跳到主要內容

臺灣博碩士論文加值系統

(52.90.40.84) 您好!臺灣時間:2024/03/28 22:51
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:黃群凱
研究生(外文):Chung-Kai Huang
論文名稱:小額電子支付系統之研究
論文名稱(外文):The Research of Electronic Micropayment Systems
指導教授:顏嵩銘顏嵩銘引用關係
指導教授(外文):Sung-Ming Yen
學位類別:碩士
校院名稱:國立中央大學
系所名稱:資訊工程研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2001
畢業學年度:89
語文別:英文
論文頁數:49
中文關鍵詞:電子商務電子支付系統小額電子支付系統單向雜湊函數鏈商店特有性權重式單向雜湊函數鏈
外文關鍵詞:Electronic commerceElectronic payment systemsElectronic micropayment systemsone-way hash chainmerchant-specificweighted one-way hash chain
相關次數:
  • 被引用被引用:8
  • 點閱點閱:570
  • 評分評分:
  • 下載下載:164
  • 收藏至我的研究室書目清單書目收藏:5
由於電子商務在網際網路上的蓬勃發展,電子支付系統在今日已然成為電子商務中相當重要的議題。其中,線上交易的安全性與便利性是消費者最關心的問題,電子支付系統中的小額電子付費更是邇來最熱門的研究主題之一。小額付費的概念普遍存在於目前的網際網路線上交易當中,例如線上算命、線上遊戲、線上資料庫查詢及購買單一網頁、文章或其他資料等等。
小額電子支付系統研究濫觴於1995年,之後陸續有多位學者提出相關研究論文。至目前為止,大部份的小額電子支付系統都是根基於單向雜湊函數鏈(one-way hash chain)來形成小額電子錢幣鏈,並且儘量減少多餘的資料以及公開金鑰密碼技術的使用以降低進行交易和儲存資訊時所需的花費。然而這些根基於單向雜湊函數鏈的系統都面臨了商店特有性的問題,簡言之,就是一串小額電子錢幣鏈只能消費在某一已指定的商店,這個特性限制了小額電子支付系統的便利性。本論文的第三章,針對此一缺點,提出一個兼具彈性與效率的新系統稱為“FlexPay”。在此系統中,單一串小額電子錢幣鏈可以被使用在多個商店。
為了提升單向雜湊函數鏈的效率,本論文的第四章提出一個新的機制稱為權重式單向雜湊函數鏈(weighted one-way hash chain)。此方法運用自我編碼(self-encoding)替每個小額電子錢幣加上權重以增加小額電子錢幣鏈的使用效能。
小額電子錢幣鏈除了商店特有性的限制外,尚有其他的問題,例如:必須預先設定小額電子錢幣鏈的長度。針對此問題,澳洲學者Yi Mu在1997年提出了一個系統稱為“UPayWord”。該系統據稱解決了使用者必須預先設定小額電子錢幣鏈長度的限制,然而,卻破壞了小額電子錢幣鏈的“鏈結”重要特性。如此一來,造成消費者有機會欺騙商店以及商店在後續與銀行的清算階段出現爭端。在第五章中,針對此問題提出討論。
最後,本論文提出未來可行的相關研究方向,包括將小額電子支付系統應用在行動電話上的付費以及將小額電子支付系統實作在個人數位助理(PDA)或智慧卡(smart card)上。
Electronic payment systems have gradually become an important issue nowadays because of the popularity and importance of e-commerce on the Internet. Security and convenience topics are
most important issues that people concern.
The electronic micropayment is one of the most popular research topics on the Internet based payment. Recently, many efficient micropayment schemes, based on the usage of one-way hash chain, were developed. They enable more and more new applications for e-commerce. However, all existing micropayment schemes suffer a common drawback that a generated chain of electronic coins can only be spent at a specific merchant. This special feature limits the widespread application of existing micropayment schemes. In this thesis, some nonmerchant-specific systems are reviewed. Then, a novel usage of hash chain is proposed and this leads to a flexible and efficient micropayment scheme, named the FlexPay. In FlexPay, the coins in the chain can be spent over many merchants. Therefore, based on the FlexPay scheme, it is possible that a large scale micropayment employed for a variety of applications among many merchants.
In this thesis, we also design a novel construct of weighted
one-way hash chain to improve the performance of a micropayment. We also show that the proposed technique is especially useful in implementing micropayment on a resource restrained computing device such as a hand-held computer.
Finally, we give a comment on a PayWord based micropayment scheme, named the UPayWord. It is claimed that UPayWord can eliminate the constraint of the original PayWord in such a way that it does not require the users to set the length of the payword chains in advance. However, in this thesis, it will be shown that the UPayWord scheme violates the fundamental characteristics of one-way hash chain and will lead the merchants and the bank into dispute during the redemption
phase. In summary, the UPayWord scheme does not resolve any
disadvantage of the original PayWord scheme.
