跳到主要內容

臺灣博碩士論文加值系統

(44.201.97.224) 您好!臺灣時間:2024/04/14 19:03
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:廖仁億
研究生(外文):Jen-Yi Liao
論文名稱:智慧型安全電子付款系統之研究
論文名稱(外文):A Study on Intelligent Secure Electronic Payment Systems
指導教授:曹偉駿曹偉駿引用關係
指導教授(外文):Woei-Jiunn Tsaur
學位類別:碩士
校院名稱:大葉大學
系所名稱:資訊管理學系碩士班
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2001
畢業學年度:89
語文別:中文
論文頁數:81
中文關鍵詞:電子付款系統橢圓曲線密碼系統自我認證公開金鑰密碼系統盲簽章
外文關鍵詞:Electronic payment systemsElliptic curve cryptosystemsSelf-certified public key cryptosystemsBlind signature
相關次數:
  • 被引用被引用:3
  • 點閱點閱:175
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
目前電子付款系統在實務的設計上,多採數位憑證為基礎的方式來處理相關的安全付款事宜,但是此作法有一個很重要的先決條件,那就是系統認證中心須是誠實的且必須保護金鑰目錄,另外還需額外耗費驗證系統憑證中心之簽章的時間。
在現實的環境中,其實我們並不能絕對認定系統憑證中心一定是誠實的,或者我們應該說,系統憑證中心也是有機會被駭客入侵的,故發展自我認證(Self-certified)的機制確有其必要性。所謂的自我認證是指交談的雙方僅需要靠雙方傳送一些公開的資訊,即可達成雙方身分的確認,而不需透過公正的第三者來作保證或協調。本論文所探討的是智慧型安全電子付款技術,故除了安全層級的顧慮外,還必須兼顧安全機制運算上的便捷與效率。因橢圓曲線公開金鑰密碼系統的運算較現存的其它公開金鑰密碼系統更快速,且以較少之位元數達到相同的安全度。因此,本論文發展出一套以橢圓曲線密碼系統為基礎的具自我認證公開金鑰密碼系統,並以此自我認證公開金鑰密碼系統發展出交談金鑰、數位簽章及盲簽章等安全機制,且將這些技術實際應用在較具傳統方式的電子現金型付款系統,藉以提升這類付款機制的安全與效率,使即時性的安全電子付款成為可行的方案。總之,本論文目的在於發展出有效率之自我認證為基礎的安全機制,藉此可使電子商務交易之安全付款機制更臻完備且更切實際,以提昇使用者對使用電子商務付款服務的信心。
At present, electronic payment systems activities constructed on the Internet mainly employ the certificate-based public key cryptosystem to solve their related security issues. But it is based on the condition that the certificate authority (CA) must be honest and need to manage the key directory. Furthermore, it needs to spend extra time to verify the signature signed in the digital certificate by the CA.
In practical environments, the CA is not absolutely honest, and it is possible for a hacker to intrude it. Therefore, we have developed efficient self-certified schemes instead of using digital certificates. The proposed schemes can prevent the CA from intervening in the transactions between web sites and customers, and they can authenticate their identities each other without the help of CA. For the considerations of efficiency, the proposed intelligent electronic payment systems are developed by using elliptic curve cryptosystems instead of modular exponentiation, because it possesses faster computation and fewer bits achieving the same security level as other public key cryptosystems, like the RSA cryptosystem. In summary, in the thesis we have designed a session key exchange scheme, a digital signature scheme, and a blind signature scheme for the e-cash based payment systems using the self-certified public key cryptosystem based on elliptic curve cryptosystems. The proposed schemes make on-line electronic payment systems securely workable.
