隨著網路和資訊科技的發展，以及線上人口的持續增加，許多商業交易和人與人之間的通訊便轉移到網際網路上。然而由於資訊的數位化，網路上傳輸的資料很容易遭受惡意攻擊者的竊聽、篡改、和複製。為了保障通訊雙方的權益，身分認證便成為網路系統中最重要的安全議題之一。也就是說，對於任意的通訊雙方，我們該如何做訊息交換來確認彼此身分的合法性，進而達到通訊的安全。
本論文主要在研究各種認證機制和相關應用的安全性及基本需求。首先回顧三方認證金鑰協議的基本原理，並提出更為安全有效的認證機制。隨後考慮現今網路的急速成長，已使單一伺服器系統的認證機制不敷使用。因此我們延伸前面三方認證金鑰協議的概念，提出一項全新的多重伺服器認證方法。在這個方法中，我們改良伺服器和註冊中心之間共享金錀的方式，以確實達到使用者單次註冊的特性。並以前述兩種認證機制為基礎，再額外設計出三種不同的應用系統：匿名的英式電子拍賣系統、衛星通訊系統的認證機制以及混合式電子售票系統。值得注意的是在電子拍賣系統中，首先引進了商品上架的概念。這讓系統中的使用者不僅能作為買家競標商品，亦可成為賣方在系統上銷售物品。這樣的概念讓我們的電子拍賣系統更貼近於現實生活。另一方面，在混合式售票系統中，我們利用多重伺服器的概念，提供一個票券整合平台，讓各種票券供應商能委託整合伺服器代售，而消費者可以在任何有網路的地方透過此平台來瀏覽和購買他們所需的票券。最後，除了上述一對一通訊外，我們也進一步探討一對多通訊的安全性，即群組通訊中的多重播送和金鑰分配的認證問題。

With the rapid development of network and information technologies and the continuing growth of the online population, more and more commercial enterprises are supporting online transactions. However, due to the digitization of information, it is easy for malicious attackers to eavesdrop on, tamper with, or duplicate data that are transmitted on the network. In order to protect the rights and interests of both communication parties, authentication is one of the most important security issues for network systems. Thus, when any two parties are communicating, it is very important that they be able to confirm the legitimacy of each other’s identity in order to achieve secure communication.
In this study, we focused on security research and the essentials of various authentication protocols and related applications. First, we reviewed the principle of three-party authenticated key exchange (3PAKE) and provided a more secure and efficient authentication protocol based on this architecture. Second, considering that the single-server authentication mechanism is no longer sufficient due to the explosive growth of computer networks, we extended the first 3PAKE protocol to a multi-server architecture. In the new scheme, we improved the strategy of key sharing between service providers and the registration center in order to achieve single registration with certainty. Third, based on the two previous authentication protocols, we subsequently designed three application systems, including an anonymous electronic English auction system, an authentication scheme for satellite communication systems, and a diverse ticket-sale system in a hybrid cloud. Especially in the new auction system, we were the first to design an on-shelf mechanism for an auction system that allows users to play the role of a bidder as well as an auctioneer. In the new, diverse, ticket-sale system, we applied the concept of a multi-server to provide a ticket integration platform that service providers can use to delegate the sale of their service tickets to the integrated server, and the customers can freely browse and purchase electronic service tickets from the system in any networked place. In addition to previous one-to-one communications, we also explored the security of one-to-many communications. Finally, we proposed a secure multicast authentication protocol and developed the cryptanalysis of a polynomial-based key management scheme for group communication.

[1] 7-ELEVEN, 7-ELEVEN: ibon, 2009 Internet Resource, http://www.ibon.com.tw/. (Date of access: Apr. 2012)
[2] Abdellatif, R., Aslan, H.K. and Elramly, S.H., “New real time multicast authentication protocol,” International Journal of Network Security, Vol. 12, No. 1, pp. 13-20, Jan. 2011.
[3] Ahmad, Z., Mayes, K.E., Dong, S. and Markantonakis, K., “Considerations for mobile authentication in the cloud,” Information Security Technical Report, Vol. 16, No. 3-4, pp. 123-130, Aug.-Nov. 2011.
