在這個全球網路連結的時代，我們面臨病毒、駭客、電子竊聽，以及
電子詐騙的威脅，安全性真是無時無刻不重要的。電腦系統與網路連結的
爆炸性成長使得機關組織與個人使用者越來越依賴在這些系統之間流通
的資訊。這使我們意識到必須保護資料與資源不外洩，以確保資料與訊息
的可靠度，並且可以保護系統不會遭受來自網路的攻擊。
網路安全防護是由一些安全機制所組成，這些機制決定資料在傳輸
時，如何阻斷、預防、偵測與更正安全上的缺失。它是既複雜又吸引人的
課題。使用者身份認證是解決網路安全問題機制的第一步。在使用者身份
認證的解決機制中，又以「通行碼」(Password)為基礎的機制最廣為使用，
因為它具有簡單、方便、可攜性和不需硬體支援的優點。然而通行碼認證
會導致一個很重要的安全威脅即通行碼猜測攻擊(Password Guessing
Attack)，這是因為使用者通常會選擇容易記憶的字串來當作通行碼。在
認證過使用者身份之後，接下來就是如何有效地保護通訊雙方所傳遞的資
料。最有效地方法乃是通訊雙方協商一把共有秘密金鑰，用來加密傳送的
資料以保持資料的秘密性及完整性。一個能同時提供使用者身份認證及秘
密金鑰分配的安全協定稱之為「認證金鑰交換協定」(Authenticated Key
Exchange – AKE)，如何於各種環境下達到身分認證與金鑰交換正是本論
文探討的主題。
在使用者身份認證方面，由於網路的快速發展，個人使用者可藉由有
效的遠方身分認證機制而在任何地方對伺服端提出服務要求。在本論文的
開始，由於智慧卡的普及使用，我們提出兩個有效率的遠方身分認證機制
（Timestamp-Based 和Nonce-Based 遠方身分認證）。Timestamp-Based
遠方身分認證機制適用於區域網路。而對一個大型網路而言，例如廣域網
路、衛星通訊網路等等，我們建議使用Nonce-Based 遠方身分認證機制。
在認證金鑰交換協定方面，1992 年，Bellovin 與Merritt 首先提
出兩方(使用者與伺服端)通行碼認證金鑰交換協定，接著不斷有新的協定
在安全性或效率上加以改進而提出。在本論文中，我們首先針對分別植基
於Diffie-Hellman 問題及RSA 問題的困難度提出新的兩方通行碼認證
金鑰交換協定。比較之前相關協定，我們提出的兩方通行碼認證金鑰交換
協定更簡單、容易了解且能對抗各種攻擊。
三方(欲通訊的雙方與一個被信任的伺服端)通行碼認證金鑰交換協
定主要是提供欲通訊的雙方較有效率的金鑰管理。三方通訊的環境分為兩
種模式，首先是欲通訊的雙方（使用者）與一個被信任的伺服端。至今為
止，大部分三方通訊的討論都集中在這種模式方面。然而，假設在一個開
放的分散式環境中，使用者想要存取網路上其他伺服端所提供的服務。我
們提出了一個集中式的認證伺服端，這樣一來，就不用煞費苦心在每一個
伺服端上建立認證的協定了，此即模式二（使用者、提供服務的伺服端、
集中式的認證伺服端）。在本論文中，我們首先提出新的、安全的及有效
率的三方通行碼認證金鑰交換協定適用於模式一。接著再提出適用於模式
二的三方通行碼認證金鑰交換協定。
直到今日，幾乎所有討論通行碼認證金鑰交換協定都侷限於兩方或三
方的模式，即使用者們都在同一個伺服端註冊及認證。然而，在實際環境
中，有可能欲通訊雙方（使用者與使用者之間）分別在不同伺服端註冊及
認證，且只信任自己所註冊的伺服端。在這種環境中，兩方或三方的模式
皆已不適用，如何藉由不同伺服端的合作有效率的認證欲通訊雙方變成一
個非常重要的課題。本論文最後提出兩個新的四方通行碼認證金鑰交換協
定來解決這個問題。

In this age of universal electronic connectivity, of viruses and hackers, of
electronic eavesdropping and electronic fraud, there is indeed no time at which
security does not matter. The explosive growth in computer systems and their
interconnections via networks has increased the dependence of both organizations and
individuals on the information stored and communicated using these systems. This, in
tern, has led to a heightened awareness of the need to protect data and resources from
disclosure, to guarantee the authenticity of data and messages, and to protect systems
from network-based attacks.