封面內頁
簽名頁
授權書iii
中文摘要v
英文摘要vi
誌謝vii
目錄viii
圖目錄x
表目錄xi
第一章 緒論1
1.1研究背景與動機1
1.2研究目的4
1.3研究架構5
1.4論文架構7
第二章 文獻探討8
2.1電子付款方式的種類8
2.2電子現金的功能與特性18
2.3電子付款系統的安全需求及考慮因素20
2.4電子付款系統之相關密碼技術23
第三章 植基於ECC的自我認證公開金鑰密碼系統(ECC based self-certified public key cryptosystem)39
3.1 系統設定階段39
3.2 使用者註冊階段40
3.3 交談金鑰分配階段41
第四章 智慧型安全電子付款系統45
4.1 初始階段46
4.2 提款階段50
4.3 付款階段51
4.4 清償階段53
第五章 安全性分析與討論55
5.1 安全性分析55
5.2 討論58
第六章 複雜度分析63
6.1 計算複雜度63
6.2 資料傳輸量71
第七章 結論與建議74
參考文獻75
[1] 賴溪松、韓亮、張真誠,近代密碼學及其應用,松崗圖書資料公司,1998年8月。
[2] 吳琮璠、謝清佳,資訊管理,智勝文化事業公司,1998年8月。
[3] 邱筱雅,電子商務的付款機制:研究文獻回顧與評述,交通大學資訊管理研究所碩士論文,民國85年。(指導教授:黃景彰)
[4] 段正明、李鎮樟,電子付款的分析與探討,CCL Technical Journal,1996年12月。
[5] 邵敏華,SET使用的密碼學技巧:優缺點之評估,CCL Technical Journal,1999年12月。
[6] 胡國新,設計植基於自我驗證公開金鑰系統之安全線上電子拍賣機制,大葉大學資訊管理研究所碩士論文,民國89年。(指導教授:曹偉駿)
[7] 夏雲浩,網路錢潮-談數位貨幣,翔威國際有限公司,1998年七月。
[8] 林祝興、李正隆,“Elliptic-curve undeniable signature schemes,” 第十一屆全國資訊安全會議,2001年5月。
[9] Bellart, M., Garay, J.A., Hauser, R., Herzberg, A., Krawczyk, H., Steiner, M., Tsudik, G., and Waidner, M., “iKP -- a family of secure electronic payment protocols,” Proceedings of the First USENIX Workshop on Electronic Commerce, New York, July 1995.
[10] Blham, E., and Shamir, A., “Differential cryptanalysis of the data encryption standard,” Springer Verlag, Berlin, 1993.
[11] Boly, J.P., Bosselaers, A., Cramer, R., Michelsen, R., Mjolsnes, S., Muller, F., Pedersen, T., Pfitzmann, B., Rooij P., Schoenmakers, B., Schunter, M., Vallee, L., and Waidner, M., “The ESPRIT project CAFE:high security digital payment systems,” ESORICS 94(The Third European Syposium on Research in Computer Security, LNCS 875, Springer Verlag, Berlin 1994, pp. 217-230.
[12] Camp, L.J., Sirbu, M., and Tygar, J.D., “Token and notational money in electronic commerce,” Proceedings of the First USENIX Workshop on Electronic Commerce, New York, July 1995.
[13] Carmenisch, J.L., Piveteau, J.M., and Sradler, M.A., “Blind signatures based on the discrete logarithm problem,” Rump Session of Eurocrypt’94, Pergia, Italy, 1994.
[14] Chang, Y.S., Wu, T.C., and Huang, S.C., “ElGamal-like digital signature and multisignature schemes using self-certified public keys,” The Journal of Systems and Software, 2000, pp. 99-105.
[15] Chaum, D., “Blind signature for untraceable payments,” Advances in Cryptology: Crypto’82, 1983, pp. 199-203.
[16] Chaum, D., Fiat, A., and Naor, M., “Untraceable electronic cash,” Advances in Cryptology: Crypto’88, 1988, pp. 319-327.
[17] Cox, B., Tygar, J.D., and Sirbu, M., “NetBill security and transaction protocol,” Proceedings of the First USENIX Workshop on Electronic Commerce, New York, July 1995.
[18] Cybercash web site, URL: http://www.cybercash.com.
[19] Davis, R.M., “The data encryption standard in perspective,” Computer Security and the Data Encryption Standard, National Bureau of Standards, Specal Publication, Feb. 1978.
[20] Diffie, W., and Hellman, M.E., “New directions in cryptography,” IEEE Transactions on Information Theory, Vol. IT-22, No. 6, 1976, pp. 644-654.
[21] ElGamal, T., “A public key cryptosystem and a signature scheme based on discrete logarithms,” IEEE Transactions on Information Theory, Vol. IT-31, No. 4, 1985, pp. 469-472.
[22] Ferreira, L., Dahab, R., “A scheme for analyzing electronic payment systems,” Computer Security Applications Conference, 1998, pp. 137 –146.
[23] Frier, A., Karlton, P., and Kocher, P., “The SSL 3.0 protocol,” Netscape Communications Corp., 18 Nov. 1996. (URL: http://home.netscape.com/eng/ssl3/draft302.txt)
[24] Girault, M., “Self-certified public keys,” LNCS 547, Advances in Cryptology: Proc. Eurocrypt’91, Springer, 1992, pp. 490-497.
[25] Globe ID web site, URL: http://www.globeid.com.
[26] Harn, L., “Cryptanalysis of the blind signatures based on the discrete logarithm problem,” Electronics Letters, Vol. 31, No.14, 1995.