[4] Amazon, Amazon Elastic Compute Cloud (Amazon EC2), 2012 Internet Resource, http://aws.amazon.com/ec2/. (Date of access: May 2012)
[5] Amazon, Amazon Simple Storage Service (Amazon S3), 2012 Internet Resource, http://aws.amazon.com/s3/. (Date of access: May 2012)
[6] Bayyapu, P.R. and Das, M.L., “An improved and efficient micro-payment scheme,” Journal of Theoretical and Applied Electronic Commerce Research, Vol. 4, No. 1, pp. 91-100, Apr. 2009.
[7] Bellovin, S.M. and Merritt, M., “Encrypted key exchange: password-based protocols secure against dictionary attacks,” Proceedings of 1992 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, pp. 72-84, May 1992.
[8] Black, J., Halevi, S., Krawczyk, H., Krovetz, T. and Rogaway, P., “UMAC: fast and secure message authentication,” Proceedings of the 19th Annual International Cryptology Conference, Santa Barbara, CA, Vol. 1666 of LNCS, pp. 216-233, Aug. 1999.
[9] Blundo, C., Santis, A.D., Herzberg, A., Kutten, S., Vaccaro, U. and Yung, M., “Perfectly secure key distribution for dynamic conferences,” Information and Computation, Vol. 146, No. 1, pp. 1-23, Oct. 1998.
[10] Burrows, M., Abadi, M. and Needham, R., “Authentication: a practical study in belief and action,” Proceedings of the 2nd Conference on Theoretical Aspects of Reasoning about Knowledge, Pacific Grove, CA, pp. 325-342, Mar. 1988.
[11] Burrows, M., Abadi, M. and Needham, R., “A logic of authentication,” ACM Transactions on Computer Systems, Vol. 8, No. 1, pp. 18-36, Feb. 1990.
[12] Cachin, C., “Efficient private bidding and auctions with an oblivious third party,” Proceedings of 6th ACM Conference on Computer and Communications Security (ACM CCS 1999), Singapore, pp. 120-127, Nov. 1999.
[13] Callegari, C., Garroppo, R.G., Giordano, S. and Pagano, M., “Security and delay issues in SIP systems,” International Journal of Communication Systems, Vol. 22, No. 8, pp. 1023-1044, Aug. 2009.
[14] Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M. and Pinkas, B., “Multicast security: a taxonomy and some efficient constructions,” Proceedings of the 18th Annual Joint Conference of the IEEE Computer and Communications Societies, New York, NY, Vol. 2, pp. 708-716, Mar. 1999.
[15] Cao, X. and Zhong, S., “Breaking a remote user authentication scheme for multi-server architecture,” IEEE Communications Letters, Vol. 10, No. 8, pp. 580-581, Aug. 2006.
[16] Chang, C.C. and Chang, Y.F., “Efficient anonymous auction protocols with freewheeling bids,” Computers & Security, Vol. 22, No. 8 , pp. 728-734, Dec. 2003.
[17] Chang, C.C. and Chang, Y.F., “A novel three-party encrypted key exchange protocol,” Computer Standards & Interfaces, Vol. 26, No. 5, pp. 471-476, Sep. 2004.
[18] Chang, C.C. and Cheng, T.F., “An efficient proxy raffle protocol with anonymity-preserving,” Computer Standards & Interfaces, Vol. 31, No. 4, pp.772-778, Jun. 2009.
[19] Chang, C.C. and Kuo, J.Y., “An efficient multi-server password authenticated key agreement scheme using smart card with access control,” Proceedings of the 19th International Conference on Advanced Information Networking and Applications, Tamkang University, Taiwan, Vol. 2, pp. 257-260, Mar. 2005.
[20] Chang, C.C. and Lee, C.Y., “A secure single sign-on mechanism for distributed computer networks,” IEEE Transactions on Industrial Electronics, Vol. 59, No. 1, pp. 629-637, Jan. 2012.
[21] Chang, C.C. and Lee, J.S., “An efficient and secure multi-server password authentication scheme using smart card,” Proceedings of the 3rd International Conference on Cyberworlds, Tokyo, Japan, pp. 417-422, Nov. 2004.
[22] Chang, C.C., Lee, J.S. and Kuo, J.Y., “Time-bound based authentication scheme for multi-server architecture,” International Journal of Innovative Computing, Information and Control, Vol. 4, No. 11, pp.2987-2996, Nov. 2008.
[23] Chang, C.C. and Liao, W.Y., “A remote password authentication scheme based upon ElGamal’s signature scheme,” Computers & Security, Vol. 13, No. 2, pp. 137-144, Apr. 1994.