Network security consists of measures to deter, prevent, detect, and correct
security violations that involve the transmission of information. It is both fascinating
and complex. User authentication is the first mechanism in ensuring a secure service.
It is a process that verifies a user's identity to ensure that the person requesting access
to the private network is in fact, that person to whom entry is authorized.
Password-based mechanism is the most widely used method due to the advantages as
simplicity, convenience, adaptability, mobility, and less hardware requirement.
However, a serious problem caused by the password authentication is that password
has low entropy so that it is vulnerable to password guessing attacks. In open
distributed network environments, the extended problem after authenticated each
other is how to protect the sensitive information transmitted between a user and a
server. The most effective method to solving this problem is negotiating a shared
session key to provide data privacy and integrity. A protocol that involves user
authentication and key establishment can fit in with the security requirements mention
above, and is referred to as authenticated key exchange protocol (AKE). How to
achieve user authentication and key exchange is the goal, which the dissertation
concentrates.

With the rapid growth of Internet, many types of services are provided to help
network users. Individuals can go anywhere to request some services by effective
remote user authentication schemes. Based on smartcard, we propose two new
efficient remote user authentication schemes (timestamp-based authentication and
nonce-based authentication). Timestamp-based authentication scheme is suitable for
tightly synchronized system clocks, such as local area networks (LAN). For a large
network where clock synchronization is difficult to work, such as wide area networks
(WAN), mobile communication networks, and satellite communication networks,
nonce-based authentication scheme is advised.

In 1992, Bellovin and Merritt first presented a new protocol known as Encrypted
Key Exchange, or EKE in short. EKE can resist password guessing attacks by giving
the attacker insufficient information to verify a guessed password. EKE performs a
key exchange as well, so both parties can encrypt their transmissions once
authentication is established. It is the landmark of two-party authentication and key
exchange protocols. In this dissertation, we first propose two two-party PAKE based
on Diffie-Hellman problem and RSA separately, and are referred to as SAKE-DH and
SAKE-RSA. Compared with previous related works, these two protocols are simple,
easy to realize, and secure against both passive and active adversaries.

The purpose of three-party PAKE protocols is to minimize the complexity of
key management among all users. With the help of a trusted third party, each user
need not share different passwords with the other users and can achieve direct mutual
authentication between the users. There are two models in three-party environment.
The first model, two users (clients) establish a session key through an authentication
server. Up to now, most of the literatures on three-party authentication and key
distribution protocols have focused on the environment of model 1. However, assume
an open distributed environment in which users at workstations wish to access
services on servers distributed throughout the network. We would like for servers to
be able to restrict access to authorized users and to be able to authenticate requests for
service. In this environment, a workstation cannot be trusted to identify its users
correctly to network services. Rather than building in elaborate authentication
protocols at each server, a centralized authentication server is provided to authenticate
users to servers and servers to users. In this dissertation, we first propose two secure
three-party PAKE protocols, which are more efficient than all previously proposed
three-party PAKE protocols, to fit the environment of model 1. We also propose two protocols that can fit the environment of model 2 and can resist various attacks.

Up to now, all papers discussing the problems of password-based key exchange
are constrained to two-party or three-party models, where the clients are registered
and authenticated by the same server. However, in reality, two potentially
communicated clients may register under distinct servers and each trusts only his/her
own server. In this case, how to efficiently authenticate two communicants via the
cooperation of two distinct servers becomes a very important issue. Two
authentication and key distribution protocols: four-party KTAP (key transfer
authentication protocol) and four-party KAAP (key agreement authentication
protocol), are proposed to solve this problem.

[1] M. Boyarsky, “Public-key cryptography and password protocols: The multi-user
case,” Proc. of the 6th ACM Conference on Computer and Communication Security,
pp. 63–72, 1999.
[2] M. Bellare, R. Canetti and H. Krawczyk, “Keying hash functions for message
authentication,” Advances in Cryptology – CRYPTO’96, pp. 1–15, 1996.
