(3.235.108.188) 您好!臺灣時間:2021/02/28 00:04
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:黃士銘
研究生(外文):Vincent Shi-Ming
論文名稱:具認證,計費與付款功能且可證明安全之行動通訊隱私保護機制
論文名稱(外文):Provably Secure Privacy Mechanism for Authentication, Billing and Payment in Mobile Communications
指導教授:范俊逸范俊逸引用關係
指導教授(外文):Chun-I Fan
學位類別:博士
校院名稱:國立中山大學
系所名稱:資訊工程學系研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2010
畢業學年度:98
語文別:英文
論文頁數:159
中文關鍵詞:電子商務隨處計算行動網路公平隱私匿名性電子付款離線電子錢線上電子錢盲簽章相互認證
外文關鍵詞:Mobile NetworksElectronic CommerceElectronic PaymentOff-Line E-CashAnonymityFair PrivacyUbiquitous ComputingMutual AuthenticationBlind SignaturesOn-Line E-Cash
相關次數:
  • 被引用被引用:0
  • 點閱點閱:176
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
近幾年來基於無線網路的繁榮發展、行動設備的高計算能力與通訊能力、電子商務的普及與電子付款機制的完善,如今的行動網路通訊環境已經非常成熟,行動用戶可漫遊於各個無線網路之間並使用各種行動服務,然後使用各種電子付款機制對其使用的通訊與服務費用進行付款。然而,行動用戶於無線網路中將面對極大的安全威脅,為了避免這些安全威脅並保護行動用戶於漫遊期間的隱私,匿名相互認證與金鑰交換機制是行動通訊不可或缺的重要技術。而提供一個行動付款機制也是必需的,系統業者必需對於行動用戶使用完務服後進行計費,然而目前各文獻所提出之付款系統皆無法同時滿足匿名性與信貸式計費的特性。在本論文中,我們不僅提出行動通訊網路下的匿名相互認證機制,並允許系統業者於提供行動用戶進行通訊與使用各種行動服務後,對此匿名行動用戶進行信貸式計費。同時我們亦提出先進的電子錢系統,此系統能讓行動用戶向銀行提領一般之電子錢,並根據付款時的需要將此電子錢轉換成線上電子錢或離線電子錢,用以繳納行動通訊期間累積之信貸款項。我們所提出的機制不管對銀行、系統業者或是行動用戶皆非常彈性且便利,並且於行動用戶享有完全隱私保護的同時,低計算量的特性更讓行動設備能夠有效率且低功耗地執行運算。最後,我們更考慮到行動通訊與電子錢系統上各種安全特性與需求,諸如匿名控制、無詐欺、防篡改、安全相互認證、安全金鑰交換、與前向安全,並針對以上的安全特性詳細定義出各種正規安全模型並透過理論證明來闡述我們協定的強韌性與安全性。
Mobile communication is very mature today due to the powerful computation and communication capabilities of mobile devices, the flourishing of mobile networks, the popularity of electronic commerce, and the completeness of e-payment mechanisms. It is a pleasure for mobile users to roam around the mobile networks and enjoy the mobile network services. However, there are a lot of security threats in the mobile networks, and thus we need an anonymous mutual authentication and key exchange scheme to guarantee the security and privacy for mobile users in the networks. A payment protocol is also required for charging the mobile users after using the mobile services. However, the existing payment schemes do not support anonymity
and credit-based chargeability at the same time. In this dissertation, we propose a secure authentication scheme such that the mobile users can be anonymously authenticated by the system and the system can still make correct charge to these anonymous mobile users via a credit-based way simultaneously. We also propose a novel e-cash scheme which can support each mobile user to withdraw a generic e-cash and decide to spend it as an on-line e-cash or an off-line e-cash according to the payment requirement of the anonymous authentication scheme. Our proposed schemes are convenient and flexible for the mobile users, the system operator, and the bank. Besides, full privacy can be achieved for mobile users owing to the combination of our proposed schemes, which can be performed in current mobile devices efficiently with few battery energy consumptions. Furthermore, we provide anonymity control, no swindling, tamper resistance, secure mutual authentication, secure key exchange, and secure forward secrecy in the proposed anonymous authentication scheme and the e-cash scheme, where these security features are demonstrated by formal security models and theoretical proofs.
