本論文提出一個適用於網際網路環境的英式拍賣機制，此機制包含三個主要角色：競標者、註冊暨開標機構(RM)及拍賣商(AM)。競標者向註冊暨開標機構註冊後，即可多次參與拍賣商所舉辦的拍賣活動。我們所提出的方法滿足匿名性(anonymity)、可追蹤性(traceability)、不可偽造性(unforgeability)、不可否認(non-repudiation)、公平性(fairness)、可驗證性(verifiability)、在不同拍賣中無關連性(unlinkability)、同一拍賣有關連性(linkability)、投標效率(efficiency of bidding)、單次註冊(one-time registration)、容易註銷(easy revocation)等英式拍賣特性。此外，我們所提出的英式拍賣機制在拍賣商伺服器端的運作上比Lee等人[8]所提出的方法更有效率，能節省競標者等待時間，因此適用於網際網路上的運作，且拍賣商的驗證資訊佈告欄僅需公佈少量資訊，可節省資料儲存空間。

In this paper, we propose an English auction mechanism to apply to an Internet environment. The proposed mechanism includes three major roles: bidder, registration manager and auction manager. Any bidder can take part in plural auctions as a valid bidder in one-time registration. The proposed mechanism satisfies the following properties: anonymity, traceability, unforgeability, fairness, verifiability, unlinkability among different auctions, linkability in an auction, efficiency of bidding, non-repudiation, one-time registration and easy revocation. Furthermore, our mechanism is compared to previous works is more effective in the auction manager and significantly reduces communication cost and storage space of the bulletin board.

中文摘要 I
英文摘要 III
誌謝 IV
目錄 V
圖索引 VII
表索引 VIII
符號表 IX
第一章　緒論 1
1.1 　研究背景與動機 1
1.2 　研究目的 3
1.3 　論文架構 5
第二章　相關研究文獻回顧 7
2.1　Nguyen與Traore之英式拍賣機制 7
2.2　Omote與Miyaji之英式拍賣機制 12
2.3　Lee等人之英式拍賣機制 18
第三章　我們所提出之英式拍賣機制 24
3.1　系統模型 24
3.2　我們所提出之機制 29
第四章　安全分析與效率評估 39
4.1　安全分析 39
4.2　效率評估 43
第五章　結論與未來研究方向 46
5.1　結論 46
5.2　未來研究方向 47
參考文獻 48
附錄A　重要名詞之英、中文對照表 51
作者簡介 54

[1] G. Ateniese and G. Tsudik, “Some Open Issues and New Directions in Group Signatures”, Proceedings of Financial Cryptography’99, pp. 196-211, 1999.
[2] C. Cachin, “Efficient Private Bidding and Auctions with an Oblivious Third Party”, Proceedings of the 6th ACM conference on Computer and Communications Security, pp. 120-127, 1999.
[3] J. Camenisch and M. Stadler, “Efficient Group Signature Schemes for Large Groups”, Advances in Cryptology — CRYPTO’97, pp. 106-121, 1999.
[4] M. Franklin and M. Reiter, “The design and implementation of a secure auction service”, IEEE Transactions on Software Engineering, No. 22, Vol 5, pp. 302-312, 1996.
[5] D. Hirakiuchi and K. Sakurai, “English vs. Sealed Bid in Anonymous Electronic Auction Protocols”, Enabling Technologies: Infrastructure for Collaborative Enterprises, 2001. WET ICE 2001. Proceedings of the Tenth IEEE International Workshops, pp. 171 —176, 2001.
[6] K. Kobayashi, H. Morita, K. Suzuki, and M. Hakuta, “Efficient Sealed-bid Auction by Using One-way Functions”, IEICE Transactions Fundamentals, E84-A(1):289-294, 2001.
[7] M. Kumar and S. Feldman, “Internet Auctions”, Proceedings of the Third USENIX Workshop on Electronic Commerce, pp. 49-60, 1998.
[8] B. Lee, K. Kim and J. Ma, “Efficient Public Auction with One-Time Registration and Public Verifiability”, Proceedings of the International Conference on INDOCRYPT 2001, pp. 162-174, 2001.
[9] T. Mullen and M. Wellman, “The auction manager: Market middleware for large-scale electronic commerce”, Proceedings of the Third USENIX Workshop on Electronic Commerce, pp 49-60, 1998.
[10] K. Nguyen and J. Traore, “An Online Public Auction Protocol Protecting Bidder Privacy”, Proceedings of Australasian Conference on Information Security and Privacy 2000, pp. 427-442, 2000.
[11] NIST FIPS PUB 180-1, “Secure Hash Standard”, Federal Information Processing Standards Publication 46, U. S. Department of Commerce, 1995.
[12] A. Odlyzko, “Discrete logarithms the past and the future”, Design Codes and Cryptography, Vol. 19, No. 2/3, pp. 129-145, 2000.
[13] K. Omote and A. Miyaji, “An anonymous auction protocol with a single non-trusted center using binary trees”, Proceedings of Information Security Workshop 2000, pp. 108-120, 2000.
[14] K. Omote and A. Miyaji, “A Practical English Auction with One-Time Registration”, Proceedings of Australasian Conference on Information Security and Privacy 2001, pp. 221-234, 2001.
[15] K.Sako, “An Auction Protocol Which Hides Bids of Losers”, Proceedings of Public Key Cryptography 2000, pp. 422-432, 2000.
[16] C. P. Schnorr, “Efficient signature generation by smart cards”, Journal of Cryptology, No. 4, Vol. 3, pp. 161-174, 1991.
[17] S. G. Stubblebine and P. F. Syverson, “Fair On-line Auction Without Special Trusted Parties”, Proceedings of Financial Cryptography’99, pp. 230-240, 1999.
[18] K. Suzuki, K. Kobayashi, and H. Morita, “Efficient sealed-bid auction using hash chain”, Proceedings of International Conference on Information Security and Cryptology 2000, pp. 189-197, 2000.