[27] Jurisic, A., and Menezes, A.J., “Elliptic curves and cryptography,” Dr. Dobb’s Journal, 1997, pp. 26-35.
[28] Jurisic, A., and Menezes, A.J., “ECC whitepaper:elliptic curves and cryptography,” URL: http://www.certicom.com/research/weccrypt.html
[29] Kaliski, B.S., “An overview of the PKCS standards,” RSA Laboratories, Nov. 1993.
[30] Koblitz, N., “Elliptic curve cryptosystems,” Mathematics of Computation, Vol. 48, No. 17, 1987, pp. 203-209.
[31] Lai, X., and Massey, J., “A proposal for a new block encryption standard,” Proceedings of EUROCRYPT’90, Springer Verlag, Berlin, 1991, pp. 389-404.
[32] Manasse, M.S., “The Millicent protocols for electronic commerce,” Proceedings of the First USENIX Workshop on Electronic Commerce, New York, July 1995.
[33] MasterCard and VISA, Secure Electronic Transaction (SET) Specification, June 1996.
[34] Medvinsky, G., and Neuman, B.C., “NetCash: a design for practical electronic currency on the Internet,” Proceedings of 1st the ACM Conference on Computer and Communication Security, Nov. 1993.
[35] Miller, V.S., “Use of elliptic curves in cryptography,” Advances in Cryptology: Crypto’85, 1985, pp. 417-426.
[36] Mohammed, E., Emarah, A.E., and El-shennawy, K.H., “A blind signature scheme based on ElGamal signature,” Seventeenth national radio science conference, Feb. 2000, pp. 22-24.
[37] Neuman, C., and Medvinsky, G., “Requirements for network payment: the NetCheque perspective,” Proceedings of IEEE COMPCON''95, March 1995.
[38] Nguyen, K.Q., Mu, Y., and Varadharajan, V., “Micro-digital money for electronic commerce,” Computer Security Applications Conference, 1997, pp. 2-8.
[39] Peirce, M., and O''Mahony, D., “Scaleable, secure cash payment for www resources with the payme protocol set,” 4th International World Wide Web Conference, Dec. 11-14, 1995.
[40] Petersen, H., and Poupard, G., “Efficient scalable fair cash with off-line extortion prevention,” Technical Report LIENS-97-7, Ecole Normale Superieure, May 1997.
[41] Petersen, H., and Horster, P., “Self-certified keys─concepts and applications,” Proceedings of Communications and Multimedia Security’97, 1997, pp. 102-116.
[42] Pfitzmann, B., Schunter, M., and Waidner, M., “How to break another "provably secure" payment system,” Eurocrypt ''95, LNCS 921, Springer Verlag, Berlin, 1995, pp. 121-132.
[43] Pfitzmann, B., and Waidner, M., “Strong loss tolerance of electronic coin systems,” ACM Transaction on Computer Systems, Vol. 15, No. 2, May 1997, pp. 194-213.
[44] Pointcheval, D., and Stern, J., “Security arguments for digital signatures and blind signatures,” Journal of Cryptology, Vol. 13, 2000, pp. 361-396.
[45] Rivest, R., “The MD5 message digest algorithm,” RFC 1321, 1992.
[46] Rivest, R., and Shamir, A., “PayWord and MicroMint: two simple micropayment schemes,” Proceedings of RSA''96 Conference, 1996.
[47] Rivest, R., Shamir, A., and Adleman, L., “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, Vol. 21, No. 2, Feb. 1978, pp. 120-126.
[48] Saeednia, S., “Identity-based and self-certified key-exchange protocols,” Information Security and Privacy: ACISP’97, 1998, pp. 303-313.
[49] Schnorr, C.P., “Efficient identification and signatures for smart cards,” Advances in Cryptology: Crypto’89, 1990, pp. 339-351.
[50] Shamir, A., “Identity-based cryptosystems and signature schemes,” Advances in Cryptology: Crypto’84, 1985, pp. 47-53.
[51] Schoenmakers, B., “Basic security of the ecashTM payment system,” State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography, Leuven, Belgium, June 3-6,1997, Vol. 1528 of Lecture Notes in Computer Science, pp. 338-352.
[52] CCITT Recommendation X.509, “The directory: authentication framework,” 1993.
[53] Wright, M., “Authenticating electronic cash transactions,” Computer Fraud & Security, Apr. 1997.
[54] Wu, T.C., “Digital signature/multisignature schemes giving public key verification and message recovery simultaneously,” to appear in Computer Systems Science and Engineering, 2001.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top