[24] Chang, Y.F. and Chang, C.C., “An efficient authentication protocol for mobile satellite communication systems,” ACM SIGOPS Operating Systems Review, Vol. 39, No. 1, pp. 70-84, Jan. 2005.
[25] Chang, Y.F. and Chang, C.C., “Enhanced anonymous auction protocols with freewheeling bids,” Proceedings of 20th International Conference on Advanced Information Networking and Application (AINA’06), Vienna, Austria, pp. 353-358, Apr. 2006.
[26] Chang, Y.F., Chang, C.C. and Liu, Y.L., “Password authentication without the server public key,” IEICE Transactions on Communications, Vol. E87-B, No. 10, pp. 3088-3091, 2004.
[27] Chen, H.B., Chen, T.H., Lee, W.B. and Chang, C.C., “Security enhancement for a three-party encrypted key exchange protocol against undetectable on-line password guessing attacks,” Computer Standards & Interfaces, Vol. 30, No. 1-2, pp. 95-99, Jan. 2008.
[28] Chen, T.H., Lee, W.B. and Chen, H.B., “A self-verification authentication mechanism for mobile satellite communication systems,” Computers & Electrical Engineering, Vol. 35, No. 1, pp. 41-48, Jan. 2009.
[29] Chen, Y.C. and Yeh, L.Y., “An efficient authentication and access control scheme using smart cards,” Proceedings of the 11th International Conference on Parallel and Distributed Systems, Fukuoka, Japan, Vol. 2, pp. 78-82, Jul. 2005.
[30] Cheng, T.F., Lee, J.S. and Chang, C.C., “Security enhancement of an IC-card-based remote login mechanism,” Computer Networks, Vol. 51, No. 9, pp. 2280-2287, Jun. 2007.
[31] Cheng, Y. and Agrawal, D.P., “An improved key distribution mechanism for large-scale hierarchical wireless sensor networks,” Ad Hoc Networks, Vol. 5, No. 1, pp. 35-48, Jan. 2007.
[32] Chonka, A., Xiang, Y., Zhou, W. and Bonti, A., “Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks,” Journal of Network and Computer Applications, Vol. 34, No. 4, pp. 1097-1107, Jul. 2011.
[33] Chua, T.K. and Pheanis, D.C., “Bandwidth-conserving multicast VoIP teleconference system,” International Journal of Network Security, Vol. 7, No. 1, pp. 42-48, Jul. 2008.
[34] Chung, Y.F., Chen, Y.T., Chen, T.L. and Chen, T.S., “An agent-based English auction protocol using Elliptic Curve Cryptosystem for mobile commerce,” Expert Systems with Applications, Vol. 38, No. 8, pp. 9900-9907, Aug. 2011.
[35] Comparetto, G. and Ramirez, R., “Trends in mobile satellite technology,” Computer, Vol. 30, No. 2, pp. 44-52, Feb. 1997.
[36] Daemen, J. and Rijmen, V., The Design of Rijndael: AES - The Advanced Encryption Standard, Springer-Verlag, Germany, 2002.
[37] Dai, W., Crypto++ library 5.6.0 benchmarks, 2009 Internet Resource, http://www.cryptopp.com/benchmarks.html. (Date of access: May 2012)
[38] Du, H.S., Yu, H., Fang, Y. and Wang, S., “Empirical investigation of EachNet: the eBay model of C2C online auction in China,” IEEE Transactions on Engineering Management, Vol. 59, No. 1, pp. 160-175, Feb. 2012.
[39] Elgamal, T., “A public key cryptosystem and a signature scheme based on discrete logarithms,” IEEE Transactions on Information Theory, Vol. IT-31, No. 4, pp. 469-472, Jul. 1985.
[40] Evans, J.V., “Satellite systems for personal communications,” IEEE Antennas and Propagation Magazine, Vol. 39, No. 3, pp. 7-20, Jun. 1997.
[41] Gennaro, R., “Randomness in cryptography,” IEEE Security & Privacy, Vol. 4, No. 2, pp. 64-67, Mar.-Apr. 2006.
[42] Gennaro, R. and Rohatgi, P., “How to sign digital streams,” Information and Computation, Vol. 165, No. 1, pp. 100-116, Feb. 2001.
[43] Golle, P. and Modadugu, N., “Authenticating streamed data in the presence of random packet loss,” Proceedings of the Symposium on Network and Distributed System Security, San Diego, CA, pp. 13-22, Feb. 2001.
