跳到主要內容

臺灣博碩士論文加值系統

(18.97.14.81) 您好!臺灣時間:2024/12/05 05:08
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:陳建豪
研究生(外文):Jian-Hau Chen
論文名稱:一個以機率式驗證為基礎的電子支票付費系統
論文名稱(外文):Design and Implementation of a Probability-Based Electronic Cheque Payment System
指導教授:賴國華
指導教授(外文):Robert Lai
學位類別:碩士
校院名稱:元智大學
系所名稱:資訊工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2001
畢業學年度:89
語文別:中文
論文頁數:90
中文關鍵詞:資訊安全電子支票Five-Way Handshaking
外文關鍵詞:Information SecurityElectronic ChequeFive-Way Handshaking
相關次數:
  • 被引用被引用:0
  • 點閱點閱:273
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:2
針對建置一個安全且便利的電子交易系統,本論文提出離散式的電子支票付費系統,此系統的特點在於完全依照傳統支票交易流程的考量設計電子支票系統,此設計最主要的目的為讓使用者不需重新適應新的付款機制,而能就習慣性的交易方式進行原有的商業貿易行為。在雛形系統的實作方面,本系統分為銀行指標伺服器(Echeck Pointer Server,EPS)、認證中心(CA server ,CA)、使用者交易機制(User Transaction Mechanism,UTM)及資料庫等四個部份。使用者交易機制包括一個相似於傳統支票的介面系統及數個管理支票簽章的工具,其中包含了簽章的產生、儲存與備份等功能。在認證中心方面,僅實做出一個提供公開金匙(Public Key)的查詢與分送機制,並無實作一個完整的憑證中心。銀行指標伺服器,即為本論文所提伺服器端交易協定之實作,主要是以Five-Way Handshaking的機制來達到杜絕重複使用與不可否認的目的。此外,在簽章的安全性方面,本系統採用離散式的ElGamal簽章方式來代替使用較為廣泛的RSA簽章,此項變更最主要的優點在於可以產生無限多組“明文/簽章文”對,藉以達到更高的安全性。在資料庫部分,則採用關聯式資料庫管理系統來實作電子支票之儲存、擷取與查詢等功能。

In order to perform a safe and convenient electronic payment system, we develop a probability-based electronic cheque payment system, which is wholly designed through the business transaction of traditional check for the purpose of letting users to avoid not only repeatedly adapting to the new payment mechanism, but also to proceed with the original business behavior in their habitual business transaction. On implementation of a prototype, we divide the system into four parts:Echeck Pointer Server(EPServer), Certification Authority Server(CAServer), User Transaction Mechanism(UTMechanism), and Database. The UTMechanism includes an interface being similar to the traditional check interface, and several instruments, including the production, storage, and backup of signatures, to manage check signatures. On the CAServer, instead of implementing a complete certification authority, we only carry out a query mechanism and a sending mechanism to offer the Public Key. EPServer is the implementation of the server transaction protocol, which we’ve mentioned in this thesis. We use a five-way handshaking mechanism to achieve the purpose of precluding the reuse and non-repudiation. In addition, the safety of this system is governed by the ElGamal signature rather than the broadly used RSA signature on account of that we can produce infinite “Plaintext/Signature” pairs to promote the better safety. Finally, we use the relational database management system to implement the database, which has the functions of electronic check in storage, collection, and query, etc.

