类离线可信第三方不可否认协议设计及分析

发布时间：2018-06-16 05:21

本文选题：不可否认 + 安全性目标　；参考：《重庆大学》2014年硕士论文

【摘要】：不可否认服务已经渗透到各种网络应用中，特别是与人们生活息息相关的电子商务、电子邮件等方面。提供有效的、完善的不可否认服务成为网络安全领域的研究热点。不可否认服务由良好的协议模型及完善的协议来实现，满足各种安全性目标是其能够提供不可否认服务的基础。安全性目标的必然实现，依赖于可信第三方（TTP）的参与。然而，TTP过多地参与协议，必然会导致其负载过重，从而影响TTP自身的可靠性。因此，在满足各种安全性目标的同时，尽可能减少TTP的参与。此外，除了参与方有可能相互欺诈，试图获得不正当利益外，参与方也可能有针对性地攻击TTP，如恶意增加TTP的负载，试图使其拒绝服务。针对以上问题，在借鉴不可否认服务已有的研究成果的基础上，，本文主要做了以下工作： ①分析已有的不可否认协议模型，指出其优缺点，并详细分析一个具体的无TTP的不可否认协议－MR协议，该协议以概率1－ε实现公平性，其最大优点是不需要TTP的参与；随后，分析并完善ZDB协议。本文在该协议中添加了时间点和时间段因子，使得参与双方能够更加准确的选择等待时间，从而增加协议完成信息交换的机会，同时减少请求TTP参与的机会。 ②提出一种称为基于类离线TTP的不可否认协议模型。本文该模型引入了自定义交换次数，进一步减少TTP的参与量，同时实现非强制性TTP；此外，分析了参与者针对TTP的恶意请求，并提出应对方法。之后将该模型与已有模型进行了比较，显示了该模型的优点。 ③设计一个完善的安全电子邮件协议。分析表明，该协议能够实现各种安全性目标，且TTP是半强制性和非强制性的，在具体步骤间，其以概率ε参与协议；此外，提出了具体防止参与方恶意请求TTP参与的方法以及选择自定义交换次数应考虑的因素。 ④在电子商务中，针对其在提供不可否认服务时对保护参与者声誉的要求，提出一个基于透明类离线TTP的电子商务交换协议，避免了外界对有损参与者声誉的行为的猜测。
[Abstract]:Undeniable services have penetrated into all kinds of network applications, especially in electronic commerce, email and so on, which are closely related to people's lives. Providing effective and perfect non-repudiation service has become the research hotspot in the field of network security. The non-repudiation service is realized by a good protocol model and a perfect protocol. To meet the security objectives is the basis for providing non-repudiation services. The realization of security goal depends on the participation of trusted third party (TTP). However, too much TTP participation in the protocol will inevitably lead to its overload, thus affecting the reliability of TTP itself. Therefore, while meeting various security objectives, TTP participation is minimized. In addition, in addition to the participants may cheat each other and try to obtain improper benefits, the participants may also attack TTPspecifically, such as malicious increase of TTP load, and try to make TTP denial of service. In view of the above problems, based on the existing research results of non-repudiation service, this paper mainly does the following work: 1 analyzing the existing non-repudiation protocol model, pointing out its advantages and disadvantages, A non-repudiation protocol (-MR) without TTP is analyzed in detail, which realizes fairness by probabilistic 1- 蔚, and its greatest advantage is that it does not need TTP participation. Then, the ZDB protocol is analyzed and perfected. In this paper, time and time factors are added to the protocol, which enables both parties to choose the waiting time more accurately, thus increasing the opportunity for the protocol to complete the exchange of information. At the same time, the chance of requesting TTP participation is reduced. 2 A non-repudiation protocol model based on class off-line TTP is proposed. In this paper, the custom exchange times are introduced to further reduce the participation of TTP, and the non-mandatory TTP is implemented at the same time. In addition, the malicious requests of participants against TTP are analyzed and the corresponding methods are put forward. Then the model is compared with the existing model, which shows the advantages of the model. 3. A perfect secure email protocol is designed. The analysis shows that the protocol can achieve various security objectives, and TTP is semi-mandatory and non-mandatory, and it participates in the protocol with probability 蔚 between specific steps. Specific methods to prevent participants from requesting TTP participation and factors to be taken into account in selecting the number of custom exchanges are proposed. 4 in electronic commerce, the requirement to protect the reputation of participants in providing non-reputable services is addressed. An off-line TTP based electronic commerce exchange protocol based on transparent class is proposed, which avoids the speculation about the behavior that damages the reputation of the participants.
【学位授予单位】：重庆大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】