoo, K. Y., Improved efficient remote user authentication scheme using smart cards, IEEE Transactions on Consumer Electronics, 50 (2004) 565-567.
[48] Lee, S. W., Kim, H. S. and Yoo, K. Y., Improvement of Chien et al.'s remote user authentication scheme using smart cards, Computer Standards & Interfaces, 27 (2005) 181-183.
[49] Liao, Y.-P. and Wang, S.-S., A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves, Computer Communications, 33 (2010) 372-380.
[50] Lin, I. C., Hwang, M. S. and Li, L. H., A new remote user authentication scheme for multi-server architecture, Future Generation Computer Systems, 19 (2003) 13-22.
[51] Menezes, A., Oorschot, P. V. and SA, V., Handbook of applied cryptography, CRC Press Inc, 1997.
[52] Miller, V. S., Use of Elliptic Curves in Cryptography, in: LNCS, Advances in Cryptology - CRYPTO '85: Proceedings, Springer Berlin / Heidelberg, 1986, pp. 417.
[53] Ojanpera, T. and Prasad, R., An overview of air interface multiple access for IMT-2000/UMTS, Communications Magazine, IEEE, 36 (1998) 82-86, 91-5.
[54] Ollikainen, V. A Handover Approach to DVB-H Services. in 2006 IEEE International Conference on Multimedia and Expo(icme). 2006. Toronto, Canada
[55] Petersen, H., Horster, P. and Horster, D. P., Self-certified keys - Concepts and Applications, in, Chapman & Hall, 1997.
[56] Ring, J., K.-K. Raymond Choo, E. Foo and M. Looi, A new authentication mechanism and key agreement protocol for SIP using identity based cryptography, Proceedings of AusCERT R&D Stream, (2006) 61-72.
[57] Rivest, R., The MD4 Message-Digest Algorithm, RFC Editor, 1992.
[58] Rivest, R., The MD5 Message-Digest Algorithm, RFC Editor, 1992.
[59] Rivest, R. L., Shamir, A. and Adleman, L., A method for obtaining digital signatures and public-key cryptosystems, Commun. ACM, 21 (1978) 120-126.
[60] Rosenberg, J., Columbia, U., G. Camarillo, Ericsson, A. Johnston, WorldCom, J. Peterson, Neustar, R. Sparks, dynamicsoft, M. Handley, ICIR, E. Schooler and AT&T, SIP: Session Initiation Protocol, in, IETF RFC3261, 2002.
[61] Salsano, S., Veltri, L. and Papalilo, D., SIP security issues: the SIP authentication procedure and its processing load, Network, IEEE, 16 (2002) 38-44.
[62] Schulzrinne, H. and Rosenberg, J. A comparison of SIP and H.323 for internet telephony. in International Workshop on Network and Operating System Support for Digital Audio and Video (NOSSDAV). July 1998. Cambridge, England.
[63] Scott, M., Costigan, N. and Abdulwahab, W. Implementing cryptographic pairings on smartcards. in Cryptographic Hardware and Embedded Systems - (CHES 2006), Proceedings. 2006.
[64] Shamir, A., Identity-Based Cryptosystems and Signature Schemes, in: LNCS, Advances in Cryptology, Springer Berlin / Heidelberg, 1985, pp. 47-53.
[65] Shirazi, H., Cosmas, J. and Cutts, D., A Cooperative Cellular and Broadcast Conditional Access System for Pay-TV Systems, Broadcasting, IEEE Transactions on, 56 (2010) 44-57.
[66] Siddiqui, K., Kamran, M. and Tajammul, S. Comparison of H.323 and SIP for IP Telephony Signaling. in IEEE 4th International Multioptics Conference. 2001. Lahore, Pakistan.
[67] Sisalemd, D., Kuthan, J. and Ehlerts, S., Denial of service attacks targeting a SIP VoIP infrastructure: stack scenarios and prevention mechanisms, Network IEEE 20(5) (2006) 26-31.
[68] Song, R., Advanced smart card based password authentication protocol, Computer Standards & Interfaces, (2010).
[69] Song, R. and Korba, L., Pay-TV system with strong privacy and non-repudiation protection, Consumer Electronics, IEEE Transactions on, 49 (2003) 408-413.
[70] Srinivasan, R., Vaidehi, V., Harish, K., Lakshmi-Narasimhan, K., LokeshwerBabu, S. and Srikanth, V. Authentication of signaling in VoIP Applications. in Communications, Asia-Pacific Conference. 2005.
[71] Sun, H.-M. and Leu, M.-C., An Efficient Authentication Scheme for Access Control in Mobile Pay-TV Systems, Multimedia, IEEE Transactions on, 11 (2009) 947-959.