目 錄
圖目錄…….………………………………….………………………………….……X
表目錄…….………………………………...……………….………..……….……XII
第一章緒論……………………………………………………………………….1
1.1背景………………………………………………………………………..1
1.2範疇………………………………………………………………………..3
1.3論文架構…………………………………………………………………..4
第二章相關研究………………………………………………………………….5
2.1資訊安全技術……………………………………………………………..5
2.1.1ElGamal公開加密系統……………………………………….……..7
2.1.2數位簽章系統………………………………………………………...7
2.1.3合成簽章(Multisignature)系統…………………………………..10
2.2電子商務付費系統………………………………………………………12
2.2.1MicroMint…………………………………………………………..12
2.2.2Payword……………………………………………………………..13
2.2.3FSTC電子支票計劃………………………………………………..17
第三章機率式電子支票付費系統……………………………………………...21
3.1資訊流分析………………………………………………………………21
3.2系統說明…………………………………………………………………23
3.2.1 系統限制…………………………………………………………...23
3.2.2 參數定義…………………………………………………………...23
3.2.3 客戶間簽章的驗證方式…………………………………………...24
3.2.4 銀行驗證客戶簽章的方式………………………………………...24
3.3交易協定………………………………………….……………………...25
3.3.1 客戶證明身分………………………………………….…………..26
3.3.2 銀行傳送空白電子支票…………………………………………...26
3.3.3 客戶使用電子支票………………………………………….……..27
3.3.4 客戶將電子支票存入銀行帳戶…………………………………...37
第四章實作………………………………………….…………………………..42
4.1系統架構………………………………………….……………………...42
4.2系統規格………………………………………….……………………...42
4.2.1銀行指標伺服器(Echeck Pointer Server,EPS)………………….44
4.2.2認證中心(CA server ,CA)………………………………………..57
4.2.3使用者交易機制(User Transaction Mechanism,UTM)………...60
4.2.4資料庫表格設計…………………...………………………………..77
4.3系統驗證與比較………………………………………….……………...79
第五章結論………………………………………….…………………………..85
5.1研究結果………………………………………….……………………...85
5.2未來工作………………………………………….……………………...86
參考文獻………………………………………….…………………………………88
圖 目 錄
圖2.1:對稱式加密演算法之示意…...……………………………………………….5
圖2.2:非對稱式加密演算法之示意圖………………………………...…………….6
圖2.3:MicroMint交易示意圖……………………………………………………...12
圖2.4:製造MicroMint錢幣示意圖………………………………………………..12
圖2.5:MicroMint錢幣使用示意圖………………………………………………...13
圖2.6:Payword系統建立帳戶及核發證書示意圖………………………………..14
圖2.7:支付字元產生示意圖………………………………………………………..15
圖2.8:Payword交易流程示意圖…………………………………………………..16
圖2.9:驗證第一個支付字元W1示意圖……………………………………………16
圖2.10:驗證第二個支付字元W2示意......…………………………………………17
圖2.11:清償支付字元示意.....……………..……………………………………….17
圖2.12:FSML的架構示意圖........…………..………………….………………….18
圖2.13:X.509證明文件格式之示意…........…………..….…….…………………..19
圖2.14:Echeck交易流程示意圖........…………..…………..….…………………..20
圖3.1:電子支票發票人模式申請示意圖…………………………………………..22
圖3.2:電子支票發票人模式轉讓示意圖…………………………………………..22
圖3.3:電子支票執票人模式轉讓示意圖…………………………………………..22
圖3.4:電子支票執票人模式存入銀行示意圖……………………………………..23
圖3.5:電子支票個別簽章驗證示意圖……………………………………………..25
圖3.6:電子支票合成簽章驗證示意圖………………….………………………….25
圖3.7:客戶證明身分的示意圖………………………….………………………….26
圖3.8:U1轉讓電子支票給U2的示意圖…………………………………………..…27
圖3.9:驗證前指標示意圖…………………………………………………………..29
圖3.10:驗證後指標示意圖.…………………………………………….………….29
圖3.11:Ui轉讓電子支票給Ui+1的示意圖.…………………………………………31
圖3.12:驗證前指標示意圖.…………………………………………………….….33
圖3.13:驗證後指標示意圖.………………………………………………………..33
圖4.1:系統網路架構圖……………………………………………………………..42
圖4.2:指標伺服器的系統架構圖…………………………………………………..44
圖4.3:支票申請流程資訊流………………………………………………………..45
圖4.4:Application Module架構圖…….………………………………………….46
圖4.5:Rcv Module 架構圖…………………………………………………………46
圖4.6:Application State Machine細部模組………………………………………47
圖4.7:Application State Machine狀態變化圖……………………………………49
圖4.8:支票轉讓流程資訊流………………………………………………………..50
圖4.9:Transaction Module架構圖…………………………………………….….51
圖4.10:Rcv Module架構圖…………………………………………………..…….51
圖4.11:Transaction Processor細部模組規格………………………………..……52
圖4.12:Transaction Processor狀態變化圖…………………………………….…52
圖4.13:支票清償行為資訊流……………………………………………..………..54
圖4.14:Deposit Module 架構圖.………………………………………………….54
圖4.15:Recv Module細部模組規格.……………………………………………...55