[3] M. Bellare, R. Canetti and H. Krawczyk, “A modular approach to the design and
analysis of authentication and key exchange protocols,” Proc. of the 30th Annual
ACM Symposium on the Theory of Computing, pp. 419–428, 1998.
[4] E. Bresson, O. Chevassut and D. Pointcheval, “Provably authenticated group
Di e-Hellman key exchange - the dynamic case,” Advances in Cryptology – ASIACRYPT’
01, pp. 290–309, 2001.
[5] E. Bresson, O. Chevassut and D. Pointcheval, “Dynamic group Di e-Hellman
key exchange under standard assumptions,” Advances in Cryptology – EUROCRYPT’
02, pp. 321–336, 2002.
[6] E. Bresson, O. Chevassut and D. Pointcheval, “Group Di e-Hellman key exchange
secure against dictionnary attacks,” Advances in Cryptology – ASIACRYPT’02,
pp. 497–514, 2002.
[7] E. Bresson, O. Chevassut, D. Pointcheval and J. J. Quisquater, “Provably authenticated
group Di e-Hellman key exchange,” Proc. of the 8th ACM conference on
Computer and Communications Security, pp. 255–264, 2001.
[8] M. Bellare, A. Desai, D. Pointcheval and P. Rogaway, “Relations among notions
of security for public-key encryption schemes,” Advances in Cryptology –
CRYPTO’98, pp. 26–45, 1998.
[9] Boneh, D. and Franklin, M., “Identity based Encryption from Weil Pairing,” in
Advances in Cryptography-CRYPTO 2001, Santa Barbara, CA, August 2001.
[10] J. Black and P. Rogaway, “Cipher with arbitrary finite domains,” Proc. of the RSA
Cryptographer’s Track, pp. 114–130, 2002.
[11] S. M. Bellovin and M. Merritt, “Encrypted key exchange: password-based protocols
secure against dictionary attacks,” IEEE Symposium on Research in Security
and Privacy, pp. 72–84, 1992.
[12] S. M. Bellovin and M. Merritt, “Augmented encrypted key exchange: a passwordbased
protocol secure against dictionary attacks and password file compromise,”
Proc. of the First ACM Conference on Computer and Communications Security,
pp. 244–250, 1993.
[13] S. Blake-Wilson and A. Menezes, “Authenticated Di e-Hellman key agreement
protocols,” Proc. of the 5th Annual Workshop on Selected Areas in Cryptography
(SAC’98), pp. 339–361, 1998.
[14] V. Boyko, P. MacKenzie and S. Patel, “Provably secure password-authenticated
key exchange using Di e-Hellman,” Advances in Cryptology – EUROCRYPT’00,
pp. 156–171, 2000.
[15] D. Boneh, “The decision Di e-Hellman problem,” Proc. of Third Algorithmic
Number Theory Symposium, pp. 48–63, 1998.
[16] M. Bellare, D. Pointcheval and P. Rogaway, “Authenticated key exchange secure
against dictionary attack,” Advances in Cryptology – EUROCRYPT’00, pp. 122–
138, 2000.
[17] M. Bellare and P. Rogaway, “Entity authentication and key distribution,” Advances
in Cryptology – CRYPTO’93, pp. 232–249, 1993.
[18] M. Bellare and P. Rogaway, “Random oracles are practical: A paradigm for designing
e cient protocols,” Proc. of the First ACM Conference on Computer and
Communications Security, pp. 62–73, November 1993.
[19] M. Bellare and P. Rogaway, “Provably secure session key distribution – the three
party case,” Proc. of the 27th ACM Symposium on the Theory of Computing, pp.
57–66, May 1995.
[20] R. Canetti and H. Krawczyk, “Analysis of key-exchange protocols and their use
for building secure channels,” Advances in Cryptology – EUROCRYPT’01, pp.
453–474, 2001.
[21] R. Canetti, O. Goldreich and S. Halevi, “The random oracle methodology, revisited,”
Proc. of the 30th Annual ACM Symposium on Theory of Computing, pp.
209–218, 1998.
[22] C. C. Chang and S. J. Hwang, “Using smart cards to authenticate remote passwords,”
Computers and Mathematicals with Application, Vol. 26, No. 7, pp. 19-27,
1993.
[23] H. Y. Chien, J. K. Jan, and Y. M. Tseng, “An e cient and practical solution to
remote authentication: smart card”. Computer and Security, Vol. 21, No. 4, pp.