[44] Google Enterprise, Google Apps for business, 2011 Internet Resource, http://www.google.com/enterprise/apps/business/. (Date of access: May 2012)
[45] Hankerson, D., Menezes, A. and Vanstone, S., Guide to Elliptic Curve Cryptography, Springer-Verlag, NY, 2004.
[46] Harn, L. and Lin, C., “Authenticated group key transfer protocol based on secret sharing,” IEEE Transactions on Computers, Vol. 59, No. 6, pp. 842-846, Jun. 2010.
[47] Hartleid, J.E. and Casey, L., “The iridium (tm) system: personal communications anytime, anyplace,” Proceedings of the 3rd International Mobile Satellite Conference (IMSC ’93), Pasadena, CA, pp. 285-290, Jun. 1993.
[48] Hauser, R., Steiner, M. and Waidner, M., “Micro-payments based on iKP,” Proceedings of the 14th Worldwide Congress on Computer and Communication Security Protection, Paris, France, pp. 67-82, Jun. 1996.
[49] Hirakiuchi, D. and Sakurai, K., “English vs. sealed-bid in anonymous electronic auction protocols,” Proceedings of 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2001), Cambridge, MA, pp. 171-176, Jun. 2001.
[50] Hsiang, H.C. and Shih, W.K., “Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment,” Computer Standards & Interfaces, Vol. 31, No. 6, pp. 1118-1123, Nov. 2009.
[51] Hu, L., Niu, X. and Yang, Y., “An efficient multi-server password authenticated key agreement scheme using smart cards,” Proceedings of the 2007 International Conference on Multimedia and Ubiquitous Engineering, Seoul, Korea, pp. 903-907, Apr. 2007.
[52] Huang, D. and Medhi, D., “A secure group key management scheme for hierarchical mobile ad hoc networks,” Ad Hoc Networks, Vol. 6, No. 4, pp. 560-577, Jun. 2008.
[53] Huang, H.F. and Wei, W.C., “A new efficient and complete remote user authentication protocol with smart card,” International Journal of Innovative Computing, Information and Control, Vol. 4, No. 11, pp. 2803-2808, Nov. 2008.
[54] Hwang, M.S. and Sung, P.C., “A study of micro-payment based on one-way hash chain,” International Journal of Network Security, Vol. 2, No. 2, pp. 81-90, Mar. 2006.
[55] Hwang, M.S., Yang, C.C. and Shiu, C.Y., “An authentication scheme for mobile satellite communication systems,” ACM SIGOPS Operating Systems Review, Vol. 37, No. 4, pp. 42-47, Oct. 2003.
[56] Hwang, T.Y., “Password authentication using public-key encryption,” Proceedings of International Carnahan Conference on Security Technology, Zurich, Switzerland, pp. 35-38, Oct. 1983.
[57] Jiang, R., Pan, L. and Li, J.H., “An improvement on efficient anonymous auction protocols,” Computers & Security, Vol. 24, No. 2, pp. 169-174, Mar. 2005.
[58] Juang, W.S., “Efficient multi-server password authenticated key agreement using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 1, pp. 251-255, Feb. 2004.
[59] Juang, W.S., “Efficient three-party key exchange using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 2, pp. 619-624, May 2004.
[60] Kerckhoffs, A., “La cryptographie militaire,” Journal des Sciences Militaires, Vol. IX, pp. 5-38, Jan. 1883.
[61] Kerckhoffs, A., “La cryptographie militaire,” Journal des Sciences Militaires, Vol. IX, pp. 161-191, Feb. 1883.
[62] Koblitz, N., “Elliptic curve cryptosystems,” Mathematics of Computation, Vol. 48, No. 177, pp. 203-209, Jan. 1987.
[63] Krawczyk, H., Bellare, M. and Canetti, R., “HMAC: keyed-hashing for message authentication,” Internet Engineering Task Force RFC-2104, Feb. 1997.
[64] Lain, C.S., Harn, L. and Huang, D., “Password authentication using quadratic residues,” Proceedings of International Computer Symposium, Taipei, Taiwan, pp. 1484-1489, Dec. 1988.
[65] Lasc, L., Dojen, R. and Coffey, T., “Countering jamming attacks against an authentication and key agreement protocol for mobile satellite communications,” Computers & Electrical Engineering, Vol. 37, No. 2, pp. 160-168, Mar. 2011.