圖4.16:Deposit Processor細部模組規格.………………………………………...55
圖4.17:Deposit Processor狀態變化圖.…………………………………………...56
圖4.18:認證中心功能架構圖.……………………………………………………..58
圖4.19:CA server架構圖..………………………………………………………....58
圖4.20:Recv Module細部模組規格.……………………………………………...59
圖4.21:Certification Processor細部模組規格.………………………………......59
圖4.22:UTM功能架構圖.………………………………………………………....60
圖4.23:UTM-AM 架構圖.………………………………………………………...61
圖4.24:Recv Module細部模組規格.……………………………………………...62
圖4.25:UTM — ASM細部模組規格.……………………………………………...62
圖4.26:UTM — ASM 狀態變化圖.………………………………………………..65
圖4.27:UTM - Transaction Module架構圖….…………………………………..67
圖4.28:Recv Module細部模組規格.……………………………………………...67
圖4.29:UTM - Transaction Processor的細部模組規格.………………………...68
圖4.30:Payer machine 狀態變化圖.……………………………………………...69
圖4.31:Payee machine 狀態變化圖.……………………………………………...70
圖4.32:UTM - Deposit Module架構圖……………………………………………74
圖4.33:UTM - Rcv Module細部模組規格.………………………………………75
圖4.34:UTM - Deposit Processor細部模組規格.……………………………......75
圖4.35:UTM - Deposit state machine狀態變化圖.……………………………...76
圖4.36:不可否認之示意圖.………………………………………………………..80
圖4.37:電子支票轉讓流程之簡化示意圖.………………………………………..80
圖4.38:電子支票盜拷之示意圖.…………………………………………………..81
圖4.39:客戶先後存入銀行之示意圖(一)…...…………………………………….81
圖4.40:客戶先後存入銀行之示意圖(二)…...…………………………………….82
表 目 錄
表4.1:Application State Machine狀態變化表...…..….……………………….….47
表4.2:Transaction Processor狀態變化表 ………………………………………53
表4.3:Deposit Processor狀態變化表 ……………………………………………56
表4.4:UTM - ASM狀態變化表 …………………………………………………63
表4.5:Payer machine狀態變化表…………………………………………………71
表4.6:Payee machine狀態變化表…………………………………………………72
表4.7:UTM - DSM 狀態變化表 …………………………………………………76

參考文獻
[1]Burstein, Jeffrey., “An Implementation of MicroMint,” Master of Engineering in Electrical Engineering and Computer Science at MIT, 1998, http://theory.lcs.mit.edu/~cis/cis-theses.html
[2]Chaum, D. and A.Fiat, M.Naor, “Untraceable Electronic Cash,” Advances in Cryptology — CRYPTO’88, Lecture Notes in Computer Science, vol.403, pp.319-327, Springer-Verlag, 1990.
[3]Diffie, W. and Hellman, M.,“New Directions in Cryptography,”IEEE Transactions , 1976.
[4]ELGamal, T., “A public cryptosystem and signature scheme based on discrete logarithms,” IEEE Trans, IT-31, pp. 469-472, 1985.
[5]Elizondo-Guajardo, R., Liu, C., Mobisson, G., Pearah, D., Ponce de Leon, X., Siegel, C.,“Electronic Micropayments,”, 1997. http://rpcp.mit.edu/~ pearah/micropayments/
[6]Goldwasser, S., and Micali, S.,“Probabilistic Encryption,” Journal of Computer and System Sciences ,1984.
[7]Grabbe, J. O., "Cryptography and Number Theory for Digital Cash", A While Paper
[8]Harn, L., “New digital signature scheme based on discrete logarithm,” Electronics Letters, Vol. 30, Issue: 5, on Pages: 396 — 398, 3 March 1994.
[9]Harn, L., Y. Xu, “Design of generalised ElGamal type digital signature schemes based on discrete logarithm,” Electronics Letters, Vol. 30, Issue: 24, on Pages: 2025 — 2026, 24 Nov. 1994.
[10]Harn, L., "Batch verifying multiple RSA digital signatures", Electronics Letters, Volume:34, Issue:12, 11 June 1998.
[11]IEEE Std, "IEEE Standard Specifications for Public-Key Cryptography" , 29 Aug. 2000.
[12]Johnson, D. B., and Matyas, S. M.,“Asymmetric Encryption: Evolution And Enhancements,”CryptoBytes, Vol. 2, no. 1 (Spring 1996), RSA Laboratories, ftp://ftp.rsa.com/pub/cryptobytes/crypto2n1.pdf.
[13]Joye, M., and Quisquater, J-J.,“On Rabin-type Signatures”Presented at the Rump Session of CRYPTO’99. Available from http://grouper.ieee.org/groups/1363/.