372-375, 2002.
[24] R. Cramer and V. Shoup, “A practical public key cryptosystem provably secure
against adaptive chosen ciphertext attack,” Advances in Cryptology – CRYPTO’98,
pp. 13–25, 1998.
[25] C. C. Chang and T. C. Wu, “Remote password authentication with smart cards,”
IEE Proceeding-Computers and Digital Techniques, Vol. 138, No. 3, pp. 165-168,
1991.
[26] D. Dolev, C. Dwork and M. Naor, “Non-malleable cryptography (extended abstract),”
Proc. of the Twenty Third Annual ACM Symposium on Theory of Computing,
pp. 542–552, May 1991.
[27] W. Di e and M. Hellman, “New directions in cryptography,” IEEE Transactions
on Information Theory, Vol. 22, No. 6, pp. 644–654, 1976.
[28] Y. Ding and P. Horster, “Undetectable on-line password guessing attacks,” ACM
Operating Systems Review, Vol. 29, No. 4, pp. 77–86, 1995.
[29] D. E. Denning and M. S. Sacco, “Timestamps in key distribution protocols,” Communications
of the ACM, Vol. 24, No. 7, pp. 533–536, August 1981.
[30] T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete
logarithm,” IEEE Transactions on Information Theory, pp. 469–472, 1985.
[31] L. Gong, “Optimal authentication protocols resistant to password guessing attacks,”
Proc. of the 8th IEEE Computer Security Foundation Workshop, pp. 24–29,
1995.
[32] O. Goldreich and Y. Lindell, “Session-key generation using human passwords only,”
Advances in Cryptology – CRYPTO’01, pp. 408–432, 2001.
[33] L. Gong, M. Lomas, R. Needham and J. Saltzer, “Protecting poorly chosen secrets
from guessing attacks,” IEEE Journal on Selected Areas in Communications, Vol.
11, No. 5, pp. 648–656, 1993.
[34] S. Goldwasser and S. Micali, “Probabilistic encryption,” Journal of Computer and
System Sciences, Vol. 28, No. 2, pp. 270–299, April 1984.
[35] S. Goldwasser, S. Micali and C. Racko , “The knowledge complexity of interactive
proof systems,” SIAM Journal on Computing, Vol. 18, No. 1, pp. 186–208, February
1989.
[36] M. S. Hwang, “A remote login authentication scheme based on the digital signature
method,” International Journal of Computer Mathematics, Vol. 70, pp. 657-666,
1999.
[37] M. S. Hwang, “Cryptanalysis of a remote login authentication scheme,” Computer
Communications, Vol. 22, No. 8, pp. 742-744, 1999.
[38] T. Hwang, Y. Chen, and C. s. Laih, “Non-interactive password authentications
without password tables,” IEEE Region 10 Conference on Computer and Communication
Systems, IEEE Computer Society, pp. 429-431, 1990.
[39] S. Halevi and H. Krawczyk, “Public-key cryptography and password protocols,”
ACM Transactions on Information and System Security, Vol. 2, No. 3, pp. 25–60,
1999.
[40] M. S. Hwang and L. H. Li, “A new remote user authentication scheme using smart
cards”. IEEE Transactions on Consumer Electronics, Vol. 46, No. 1, February, pp.
28-30, 2000.
[41] D. Jablon, “Strong password-only authenticated key exchange,” ACM Computer
Communications Review, Vol. 20, No. 5, pp. 5–26, 1996.
[42] D. Jablon, “Extended password key exchange protocols immune to dictionary attack,”
Proc. of the WETICE’97 Workshop on Enterprise Security, pp. 248–255,
June 1997.
[43] B. Jaspan, “Dual-workfactor encrypted key exchange: e ciently preventing password
chaining and dictionary attacks,” Proc. of the Sixth Annual USENIX Security
Conference, pp. 43–50, 1996.
[44] J. K. Jan and Y. Y. Chen, “Paramita wisdom: password authentication scheme
without verification tables”, The Journal of Systems and Software 42, pp. 45-47,
1998.
[45] T. Kwon, M. Kang, S. Jung and J. Song, “An improvement of the passwordbased
authentication protocol (K1P) on security against replay attacks,” IEICE
Transactions on Communications, Vol. E82-B, No. 7, pp. 991–997, 1999.