1 Introduction
1.1 The Importance of E-Commerce
1.2 Motivation of the Research
1.3 Overview of the Thesis
2 Review of Previous Works
2.1 Overview of Electronic Payment Systems
2.1.1 Desirable characteristics of electronic payment
systems
2.1.2 The classification of famous electronic payment
systems
2.1.3 Review of micropayment systems
2.2 Review of PayTree
2.2.1 System description
2.2.2 Discussions
3 FlexPay -- An Improved Flexible Micropayment Scheme
3.1 Introduction
3.2 Review of PayFair
3.3 FlexPay
3.3.1 Phase A : Registration phase
3.3.2 Phase B : Transaction phase
3.3.3 Phase C : Deposit phase
3.4 Analisys of FlexPay
3.4.1 Security analysis
3.4.2 Storage analysis
3.4.3 Performance analysis
4 Performance Improvement of One-Way Hash Chain
4.1 Introduction
4.2 The Proposed Solution
4.2.1 The weighted one-way hash chain
4.2.2 Micropayment with varying denomination
4.2.3 Some useful special weighting assignment algorithms
4.3 Performance Analysis
4.4 Summary and Future Works
5 Cryptanalysis on UPayWord Scheme
5.1 Introduction
5.2 Review of UPayWord Scheme
5.3 Crytpanalysis
6 Conclusions
6.1 Brief Review of Main Contributions
6.2 Further Research Topics and Directions
[1] R. Anderson, H. Manifavas, and C. Sutherland, ''NetCard - a
practical electronic cash system,'''' 1996, http://www.cl.cam.ac.uk/~cm213/Project/
[2] N. Asokan, P. Janson, M. Steiner, and M. Waidner, ''State of the art in electronic payment systems,'''' IEEE Computer, 30(9): pp. 28-35, September 1997.
[3] M.M. Anderson, The electronic check architecture, Technical
Report Version 1.0.2, Financial Services Technology Consortium,
September 1998.
[4] J. Boly, et al., ''The ESPRIT Project CAFE - High Security
Digital Payment Systems,'''' {\em Proc. of the Third European
Symposium on Research in Computer Security (ESORICS)}, Vol. 875
in Lecture Notes in Computer Science, Brighton, UK, November 1994.
[5] M. Bellare, et al., ''iKP -- A Family of Secure Electronic
Payment Protocols,'''' {\em Proc. of the 1st USENIX Workshop on
Electronic Commerce}, New York, July 1995.
[6] M. Bellare, et al., ''Design, implementation and deployment of the iKP secure electronic payment system,'''' {\em IEEE Journal on Selected Areas in Communications}, 18(4):611-627, April 2000, appeared earlier with a slightly different focus as Research Report RZ 3137, IBM Research Division, June 1999.
[7] D. Chaum, ''Blind Signatures for Unraceable Payments,'''' {\em
Advances in Cryptology - CRYPTO''82}, Plenum, NY, 1983, pp.
199-203.
[8] L.J. Camp, M. Sirbu, and J.D. Tygar, ''Token and Notational Money in Electronic Commerce,'''' {\em Proc. of the First USENIX Workshop on Electronic Commerce}, pages 1--12, July 1995.
[9] L.J. Camp and M. Sirbu, ''Critical issues in internet commerce,'''' {\em IEEE Communications Magazine}, pages 58--62, May 1997.
[10] N. Daswani and D. Boneh, ''Experimenting with electronic commerce on the PalmPilot,'''' {\em Proc. of 3rd Financial Cryptography Conference, FC ''99}, Lecture Notes in Computer Science, Vol.1648, Springer Verlag, pp.1--16, February 1999.
[11] S. Even, O. Goldreich, and S. Micali, ''On-line/off-line digital signatures,'''' {\em Advances in Cryptology -- CRYPTO ''89}, Lecture Notes in Computer Science, Vol.435, Springer Verlag, pp.263--275, 1990.
[12] FIPS 180-1, ''Secure Hash Standard,'''' NIST, US Department of Commerce, Washington D.C., April 1995.
[13] L. Ferreira and R. Dahab, ''A Scheme for Analyzing Electronic Payment Systems,'''' {\em In 14th ACSAC - Annual Computer Security Applications Conference (ACSAC''98)}, Scottsdale, Arizona, December 1998.
[14] S. Glassmann, M. Manasse, M. Abadi, P. Gauthier, and P.
Sobalvarro, ''The Millicent protocol for inexpensive electronic
commerce,'''' {\em Proc. of 4th International World Wide Web
Conference}, Boston, MA, pp.603--618, Dec. 1995.
