隨著Smart Card運用越來越頻繁,Smart Card資訊安全上的問題也漸漸出現,如果使用Smart Card所制定的認證協議不夠完善,可能會遭到不明人士的假冒、攔截、竄改或重複發送資料等攻擊。由於Smart Card面臨各種威脅,對於Smart Card的資訊安全也必須重視。
Chaotic密碼學最早出現於1989,而Matthews也在後續提出Chaotic Maps系統。在2007年,Xiao等人提出使用Chaotic Maps之金鑰協議,其中過程結構與Diffie-Hellman金鑰交換演算法相似。Guo與Chang在2013年提出使用智慧卡與Chaotic Maps多項式認證協議,在成本上尚有改良空間,而安全上可能會讓使用者被追蹤與雙方金鑰不一致。
本研究改良使用Chaotic Maps多項式的認證協議,修改認證過程,避免使用者被攻擊者追蹤,達成金鑰協議,也減少在計算成本上的費用。
With more and more frequent use of smart card, security issues on smart card gradually appear. If authentication protocol using smart card is not perfect, it may suffer different at-tacks such as impersonation, interception, modification, and replay. As the smart card authen-tication is facing various threats, applications on smart cards also must pay attention to infor-mation security.
Chaotic cryptography first appeared in 1989, and Matthews also proposed Chaotic Maps system later. In 2007, Xiao et al. proposed key agreement protocol using Chaotic Maps similar to Diffie-Hellman key exchange algorithm. Guo and Chang, in 2013, proposed an authen-tication protocol using smart cards with Chaotic Maps polynomial. However, improvement is required in terms of computation cost and security. In the protocol, a user may be tracked and the exchanged keys in both sides may be inconsistent under attack.
Based on Guo and Chang’s work, this study proposes an improved authentication proto-col using Chaotic Maps polynomial and smart cards. By modifying their authentication pro-cess, the improved protocol not only achieves key agreement, avoids being attacked by track-ing users, but also reduces the computation costs in the authentication process.