[46] T. Kwon, M. Kang and J. Song, “An adaptable and reliable authentication protocol
for communication networks,” Proc. of IEEE INFOCOM’97, pp. 737–744, 1997.
[47] J. T. Kohl, B. C. Neuman, T. Ts’o, “The evolution of the kerberos authentication
system”, Distributed Open System, IEEE Computer Society Press, 78-94, 1994.
[48] J. Katz, R. Ostrovsky and M. Yung, “E cient password-authenticated key exchange
using human-memorable passwords,” Advances in Cryptology – EUROCRYPT’
01, pp. 475–494, 2001.
[49] S. Keung, and K. Siu, “E cient protocols secure against guessing and replay attacks”,
Proc. of the Fourth International Conference on Computer Communications
and Networks, 105-112, 1995.
[50] T. Kwon, and J. Song, “Authentication Key exchange Protocols resistant to password
guessing Attacks”. IEE Commun., vol 145, no.5, 304-308, October 1998.
[51] T. Kwon and J. Song, “Secure agreement scheme for gxy via password authentication,”
Electronics Letters, Vol. 35, No. 11, pp. 892–893, 1999.
[52] T. Kwon and J. Song, “A Study on the Generalized Key Agreement and Password
Authentication Protocol,” IEICE TRANS. COMMUN., vol.E83-B, no.9, pp.2044-
2050, SEP 2000.
[53] J. Katz and M. Yung, “Complete characterization of security notions for probabilistic
private-key encryption,” Proc. of the 32nd Annual ACM Symposium on
Theory of Computing, pp. 245–254, 2000.
[54] L. Lamport, “Password authentication with insecure communication,” Communications
of the ACM, Vol. 24, pp. 770-772, 1981.
[55] H. W. Lenstra, Jr. “Divisors in residue classes,” Mathematics of Computation,
42(165): 331-340, 1984.
[56] S. Lucks, “Open key exchange: how to defeat dictionary attacks without encrypting
public keys,” Proc. of the Workshop on Security Protocols, pp. 79–90, 1997.
[57] T. M. A. Lomas, L. Gong, J. H. Saltzer and R. M. Needham, “Reducing risks from
poorly chosen keys,” ACM Operating Systems Review, Vol. 23, No. 5, pp. 14–18,
December 1989.
[58] C. L. Lin, H. M. Sun, and T. Hwang, “Three-party encrypted key exchange: Attacks
and a solution,” ACM Operating Systems Review, Vol. 34, No. 4, pp. 12–20,
2000.
[59] C. L. Lin, H. M. Sun, M. Steiner and T. Hwang, “Three-party encrypted key
exchange without server public-keys,” IEEE Communications Letters, Vol. 5, No.
12, pp. 497–499, December 2001.
[60] P. MacKenzie, “More e cient password authenticated key exchange,” RSA Conference
’01, pp. 361–377, 2001.
[61] Menezes, Oorschot, and Vanstone, Handbook of Applied Cryptographt, CRC
Press, pp. 504, 1997.
[62] P. MacKenzie, S. Patel and R. Swaminathan, “Password-authenticated key exchange
based on RSA,” Advances in Cryptology – ASIACRYPT’00, pp. 599–613,
2000.
[63] S. Micali, C. Racko and R. H. Sloan, “The notion of security for probabilistic
cryptosystems,” SIAM Journal on Computing, Vol. 17, No. 2, pp. 412–426, April
1988.
[64] P. MacKenzie, T. Shrimpton and M. Jakobsson, “Threshold passwordauthenticated
key exchange,” Advances in Cryptology – CRYPTO’02, pp. 385–400,
2002.
[65] R. Morris and K. Thompson, “Password security: a case history,” Communications
of the ACM, pp. 594–597, 1979.
[66] M. Naor and O. Reingold, “Number-theoretic constructions of e cient pseudorandom
functions,” Proc. of 38th FOCS, pp. 458–467, 1997.
[67] National Institute of Standards and Technology (NIST), “Announcement of weakness
in the secure hash standard”, 1994.
[68] National Institute of Standards and Technology (NIST), “Advanced encryption
standard,” December 2000, http://www.nist.gov/aes.
[69] R. M. Needham and M. D. Schroeder, “Using encryption for authentication in
large networks of computers,” Communications of the ACM, Vol. 21, No. 12, pp.