[15] N.M. Haller, ''The S/KEY one-time password system,'''' {\em Proc. of the ISOC Symposium on Network and Distributed System Security}, San Diego, CA, Feb. 1994.
[16] K. Hickman, {\em The SSL Protocol}, Netscape Communications
Corp., Feb. 1995.
[17] R. Hauser, M.Steiner, and M.Waidner, ''Micro-payments based on iKP,'''' {\em Proc. of SECURICOM ''96, 14th Worldwide Congress on Computer and Communications Security and Protection}, pp.67--82, 1996.
[18] G. Horn and B. Preneel, ''Authentication and payment in future mobile systems,'''' {\em Proc. of ESORICS ''98}, Lecture Notes in Computer Science, Vol.1485, Springer Verlag, pp.277--293, 1998.
[19] C.S. Jutla and M. Yung, ''PayTree: Amortized-signature for
flexible micropayments,'''' {\em Proc. of Second USENIX Association Workshop on Electronic Commerce}, pp.213--221, November 1996.
[20] S.Jarecki, and A. Odlyzko, ''An efficient micropayment system based on probabilistic polling,'''' {\em Proc. Financial
Cryptography Workshop}, 1997, 16 pages.
[21] P. Kocker, A. Freier, and P. Karlton, {\em The SSL Protocol
Version 3.0}, Netscape Communications Corp., March 1996.
[22] J. Kravitz (ed.), {\em FSML - Financial service markup language}, Technical Report Version 1.17.1, Financial Services Technology Consortium, October 1998.
[23] L. Lamport, ''Constructing digital signatures from a one-way function,'''' Technical Report SRI Intl. CSL 98, 1979.
[24] L. Lamport, ''Password authentication with insecure
communication,'''' {\em Commun. of ACM}, Vol.24, No.11,
pp.770--772, 1981.
[25] R.J. Lipton, R. Ostrovsky, ''Micro-Payments via Efficient
Coin-Flipping,'''' {\em Proc. of the 2nd Int. Conf. on Financial
Cryptography}, Springer-Verlag, LNCS 1465, pp. 1-15, Feb. 1998.
[26] R.C. Merkle, ''A digital signature based on a conventional
encryption function,'''' {\em Advances in Cryptology -- CRYPTO ''87}, Lecture Notes in Computer Science, Vol.293, Springer Verlag, pp.369--377, 1988.
[27] R.C. Merkle, ''A certified digital signature,'''' {\em Advances in Cryptology -- CRYPTO ''89}, Lecture Notes in Computer Science 435, Springer Verlag, pp.218--238, 1990.
[28] G. Medvinsky and B.C. Neuman, ''NetCash: A design for practical electronic currency on the internet,'''' {\em Proc. of first ACM Conference on Computer and Communications Security}, pp. 102-106, Fairfax, Virginia, November 1993.
[29] M.S. Manasse, ''The Millicent Protocols for Electronic
Commerce,'''' {\em Proc. of 1st USENIX workshop on Electronic
Commerce}, New York, NY, July 11-12, 1995,
http://www.research.digital.com/SRC/millicent/
[30] Y. Mu, V. Varadharajan, and Y.X. Lin, ''New micropayment schemes based on PayWords,'''' In {\em Proc. of 2nd Australasian Conference on Information Security and Privacy, ACISP ''97}, Lecture Notes in Computer Science, vol.~1270, Springer Verlag, pp.~283--293, 1997.
[31] A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, {\em Handbook of applied cryptography}, CRC Press, 1997.
[32] K.M. Martin, B. Preneel, C.J. Mitchell, H.J. Hitz, G. Horn, A. Poliakova, and P. Howard, ''Secure billing for mobile information services in UMTS,'''' {\em Proc. of 5th International Conference in Services and Networks, IS\&N ''98}, Lecture Notes in Computer Science, Vol.1430, Springer Verlag, pp.535--548, 1998.
[33] B.C. Neuman, ''Proxy-Based Authorization and Accounting for
Distributed Systems,'''' {\em Proc. of the 13th International
Conference on Distributed Computing Systems}, 283-291,
Pittsburgh, 1993.
[34] B.C. Neuman, and G. Medvinsky, ''Requirements for Network
Payment: The NetCheque Perspective,'''' {\em Proc. of IEEE Compcon
''95}, San Francisco, March, 1995.
[35] K.Q. Nguyen, Yi Mu, and Vijay Varadharajan, ''Micro-Digital
Money for Electronic Commerce,'''' {\em Proc. of the IEEE 13th
Annual Computer Security Applications Conference}, 1997.
