目前網際網路的使用率越來越普及,人們利用網路搜尋資料、傳遞訊息,所以位於不同的兩地資訊的交流就日益頻繁,自然網路安全就愈來愈受到各方的重視。,而透過密碼學的應用及加解密的機制,除可加強網際網路中資訊傳遞的私密性、完整性及不可否認性外,亦有效防止個人私密資訊遭受他人所竊取。近年來,橢圓曲線密碼學被證明擁有更高的安全性與更低的計算量並且發展出許多的加密系統,並廣泛應用於網路安全。 本論文指出在2005年由Manik提出的遠端使用者登入系統並非擁有如同作者所宣稱的安全性,惡意攻擊者可以任意扮演合法使用者並欺騙遠端伺服器達到登入目的。因此,本論文分析Manik的遠端使用者登入系統安全上的弱點並且修改它安全上的漏洞。 The information security with the internet has become a serious issue recently to us. In order to protect the transaction security, many cryptosystem has developed such as RSA which based on the complex discrete logarithm problem. Recently, bilinear pairings such as Weil pairing and Tate pairing defined on elliptic curves were proved and could be applied to cryptography in 2001. It possesses faster computation and fewer bits but remaining the same security level as other public key cryptosystems, like the traditional RSA cryptosystem. In this paper, we review some exist security attributes and point out the current cryptosystem based on bilinear pairings which proposed by Manik which has some weaknesses. After that, we proposed few improvement of their scheme.
