Summary: | 博士 === 國立中山大學 === 資訊工程學系研究所 === 98 === Mobile communication is very mature today due to the powerful computation and communication capabilities of mobile devices, the flourishing of mobile networks, the popularity of electronic commerce, and the completeness of e-payment mechanisms. It is a pleasure for mobile users to roam around the mobile networks and enjoy the mobile network services. However, there are a lot of security threats in the mobile networks, and thus we need an anonymous mutual authentication and key exchange scheme to guarantee the security and privacy for mobile users in the networks. A payment protocol is also required for charging the mobile users after using the mobile services. However, the existing payment schemes do not support anonymity
and credit-based chargeability at the same time. In this dissertation, we propose a secure authentication scheme such that the mobile users can be anonymously authenticated by the system and the system can still make correct charge to these anonymous mobile users via a credit-based way simultaneously. We also propose a novel e-cash scheme which can support each mobile user to withdraw a generic e-cash and decide to spend it as an on-line e-cash or an off-line e-cash according to the payment requirement of the anonymous authentication scheme. Our proposed schemes are convenient and flexible for the mobile users, the system operator, and the bank. Besides, full privacy can be achieved for mobile users owing to the combination of our proposed schemes, which can be performed in current mobile devices efficiently with few battery energy consumptions. Furthermore, we provide anonymity control, no swindling, tamper resistance, secure mutual authentication, secure key exchange, and secure forward secrecy in the proposed anonymous authentication scheme and the e-cash scheme, where these security features are demonstrated by formal security models and theoretical proofs.
|