[36] D. O''Mahony, M. Peirce, and H. Tewari, {\em Electronic Payment Systems}, Artech House, INC., 1997.
[37] D. O''Mahony, L. Doyle, H. Tewari, and M. Peirce, ''NOMAD -- An application to provide UMTS telephony services on fixed terminals in COBUCO,'''' {\em Proc. of 3rd ACTS Mobile Communications Summit}, Vol.1, pp.72--76, Rhodes, Greece, June 1998.
[38] T. Pedersen, ''Electronic payments of small amounts,'''' {\em Proc. of Security Protocols Workshop}, Lecture Notes in Computer Science, Vol.1189, Springer Verlag, pp.59--68, 1997.
[39] M. Peirce and D. O''Mahony, ''Flexible real-time payment methods for mobile communications,'''' {\em IEEE Personal Communications}, Volume: 6 Issue: 6 , Dec. 1999 Page(s): 44 -55.
[40] M. Peirce and D. O''Mahony, ''Micropayments for mobile networks,'''' Technical Report of the Dept. of Computer Science, Trinity College Dublin, Ireland, 1999.
[41] J.W. Palmer and L.B.Eriksen, ''Digital newspapers explore
marketing on the Internet,'''' {\em Commun. of ACM}, Vol.42, No.9,
pp.33--40, 1999.
[42] M.O. Rabin, ''Digital signatures,'''' {\em Foundations of Secure Computation}, Academic Press, pp.155--168, 1978.
[43] R.L. Rivest, A. Shamir, and L. Adleman, ''A method for obtaining digital signatures and public-key cryptosystem,'''' {\em Commun. of ACM}, Vol.21, No.2, pp.120--126, 1978.
[44] R.L. Rivest, ''The MD5 message digest algorithm,'''' {\em RFC
1321}, Apr. 1992.
[45] R.L. Rivest and A. Shamir, ''PayWord and MicroMint: Two simple micropayment schemes,'''' {\em Proc. of Security Protocols Workshop}, Lecture Notes in Computer Science, Vol.1189, Springer Verlag, pp.69--87, 1997. Also in {\em CryptoBytes}, Pressed by RSA Laboratories, Vol.2, No.1, pp.7--11, 1996.
[46] R.L. Rivest, ''Electronic lottery tickets as micropayments,'''' {\em Proc. of Financial Cryptography Conference, FC ''97}, Lecture Notes in Computer Science 1318, Springer Verlag, pp.307--314, 1998.
[47] M. Sirbu and J.D. Tygar, ''NetBill: An Electronic Commerce System Optimized for Network Delivered Information and Services,'''' {\em Proc. of IEEE Compcon''95}, San Francisco, CA, Mar. 1995, http://www.ini.cmu.edu/netbill/
[48] C.T. Wang, C.C. Chang, and C.H. Lin, ''A New Micro-Payment System Using General Payword Chain,'''' {\em Proc. of the Tenth National Conference on Information Security}, 2000, pp. 207-213.
[49] S.M. Yen, J.M. Lee, and J.G. Lee, ''PayFair: A prepaid Internet micropayment scheme promising customer fairness,'''' {\em Proc. of International Workshop on Cryptographic Techniques and E-Commerce, CrypTEC ''99}, Hong Kong, pp.213--221, 5-8 July 1999.
[50] S.M. Yen, L.T. Ho and C.Y. Huang, ''Internet micropayment based on unbalanced one-way binary tree,'''' {\em Proc. of International Workshop on Cryptographic Techniques and E-Commerce, CrypTEC ''99}, Hong Kong, pp.155--162, 5-8 July 1999.
[51] Y. Zheng and J. Pieprzyk and J. Seberry, ''{HAVAL} - a one-way hashing algorithm with variable length of output,'''' {\em Advances in Cryptology -- AUSCRYPT''92}, Lecture Notes in Computer Science, Vol.718, Springer-Verlag, pp.83--104, 1993.
[52] CEPSCo, LLC, http://www.cepsco.com/
[53] CyberCash, 1996, http://www.cybercash.com/
[54] DigiCash, http://www.digicash.com/
[55] The E-Commerce Book, http://www.isc.org/
[56] EMVCo, LLC, http://www.emvco.com/
[57] Forrester Research, http://www.forrester.com/
[58] The Internet Software Consortium, http://www.isc.org/
[59] IDC Research, http://www.idc.com/
[60] MasterCard and VISA Corporations, {\em Secure Electronic Transaction(SET)}, 1996
[61] Mondex International, http://www.mondex.com/,
http://www.mastercard.com/ourcards/smartcard/idemo1.html
[62] Visa International, http://www.visa.com/pd/cash/main.html,
http://www.europay.com/common/Index.html
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top