[66] Lawson, Lawson: Loppi, 2012 Internet Resource, http://www.lawson.co.jp/service/loppi/index.html. (Date of access: Apr. 2012)
[67] Lee, B., Kim, K. and Ma, J., “Efficient public auction with one-time registration and public verifiability,” Proceedings of Second International Conference on Cryptology in India (Indocrypt 2001), Chennai, India, pp. 16-20, Dec. 2001.
[68] Lee, C.C., Li, C.T. and Chang, R.X., “A simple and efficient authentication scheme for mobile satellite communication systems,” International Journal of Satellite Communications and Networking, Vol. 30, No. 1, pp. 29-38, Jan.-Feb. 2012.
[69] Lee, J.H. and Lee, D.H., “Efficient and secure remote authenticated key agreement scheme for multi-server using mobile equipment,” Proceedings of the 26th International Conference on Consumer Electronics, Las Vegas, NV, pp. 1-2, Jan. 2008.
[70] Lee, J.S., Chang, Y.F. and Chang, C.C., “A novel authentication protocol for multi-server architecture without smart cards,” International Journal of Innovative Computing, Information and Control, Vol. 4, No. 6, pp. 1357-1364, Jun. 2008.
[71] Lee, J.S. and Lin, K.S., “An innovative electronic group-buying system for mobile commerce,” Electronic Commerce Research and Applications, In Press, Available online Oct. 2012.
[72] Lee, S.W., Kim, H.S. and Yoo, K.Y., “Improved efficient remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 50, No. 2, pp. 565-567, May 2004.
[73] Lee, T.F., Hwang, T. and Lin, C.L., “Enhanced three-party encrypted key exchange without server public keys,” Computers & Security, Vol. 23, No. 7, pp. 571-577, Oct. 2004.
[74] Lee, T.F., Liu, J.L., Sung, M.J., Yang, S.B. and Chen, C.M., “Communication-efficient three-party protocols for authentication and key agreement,” Computers & Mathematics with Applications, Vol. 58, No. 4, pp. 641-648, Aug. 2009.
[75] Li, F., Xin, X. and Hu, Y., “Identity-based broadcast signcryption,” Computer Standards & Interfaces, Vol. 30, No. 1-2, pp. 89-94, Jan. 2008.
[76] Li, J., Jia, Y., Liu, L. and Wo, T., “CyberLiveApp: a secure sharing and migration approach for live virtual desktop applications in a cloud environment,” Future Generation Computer Systems, Vol. 29, No. 1, pp. 330-340, Jan. 2013.
[77] Li, M.J., Juan, J.S. and Tsai, J.H., “Practical electronic auction scheme with strong anonymity and bidding privacy,” Information Sciences, Vol. 181, No. 12, pp. 2576-2586, Jun. 2011.
[78] Liao, Y.P. and Wang, S.S., “A secure dynamic ID based remote user authentication scheme for multi-server environment,” Computer Standards & Interfaces, Vol. 31, No. 1, pp. 24-29, Jan. 2009.
[79] Liaw, H.T., Juang, W.S. and Lin, C.K., “An electronic online bidding auction protocol with both security and efficiency,” Applied Mathematics and Computation, Vol. 174, No. 2, pp. 1487-1497, Mar. 2006.
[80] Lin, C.L., Sun, H.M. and Hwang, T., “Three-party encrypted key exchange: attacks and a solution,” ACM Operating Systems Review, Vol. 34, No. 4, pp. 12-20, Oct. 2000.
[81] Lin, C.L., Sun, H.M., Steiner, M. and Hwang, T., “Three-party encrypted key exchange without server public-keys,” IEEE Communications Letters, Vol. 5, No. 12, pp. 497-499, Dec. 2001.
[82] Lin, I.C., Hwang, M.S. and Chang, C.C., “The general pay-word: a micro-payment scheme based on n-dimension one-way hash chain,” Designs, Codes, and Cryptography, Vol. 36, No. 1, pp. 53-67, Jul. 2005.
[83] Lin, I.C., Hwang, M.S. and Li, L.H., “A new remote user authentication scheme for multi-server architecture,” Future Generation Computer Systems, Vol. 19, No. 1, pp. 13-22, Jan. 2003.
[84] Liu, D., Ning, P. and Li, R., “Establishing pairwise keys in distributed sensor networks,” ACM Transactions on Information and System Security, Vol. 8, No. 1, pp. 41-77, Feb. 2005.