1 Introduction 1
1.1 Some Mobile Payment Schemes . . . . . . . . . . . . . . . . . 3
1.2 Classification of Electronic Payment Systems . . . . . . . . . . 4
1.3 Our Contribution . . . . . . . . . . . . . . . . . . . . . . . . . 9
2 Related Works 10
2.1 Tracz et al.’s Scheme: A Concept Schema for Charging Anonymous
Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.2 Jakobsson and Yung’s Scheme: Fair Privacy . . . . . . . . . . 14
2.3 Wireless Privacy and Payments Based on E-Cash . . . . . . . 17
3 Mutual Anonymous Authentication and Key Exchange Scheme
with Credit-Based Chargeability 20
3.1 Some Requirements for Anonymous Authentication . . . . . . 22
3.2 The Proposed Protocols . . . . . . . . . . . . . . . . . . . . . 24
3.2.1 Overview of the Proposed Scheme . . . . . . . . . . . . 26
3.2.2 Key Generation . . . . . . . . . . . . . . . . . . . . . . 28
3.2.3 The Protocol for Requesting an Initial Anonymous
Ticket . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.2.4 The Protocol for Using an Anonymous Ticket in the
ith Round Before the Due Date . . . . . . . . . . . . . 31
3.2.5 The Protocol for Charging Mobile Users . . . . . . . . 36
3.2.6 The Protocol for Privacy Revoking . . . . . . . . . . . 39
3.2.7 Exceptions . . . . . . . . . . . . . . . . . . . . . . . . 40
3.3 Security Models and Proofs . . . . . . . . . . . . . . . . . . . 43
3.3.1 Security Requirements . . . . . . . . . . . . . . . . . . 43
3.3.2 Unlinkability . . . . . . . . . . . . . . . . . . . . . . . 43
3.3.3 Ticket Unforgeability . . . . . . . . . . . . . . . . . . . 46
3.3.4 Tamper Resistance . . . . . . . . . . . . . . . . . . . . 49
3.3.5 Ticket Swindling Resistance . . . . . . . . . . . . . . . 52
3.3.6 The Proof of the Negligible Failure Probability in Proof
3.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
3.3.7 Secure Mutual Authentication . . . . . . . . . . . . . . 64
3.3.8 Secure Authenticated Key Exchange . . . . . . . . . . 69
3.4 The Forward Secrecy Extension . . . . . . . . . . . . . . . . . 71
3.4.1 The Security Proof for the Forward Secrecy Extension 72
3.5 Comparisons . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
4 Possible Privacy Defect and Solution 81
4.1 A Possible Privacy Defect . . . . . . . . . . . . . . . . . . . . 81
4.2 Overcoming the Privacy Defect by Untraceable E-Cash Payment 82
4.2.1 Efficient E-Cash Scheme for On/Off-Line Payment . . 84
5 Integrated On/Off-Line Electronic Cash for Flexible and Efficient
Payment 85
5.1 Entities and Requirements . . . . . . . . . . . . . . . . . . . . 87
5.1.1 The Entities and E-Cash Flow . . . . . . . . . . . . . 88
5.1.2 Requirements . . . . . . . . . . . . . . . . . . . . . . . 88
5.2 The Definitions of Security Models . . . . . . . . . . . . . . . 90
5.3 The Proposed Integrated On/Off-Line Electronic Cash Scheme 94
5.3.1 Overview of the Proposed Scheme . . . . . . . . . . . . 96
5.3.2 Initialization . . . . . . . . . . . . . . . . . . . . . . . 97
5.3.3 The Withdrawal Protocol . . . . . . . . . . . . . . . . 97
5.3.4 The On-Line Payment Protocol . . . . . . . . . . . . . 100
5.3.5 The Off-Line Payment Protocol . . . . . . . . . . . . . 101
5.3.6 Double-Spending Checking and Anonymity Control . . 103
5.4 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
5.4.1 Reached Security Properties . . . . . . . . . . . . . . . 106
5.4.2 Unlinkability . . . . . . . . . . . . . . . . . . . . . . . 106
5.4.3 Unforgeability . . . . . . . . . . . . . . . . . . . . . . . 108
5.4.4 Tamper Resistance . . . . . . . . . . . . . . . . . . . . 110
5.4.5 No Swindling . . . . . . . . . . . . . . . . . . . . . . . 112
5.5 Comparisons . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
6 Full-Privacy Mechanism for Anonymous Authentication and
Untraceable E-Payment 125
6.1 Designated E-Cash for the Unused Ticket . . . . . . . . . . . 128
6.2 Performance Evaluation . . . . . . . . . . . . . . . . . . . . . 130
7 Conclusion 133
[1] Trusted Computing Group web site, available at https://www.trustedcomputinggroup.
org/home.
[2] Dennis Abrazhevich. Classification and characteristics of electronic payment
systems. In Kurt Bauknecht, Sanjay Madria, and Günther Pernul,
editors, Electronic Commerce and Web Technologies, volume 2115 of
Lecture Notes in Computer Science, pages 81–90. Springer Berlin / Heidelberg,
2001.
[3] G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A practical and
provably secure coalition-resistant group signature scheme. In Proceedings
of CRYPTO 2000, pages 255–270. Springer Berlin / Heidelberg,
2000.