[72] Taibleson, M. H., On the theory of lipschitz spaces of distributions on euclidean n-space. i- principal properties(Lipschitz spaces of distributions on euclidean n-space, including smoothness properties of functions and distribution), Journal of mathematics and mechanics, 13 (1964) 407-479.
[73] Tian, X. J., Wong, D. S. and Zhu, R. W., Analysis and improvement of an authenticated key exchange protocol for sensor networks, Ieee Communications Letters, 9 (2005) 970-972.
[74] Tien-Ho Chen, H.S. Hsiang and Shih, W.-K., Security enhancement on an improvement on two Remote User Authentication Schemes Using Smart Cards, Future Generation Computer Systems, (2011 to be published.).
[75] Tien-Ho Chen, Han-Cheng Hsiang and Wei-Kuan Shih, Security improvement on a remote user Authentication scheme using smart cards, in: Proceedings of Information Security and Assurance (ISA), CCIS 76 (2010) 9-16.
[76] Tien-ho Chen, Hsiu-lien Yeh, Pin-chuan Liu, Han-chen Hsiang and Wei-kuan Shih. A secured authentication protocol for SIP using elliptic curves cryptography. in The International Conference on Future Generation Communication and Networking. 2010. Jeju Island, Korea.: Springer Verlag.
[77] Tien-Ho Chen and Shih, W.-K., A hash based secure authentication protocol for SIP, Journal of Systems and Software, (2011 to be published.).
[78] Tien-Ho Chen and Shih, W.-K., A Robust smart card based password authentication protocol, Journal of Systems and Software, (2011 to be published.).
[79] Tien-Ho Chen, Yen-Chiu Chen and Wei-Kuan Shih. An Advanced ECC ID-Based remote mutual authentication scheme for mobile devices. in The 2010 International Symposium on Service, Security and its Data management technologies in Ubi-com(SSDU 2010). 2010. Xi'an, China.
[80] TienHo Chen, H.S. Hsiang and Shih, W., An Efficient Anonymous Authentication Protocol for Mobile Pay-TV, Journal of Network and Computer Applications, (2011 to be published (revising).).
[81] Tsai, J.-L., Efficient Nonce-based Authentication Scheme for Session Initiation Protocol, International Journal of Network Security, 9(1) (2009) 12-16.
[82] Union, I. T., Packet based multimedia communication systems, in: Recommendation H.323, Telecommunication Standardization Sector of ITU, Geneva, Switzerland, Feb. 1998.
[83] Vesterinen, P. User authentication in SIP. in TKK T-110.5290 seminar on Network Security. 2006.
[84] Viterbi, A. J., CDMA: principles of spread spectrum communication, Addison Wesley Longman Publishing Co., Inc., 1995.
[85] Wang, F. and Zhang, Y., A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography, Computer Communications, 31 (2008) 2142-2149.
[86] Wang, X. and Yu, H., How to Break MD5 and Other Hash Functions, Cryptology – EUROCRYPT'05, (2005) 19-35.
[87] Watson, W. J. The TI ASC: a highly modular and flexible super computer architecture. in Proceedings of the December 5-7, 1972, fall joint computer conference, part I. 1972. Anaheim, California: ACM.
[88] Weiss, A., Computing in the clouds, netWorker, 11 (2007) 16-25.
[89] Wu, L., Zhang, Y. and Wang, F., A new provably secure authentication and key agreement protocol for SIP using ECC, Computer Standards & Interfaces, 31 (2009) 286-291.
[90] Wu, L. F., Zhang, Y. Q. and Wang, F. J., A new provably secure authentication and key agreement protocol for SIP using ECC, Computer Standards & Interfaces, 31 (2009) 286-291.
[91] Xu, J., Zhu, W.-T. and Feng, D.-G., An improved smart card based password authentication scheme with provable security, Computer Standards & Interfaces, 31 (2009) 723-728.
[92] Yang, C.-C., Wang, R.-C. and Liu, W.-T., Secure authentication scheme for session initiation protocol, Computers & Security, 24 (2005) 381-386.
[93] Yang, J.-H. and Chang, C.-C., An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem, Computers & Security, 28 (2009) 138-143.
[94] Yoon, E. J., Ryu, E. K. and Yoo, K. Y., Further improvement of an efficient password based remote user authentication scheme using smart cards, IEEE Transactions on Consumer Electronics, 50 (2004) 612-614.
[95] Yoon, E. J. and Yoo, K. Y. Cryptanalysis of DS-SIP Authentication Scheme using ECDH. in International Conference on New Trends in Information and Service Science. 2009.
[96] Stallings, W., Cryptography and Network Security: Principles and Practice, 4th ed., Prentice-Hall, Englewood Cliffs, NJ., 2010.
[97] Joseph D. Touch, “Performance Analysis of MD5”, Appeared in the proceedings of Sigcomm '95, Boston MA.