[85] Lo, N.W. and Yeh, K.H., “Cryptanalysis of two three-party encrypted key exchange protocols,” Computer Standards & Interfaces, Vol. 31, No. 6, pp. 1167-1174, Nov. 2009.
[86] Lombardi, F. and Pietro, R.D., “Secure virtualization for cloud computing,” Journal of Network and Computer Applications, Vol. 34, No. 4, pp. 1113-1122, Jul. 2011.
[87] Lu, R. and Cao, Z., “Simple three-party key exchange protocol,” Computers & Security, Vol. 26, No. 1, pp. 94-97, Feb. 2007.
[88] Lutz, E., “Issues in satellite personal communication systems,” Wireless Networks, Vol. 4, No. 2, pp. 109-124, Jan. 1998.
[89] Menezes, A.J., Van Oorschot, P.C. and Vanstone, S.A., Handbook of Applied Cryptography, CRC Press, FL, pp. 321-376, Oct. 1996.
[90] Microsoft, Windows Azure, 2012 Internet Resource, http://www.windowsazure.com/en-us/. (Date of access: May 2012)
[91] Miller, V.S., “Use of elliptic curves in cryptography, advances in cryptology,” Proceedings of 5th International Cryptology Conference (Crypto ’85), Santa Barbara, CA, pp. 417-426, Aug. 1985.
[92] Mittra, S., “Iolus: a framework for scalable secure multicasting,” Proceedings of the ACM SIGCOMM’97 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, Cannes, France, pp. 277-288, Sep. 1997.
[93] Mohamed, E.E. and Barka, E., “OMAC: a new access control architecture for overlay multicast communications,” International Journal of Communication Systems, Vol. 24, No. 6, pp. 761-775, Jun. 2011.
[94] Mukherjee, R. and Atwood, J., “Scalable solutions for secure group communications,” Computer Networks, Vol. 51, No. 12, pp. 3525-3548, Aug. 2007.
[95] Nam, J., Lee, Y., Kim, S. and Won, D., “Security weakness in a three-party pairing-based protocol for password authenticated key exchange,” Information Sciences, Vol. 177, No. 6, pp. 1364-1375, Mar. 2007.
[96] Nguyen, K. and Traoré, J., “An online public auction protocol protecting bidder privacy,” Proceedings of 5th Australasian Conference on Information Security and Privacy (ACISP 2000), Brisbane, Australia, pp. 427-442, Jul. 2000.
[97] Omote, K. and Miyaji, A., “A practical English auction with one-time registration,” Proceedings of 6th Australasian conference on information security and privacy (ACISP 2001), Sydney, Australia, pp. 221-234, Jul. 2001.
[98] Perrig, A., “The BiBa one-time signature and broadcast authentication protocol,” Proceedings of the 8th ACM Conference on Computer and Communications Security, Philadelphia, PA, pp. 28-37, Nov. 2001.
[99] Perrig, A., Canetti, R., Tygar, J. and Song, D., “Efficient authentication and signing of multicast streams over lossy channels,” Proceedings of IEEE Symposium on Security and Privacy, Berkeley, CA, pp. 56-73, May 2000.
[100] Petitcolas, F., Kerckhoffs’ la cryptographie militaire, 2010 Internet Resource, http://www.petitcolas.net/fabien/kerckhoffs/index.html. (Date of access: Apr. 2012)
[101] Piao, Y., Kim, J., Tariq, U. and Hong, M., “Polynomial-based key management for secure intra-group and inter-group communication,” Computers & Mathematics with Applications, In Press, Available online Feb. 2012.
[102] Pinker, E., Seidmann, A. and Vakrat, Y., “Using bid data for the management of sequential, multi-unit, online auctions with uniformly distributed bidder valuations,” European Journal of Operational Research, Vol. 202, No. 2, pp. 574-583, Apr. 2010.
[103] Poskett, P., “Satellite system architectures,” Proceedings of the 2nd European Workshop on Mobile/Personal Satcoms (EMPS ’96), Rome, Italy, pp. 485-500, Oct. 1996.
[104] Rankl, W. and Effing, W., Smart Card Handbook, 2nd Edition, John Wiley and Sons Inc., NY, 2000.