993–999, December 1978.
[70] R. M. Needham and M. D. Schroeder, “Authentication revisited,” ACM Operating
Systems Review, Vol. 21, No. 1, pp. 7, January 1987.
[71] R. L. Rivest, “RFC 1321: the MD5 message-digest algorithm”, Internet Activities
Board, 1992.
[72] R. L. Rivest, A. Shamir and L. Adleman, “A method of obtaining digital signatures
and public-key cryptosystems,” Communications of the ACM, Vol. 21, No. 2, pp.
120–126, February 1978.
[73] Shamir, A. “Identity-Based Cryptosystems and Signature Schemes,” in Advances
in Cryptography-CRYPTO Crypto’84, pp. 47-53, 1984.
[74] V. Shoup, “On formal models for secure key exchange (version 4),” Research Report,
IBM Research, Number RZ 3120, November 1999.
[75] H. M. Sun, “An e cient remote user authentication scheme using smart cards”.
IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, pp. 958-961, November,
2000.
[76] M. Steiner, P. Buhler, T. Eirich and M. Waidner, “Secure password-based cipher
suite for TLS,” ACM Transactions on Information and System Security, Vol. 4,
No. 2, pp. 134–157, 2001.
[77] J. G. Steiner, C. Neuman and J. I. Schiller, “Kerberos: an authentication service
for open network systems,” Proc. of the USENIX Winter Conference, pp. 191–202,
February 1988.
[78] M. Steiner, G. Tsudik and M. Waidner, “Refinement and extension of encrypted
key exchange,” ACM Operating Systems Review, Vol. 29, No. 3, pp. 22–30, 1995.
[79] S. P. Shieh and W. H. Yang, “An authentication and key distribution system for
open network system,” ACM Operating Systems Review, Vol. 30, No. 2, pp. 32-41,
1996.
[80] H. M. Sun and H. T. Yeh, “Further Cryptanalysis of a Password Authentication
Scheme with Smart Cards,” IEICE Trans. on Communications, Accepted for Publication,
October 2002.
[81] S. P. Shieh, W. H. Yang and H. M. Sun, “An authentication protocol without trust
third party,” IEEE Communication Letters, Vol. 1, No. 3, May 1997.
[82] Tanaka, H. “A Realization Scheme for the ID-based Cryptosystem,” in Advances
in Cryptography-CRYPTO Crypto’87, pp. 341-349, 1987.
[83] Tsuji, S. and Itoh, T. “An ID-Based Cryptosystem based on Discrete Logarithm
Problem,” IEEE Journal on Selected Areas in Communication, vol. 7, no. 4, pp.
467-473, 1989.
[84] K. Tan and H. Zhu, “Remote password authentication scheme with smart cards,”
Computer Communications, Vol. 18, pp. 390-393, 1999.
[85] T. C. Wu, “Remote login authentication scheme based on a geometric approach,”
Computer Communications, Vol. 18, No. 12, pp. 959-963, 1995.
[86] T. Wu, “The secure remote password protocol,” Proc. of the 1998 Internet Society
Network and Distributed System Security Symposium, pp. 97–111, 1998.
[87] S. J. Wang and T. F. Chang, “Smart card based secure password authentication
scheme,” Computer and Security, Vol. 15, No. 3, pp. 231-237, 1996.
[88] D. S. Wong, H. H. Fuentes, and A. H. Chan, “The performance measurement of
cryptographic primitives on palm devices”, In Proc. of the 17th Annual Computer
Security Applications Conference, Dec 2001.
[89] T. C. Wu and H. S. Sung, “Authenticated passwords over an insecure channel”,
Computer and Security, Vol. 15, No. 5, pp. 431-439, 1996.
[90] S. M. Yen and K. H. Liao, “Shared authentication token secure against replay and
weak key attack”, Information Processing Letters 62, pp. 77-80, 1997.
[91] W. H. Yang and S. P. Shieh, “Password authentication schemes with smart cards,”
Computer and Security, Vol. 18, No. 8, pp. 727-733, 1999.
[92] F. Zhu, D. S. Wong, A. H. Chan and R. Ye, “Password Authenticated Key Exchange
based on RSA for Imbalanced Wireless Networks”, Proceedings of ISC
2002, LNCS 2433, pp. 150-161, 2002.