臺灣博碩士論文加值系統

　　因為電子商務快速的發展近幾年，電子付款方法的研究已進行數年，但是在電子旅行者支票的研究是很少見到的。最近，劉等提出一個基於單向雜湊函數的電子旅行支票安全系統，他們宣稱這個方案是安全的。然而，在這篇文章，我們發現他們的方法容易遭受金鑰洩漏模仿攻擊和平行攻擊。我們使用公鑰去避免即使私鑰被攻擊者知道也不能假冒銀行與消費者通訊，更進一步的，讓我們提出的改善方法更堅固進而被應用在電子網際網路。

　　Because of the rapid development of electronic commerce, electronic payment schemes have been intensively studied for several years. But there still lack large number of researchers devoted in electronic traveler''s check system. Recently, Liaw et al. proposed a hash-based electronic traveler’s check system. They claimed that their scheme was secure. However, in this study we will indicate that their scheme is vulnerable to the key compromise impersonation and parallel session attacks. Further, we will improve their scheme to prevent such attacks. Our improvement uses the customer’s public key to avoid the deficiency such that even if an attacker knows the private key of a customer, he/she cannot masquerade as the bank to communicate with the customer. This makes our improvement a more robust electronic traveler’s check scheme for adoption as a reliable method on the Internet.

書名頁 …………………………………………………………………………… i　
論文口試合格証明……………………………………………………… ii
博碩士論文同意書………………………………………………… iii
論文指導教授推荐書……………………………………………………… iv
誌謝……………………………………………………………… v
中文摘要……………………………………………………………… vi
英文摘要…………………………………………………………… vii
目錄……………………………………………………………………………… viii
圖目錄…………………………………………………………………………… x
　
Chapter 1 Introduction ………………………………………………… 1
　
Chapter 2 Review of Liaw et al.''s scheme ……………………………… 4　
2.1 The on-line subprotocol ………………………………………… 4
2.2 The off-line subprotocol ……………………………………… 9　
　
Chapter 3 KCI and PS attacks on Liaw et al.''s scheme ………………… 12
3.1 KCI and PS attack on the online subprotocol ……………………12
3.2 KCI and PS attack on the offline subprotocol ……………………19
　
Chapter 4 Our improvement …………………………………………… 20　
4.1 Improvement for the online subprotocol …………………… 20
4.2 Improvement for the off-line subprotocol ………………………25
　
Chapter 5 Conclusion ……………………………………………………26
　
References ………………………………………………………………27

[1] Horng-Twu Liaw, Jiann-Fu Lin, Wei-Chen Wu, “A new electronic traveler’s check scheme based on one-way hash function,” Electronic Commerce Research and Applications 6, 2007, pp. 499–508.
　
[2] Simon Blake-Wilson, Alfired Menezes, “Authenticated Diffie-Hellman key agreement protocols”, Proceedings of the 5th Annual Workshop on Selected Areas inCryptography (SAC’98), Lecture Notes in Computer Science, 1999, pp. 339-361.
　
[3] WANG Xiao-fen, DONG Qing-kuan, ZHOU Yu, XIAO Guo-zhen “Improvement of McCullagh-Barreto key agreement with KCI-security,” The Journal of China Universities of Posts and Telecommunications, April 2009, 16(2), pp. 68–71.
　
[4] Yong Xu, Jindi Liu, “Electronic Check System Design Based on RFID,” Information Science and Engineering (ICISE), 2009 1st International Conference on IEEE Conferences , 2010, pp. 5345 – 5348.
　
[5] Taher ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithm,” IEEE Trans. Inform. Theory IT-31 (4) 1985, pp. 469–472.
　
[6] Chang-Jinn Tsao, Chien-Yuan Chen, Cheng-Yyuan Ku, “An electronic bearer check system,”IEICE Trans. Commun. E85-B (1), 2002, pp. 325–331.
　
[7] Jong-E Hsien, Chih-Cheng Hsueh, Chien-Yuan Chen, “An electronic Travele’s check system,” in: 2001 Conference on Theory and Practice for Electronic Commerce, Taiwan, 2001, pp. 164–169.
　
[8] Shengbao Wang, Zhenfu Cao, Maurizio Adriano Strangio and Lihua Wang, “Cryptanalysis and Improvement of an Elliptic Curve Diffie-Hellman Key Agreement Protocol,” December 14, 2007.
　
[9] Wei-Kuei Chen, “Efficient on-line electronic checks,” Applied Mathematics and Computation 162, 2005, pp. 1259–1263.
　
[10] Jianhong Zhang1,2, Wei Zou1, Dan Chen3 and Yumin Wang.” On the Security of a Digital Signature with Message Recovery Using Self-certified Public Key,” Informatica 29, 2005, pp. 343–346.
　
[11] WANG Jian-hui, LIU Jing-wei, LI Xiao-hui, KOU Wei-dong,” Fair e-payment protocol based on blind signature,” The Journal of ChinaUniversities of Posts and Telecommunications October 2009, 16(5), pp. 114–118.
　
[12] Jesus Tellez Isaac a , Jose Sierra Camara b, Sherali Zeadally c, Joaquin Torres Marquez b. “A secure vehicle-to-roadside communication payment protocol in vehicular ad hoc networks,” Computer Communications 31, 2008, pp 2478–2484.
　
[13] Whitfield Diffie, Martin E. Hellman, “New Directions in Cryptography,” IEEE Transactions on Information Theory, Vol. IT-22, No.6, November, 1976, pp. 644-654.
　
[14] Zhang, Q. Markantonakis, K. Mayes, K. “A Mutual Authentication Enabled Fair-Exchange and Anonymous E-Payment Protocol,” 26-29 June 2006, pp.20 – 20.
　
[15] Zhao Huawei Liu Ruixia, “A Scheme to Improve Security of SSL,Circuits, Communications and Systems,” 2009. PACCS ''09. Pacific-Asia Conference on IEEE Conferences, 2009, pp. 401 – 404.
　
[16] Hany Harb, Hassan Farahat, Mohamed Ezz, “SecureSMSPay: Secure SMS Mobile Payment model,” Anti-counterfeiting, Security and Identification, 2008. ASID 2008. 2nd International Conference on IEEE Conferences, 2008 , pp. 11 – 17.
　
[17] Wenbo Mao, “Modern Cryptography-Theory & Practice”, Practice Hall Inc, 2004.
　
[18] Jue-Sam Chou, Yalin Chen, Ming-Hsun Cho, Hung-Min Sun, “A Novel ID-based Electronic Cash System from Pairings, “http://eprint.iacr.org/2009/339.pdf”