[105] Reyzin, L. and Reyzin, N., “Better than BiBa: short one-time signatures with fast signing and verifying,” Proceedings of the 7th Australasian Conference on Information Security and Privacy, Melbourne, Australia, pp. 144-153, Jul. 2002.
[106] Rivest, R.L. and Shamir, A., “Payword and micromint: two simple micropayment schemes,” Proceedings of 1996 International Workshop on Security Protocols, Cambridge, United Kingdom, Vol. 1189 of LNCS, pp. 69-87, Apr. 1996.
[107] Rivest, R.L., Shamir, A. and Adleman, L., “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, Vol. 21, No. 2, pp.120-126, Feb. 1978.
[108] Rizzo, L., “Effective erasure codes for reliable computer communication protocols,” ACM Computer Communication Review, Vol. 27, No. 2, pp. 24-36, Apr. 1997.
[109] Rohatgi, P., “A compact and fast hybrid signature scheme for multicast packet authentication,” Proceedings of the 6th ACM Conference on Computer and Communications Security, Singapore, pp. 93-100, Nov. 1999.
[110] Sarkar, P. and Saha, A., “Security enhanced communication in wireless sensor networks using Reed-Muller codes and partially balanced incomplete block designs,” Journal of Convergence, Vol. 2, No. 1, pp. 23-30, Jun. 2011.
[111] Schneier, B., Applied Cryptography, Protocols, Algorithms, and Source Code in C, 2nd Edition, John Wiley and Sons Inc., NY, pp. 15, 1996.
[112] Shannon, C.E., “Communication theory of secrecy systems,” Bell System Technical Journal, Vol. 28, pp. 656-715, 1949.
[113] Shieh, W.G. and Wang, M.T., “An improvement to Kim-Chung’s authentication scheme,” ICIC Express Letters, Vol. 3, No. 4 (B), pp. 1215-1220, Dec. 2009.
[114] Srinivasan, R., Vaidehi, V., Srivathsan, K.N., Babu, L.R. and Karunagaran, C., “SeReRoM: secured reliable routing scheme for multicasting,” International Journal of Network Security, Vol. 5, No. 1, pp. 82-88, Jul. 2007.
[115] Steiner, M., Tsudik, G. and Waidner, M., “Refinement and extension of encrypted key exchange,” ACM Operating Systems Review, Vol. 29, No. 3, pp. 22-30, Jul. 1995.
[116] Stinson, D.R., Cryptography: Theory and Practice, 2nd Edition, CRC Press, FL, pp. 226-228, Feb. 2002.
[117] Sun, H.M., “An efficient remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, pp. 958-961, Nov. 2000.
[118] Sun, H.M., Chen, B.C. and Hwang, T., “Secure key agreement protocols for three-party against guessing attacks,” Journal of Systems and Software, Vol. 75, No. 1-2, pp. 63-68, Feb. 2005.
[119] The Tech Museum, The satellite site, Internet Resource, http://www.thetech.org/exhibits/online/satellite/. (Date of access: Aug. 2011)
[120] Tsai, J.L., “Efficient multi-server authentication scheme based on one-way hash function without verification table,” Computers & Security, Vol. 27, No. 3-4, pp. 115-121, May-Jun. 2008.
[121] Vragov, R., “Operational efficiency of decentralized Internet auction mechanisms,” Electronic Commerce Research and Applications, Vol. 9, No. 2, pp. 111-125, Mar.-Apr. 2010.
[122] Wang, C.T., Chang, C.C. and Lin, C.H., “Using IC cards to remotely login passwords without verification tables,” Proceedings of the 18th International Conference on Advanced Information Networking and Applications, Fukuoka, Japan, Vol. 1, pp. 321-326, Mar. 2004.
[123] Wang, H., Ma, J. and Sun, J., “Micro-payment protocol based on multiple hash chains,” Proceedings of the 2009 Second International Symposium on Electronic Commerce and Security, Nanchang, China, Vol. 1, pp. 71-74, May 2009.
[124] Wang, Q., Wang, C., Ren, K., Lou, W. and Li, J., “Enabling public auditability and data dynamics for storage security in cloud computing,” IEEE Transactions on Parallel and Distributed Systems, Vol. 22, No. 5, pp. 847-859, May 2011.
[125] Wang, R.C., Juang, W.S. and Lei, C.L., “User authentication scheme with privacy-preservation for multi-server environment,” IEEE Communications Letters, Vol. 13, No. 2, pp. 157-159, Feb. 2009.