[14]Koblitz, N.“Elliptic Curve Cryptosystems,”Mathematics of Computation, 1987.
[15]Kravitz, D. W.,“Digital Signature Algorithm,”U.S. Patent , 1993.
[16]Menezes, A., “Elliptic Curve Cryptosystems,” CryptoBytes, Vol. 1, no. 2, RSA Laboratories, ftp://ftp.rsa.com/pub/cryptobytes/crypto1n2.pdf.
[17]Mohammed, Elsayed., A. E. Emarah, Kh. El-Shennawy, “A blind signature scheme based on ElGamal signature,” EUROCOMM 2000. Information Systems for Enhanced Public Safety and Security. IEEE/AFCEA, ISBN: 0-7803-6323-X, on Pages: 51 — 53, 17 May 2000.
[18]National Institute for Standards and Technology (NIST), Data Encryption Standard (DES), Federal Information Processing Standards Publication 46-2, December 1993, http://www.ncsl.nist.gov/fips/fips46-2.txt
[19]Panurach, Patiwat., “Money in electronic commerce: digital cash, electronic fund transfer, and Ecash,” Communications of the ACM, Volume 39, Issue 6, Pages 45-50, 1996.
[20]Rivest, R. L. and Shamir, A.“PayWord and MicroMint:Two simple micropayment schemes,”1996. http://theory.lcs.mit.edu/~rivest/RivestShamir -mpay.ps
[21]Rivest, R. L., Shamir, A., and Adleman, L. M. “A Method for Obtaining Digital Signatures and Public-key Cryptosystems,” Communications of the ACM, 1978.
[22]Rivest, Ron. and Adi Shamir, “Payword and MicroMint:Two simple MicroPayment Scheme,” Format:PowerPoint, MIT, 1996, http://theory.lcs.mit.edu/~cis/cis-publications.html
[23]Schirokauer, O.,“Discrete Logarithms and Local Units,”Philosophical Transactions of the Royal Society of London A, 1993.
[24]Schnorr, C.P., “Efficient identification and signature for smart cards,” Advances in Cryptology:Crypto’89, Lecture Notes in Computer Science, pp.339-351, 1990.
[25]Shao, Zuhua., “Signature scheme based on discrete logarithm without using one-way hash function,” Electronics Letters, Vol. 34, Issue: 11, on Pages: 1079 — 1080, 28 May 1998.
[26]Smart, N. P.,“The Discrete Logarithm Problem on Elliptic Curves of Trace One,”J. Cryptology, 1999.
[27]Solo, D., Adams, C., Kemp, D., and Myers, M. “Internet X.509 Certificate Request Message Format,” Internet Engineering Task Force (IETF), PKIX Working Group http://www.ietf.org/ids.by.wg/pkix.html.
[28]Solo, D., Housley, R., Ford, W., and Polk, T.,“Internet X.509 Public-key Infrastructure Certificate and CRL Profile,”Internet Engineering Task Force (IETF), PKIX Working Group, http://www.ietf.org/ids.by.wg/pkix.html.
[29]Stallings, W., "Cryptography and Network Security:Principles and Practices", second Edition, New York:Prentice Hall, 1999.
[30]Stinson, Douglas R., “Cryptography Theory and Practice,” 2nd Edition, Prentice-Hall, 1995.
[31]賴溪松, 韓亮, 張真誠, “近代密碼學及其應用,” 松崗圖書, Vol. 2, Issue: 10, on Pages: 187 — 193, 1995.
[32]賴溪松, 韓亮, 張真誠, “近代密碼學及其應用,” 松崗圖書, Vol. 2, Issue: 12, on Pages: 215 — 227, 1995.
[33]張真誠, 林祝興, 江季翰, “電子商務安全,” 松崗圖書, Vol. 1, Issue: 3, on Pages: 3-12 — 3-17, 1995.
[34]三民書局, “最新版商事法,” 三民書局, Vol. 1, Issue: 票據法, on Pages: 104 — 148, 1997.
[35]閔嗣鶴, 嚴士健, “初等數論,” 凡異出版社, 1982.
[36]廖啟泰, “電子商務之數位貨幣,” 松崗電腦圖書, 2000.
[37]張真誠, “電腦密碼學與資訊安全,” 松崗電腦圖書, 1999.
[38]樊國楨, “電子商務高階安全防護,” 資訊與電腦出版社, 1997.

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top