[126] Wang, R.C., Juang, W.S. and Lei, C.L., “A robust authentication scheme with user anonymity for wireless environments,” International Journal of Innovative Computing, Information and Control, Vol. 5, No. 4, pp. 1069-1080, Apr. 2009.
[127] Wang, W. and Bhargava, B., “Key distribution and update for secure inter-group multicast communication,” Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks, Alexandria, VA, pp. 43-52, Nov. 2005.
[128] Wang, W. and Stransky, T., “Stateless key distribution for secure intra and inter-group multicast in mobile wireless network,” Computer Networks, Vol. 51, No. 15, pp. 4303-4321, Oct. 2007.
[129] Wang, W. and Wang, Y., “Secure group-based information sharing in mobile ad hoc networks,” Proceedings of IEEE International Conference on Communications, Beijing, China, pp. 1695-1699, May 2008.
[130] Wen, H.A., Lee, T.F. and Hwang, T., “Provably secure three-party password-based authenticated key exchange protocol using Weil pairing,” IEE Proceedings of Communications, Vol. 152, No. 2, pp. 138-143, Apr. 2005.
[131] Wiedeman, R.A. and Viterbi, A.J., “The Globalstar mobile satellite system for worldwide personal communications,” Proceedings of the 3rd International Mobile Satellite Conference (IMSC ’93), Pasadena, CA, pp. 291-296, Jun. 1993.
[132] Windley, P.J., Digital Identity, 1st Edition, O’Reilly Media, CA, pp. 33, Aug. 2005.
[133] Wong, C.K. and Lam, S.S., “Digital signatures for flows and multicasts,” IEEE/ACM Transactions on Networking, Vol. 7, No. 4, pp. 502-513, Aug. 1999.
[134] Wu, S.T., Authentication and Group Secure Communications Using Elliptic Curve Cryptography, Doctoral Dissertation, National Taiwan University of Science and Technology, Taiwan, 2005.
[135] Wu, T.C., “Remote login authentication scheme based on a geometric approach,” Computer Communications, Vol. 18, No. 12, pp. 959-963, Dec. 1995.
[136] Xiong, H., Chen, Z. and Li, F., “Bidder-anonymous English auction protocol based on revocable ring signature,” Expert Systems with Applications, Vol. 39, No. 8, pp. 7062-7066, Jun. 2012.
[137] Xiong, H., Qin, Z. and Li, F., “An anonymous sealed-bid electronic auction based on ring signature,” International Journal of Network Security, Vol. 8, No. 2, pp. 236-243, May 2009.
[138] Yang, S.P. and Li, X., “Defect in protocol analysis with BAN logic on man-in-the-middle sttacks,” Application Research of Computers, Vol. 24, No. 3, pp. 149-151, Mar. 2007.
[139] Yang, W.S. and Hwang, S.Y., “iTravel: a recommender system in mobile peer-to-peer environment,” Journal of Systems and Software, Vol. 86, No. 1, pp. 12-20, Jan. 2013.
[140] Yeh, L.Y., Chen, Y.C. and Huang, J.L., “PAACP: a portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks,” Computer Communications, Vol. 34, No. 3, pp.447-456, Mar. 2011.
[141] Yen, S.M., Ho, L.T. and Huang, C.Y., “Internet micropayment based on unbalanced one-way binary tree,” Proceedings of the International Workshop on Cryptographic Techniques and E-Commerce, Hong Kong, pp. 155-162, Jul. 1999.
[142] Yoon, E.J. and Yoo, K.Y., “Improving the novel three-party encrypted key exchange protocol,” Computer Standards & Interfaces, Vol. 30, No. 5, pp. 309-314, Jul. 2008.
[143] Zhang, Q. and Calvert, K.L., “A peer-based recovery scheme for group rekeying in secure multicast,” International Journal of Network Security, Vol. 6, No. 1, pp. 15-25, Jan. 2008.
[144] Zheng, G., Ma, H.T., Cheng, C. and Tu, Y.C., “Design and logical analysis on the access authentication scheme for satellite mobile communication networks,” IET Information Security, Vol. 6, No. 1, pp. 6-13, Mar. 2012.
[145] Zhu, H., Liu, T. and Liu, J., “Robust and simple multi-server authentication protocol without verification table,” Proceedings of the 9th International Conference on Hybrid Intelligent Systems, Shenyang, China, pp. 51-56, Aug. 2009.