[4] S. Bajikar. Trusted plateform module (tpm) based security on notebook
pcs-white paper. Mobile Platform Group, Intel Corporation, 1(2):
1, 2002.
[5] S. Bajikar. Trusted plateform module (tpm) based security on notebook
pcs-white paper. Moblie Platform Group, Intel Corporation, 1(2):1, June
2002.
[6] M. Bellare, C. Namprempre, D. Pointcheval, , and M. Semanko. The
one-more-rsa-inversion problems and the security of chaum’s blind signature
scheme. Journal of Cryptology, 16(3):185–215, March 2008.
[7] M. Bellare, C. Namprempre, D. Pointcheval, and M. Semanko. The onemore-
rsa-inversion problems and the security of chaum’s blind signature
scheme. Journal of Cryptology, 16(3):185–215, March 2008.
[8] M. Bellare and P. Rogaway. Entity authentication and key distribution.
In Advances in Cryptology — CRYPTO’ 93, pages 232–249, California,
USA, August 1993. Springer Berlin.
[9] S. Blake-Wilson and A. Menezes. Entity authentication and authenticated
key transport protocols employing asymmetric techniques. In
5th International Security Protocols Workshop, pages 137–158, Paris,
France, April 1998. Springer Berlin.
[10] D. Boneh. The decision diffie-hellman problem. In Algorithm Number
Theory, pages 48–63, Oregon, USA, June 1998. Springer Berlin.
[11] Stefan Brands. Untraceable off-line cash in wallet with observers. In
Advances in Cryptology, pages 302–318, New York, NY, USA, January
1994. Springer-Verlag.
[12] J. Camenisch, S. Hohenberger, and A. Lysyanskaya. Compact e-cash. In
Advances in Cryptology - EUROCRYPT 2005, pages 302–321. Springer
Berlin / Heidelberg, 2005.
[13] J. Camenisch and A. Lysyanskaya. A signature scheme with efficient protocols.
In Security in Communication Networks, pages 268–289. Springer
Berlin / Heidelberg, 2003.
[14] J. Camenisch, A. Lysyanskaya, and M. Meyerovich. Endrosed e-cash. In
IEEE Symposium on Security and Privacy, 2007, pages 101–115. IEEE
Computer Society, May 2007.
[15] S. Canard and A. Gouget. Divisible e-cash systems can be truly anonymous.
In Advances in Cryptology - EUROCRYPT 2007, pages 482–497,
Heidelberg, June 2007. Springer Berlin.
[16] S. Canard, A. Gouget, and J. Traore. Improvement of efficiency in
(unconditional) anonymous transferable e-cash. Finacial Cryptography
and Data Security, 5143:202–214, August 2008.
[17] Sébastien Canard, Aline Gouget, and Jacques Traoré. Improvement of
efficiency in (unconditional) anonymous transferable e-cash. In Gene
Tsudik, editor, Financial Cryptography and Data Security, volume 5143
of Lecture Notes in Computer Science, pages 202–214. Springer Berlin /
Heidelberg, 2009.
[18] R. Canetti, S. Halevi, and J. Katz. A forward-secure public-key encryption
scheme. Journal of Cryptology, 20(3):265–294, July 2007.
[19] D. Chaum. Blind signature systems. In Advance in Cryptology –
CRYPTO ’83, page 153, New York, July 1984. Plenum Press.
[20] D. Chaum, A. Fiat, and M. Naor. Untraceable electronic cash. In
Advances in Cryptology-CRYPTO’88, pages 319–327, New York, NY,
USA, 1990. Springer-Verlag.
[21] H. Chen, P. Lam, H. Chan, T. Dillon, C. Jiannong, and R. Lee.
Business-to-consumer mobile agent-based internet commerce system.
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications
and Reviews, 37:1174–1189, November 2007.
[22] W. Diffie and M. E. Hellman. New directions in cryptography. IEEE
Transactions on Information Theory, 22(6):644–654, November 1976.
[23] Y. Dodis and A. Yampolskiy. Verifiable random function with short
proofs and keys. In PKC 2005, pages 416–431. Springer Berlin / Heidelberg,
2005.
[24] I. George, Y. Frankel, Y. Tsiounis, and M. Yung. Anonymity control in
e-cash systems. In Financial Cryptography, pages 1–16, London, UK,
April 1997. Springer-Verlag.
[25] S. Goldwasser and S. Micali. Probabilistic encryption. Journal of Computer
and System Sciences, 28(2):270–299, April 1984.
[26] Y. Hanatani, Y. Komano, K. Ohta, and N. Kunihiro. Provably secure
electronic cash based on blind multisignature scheme. Finacial Cryptography
and Data Security, 4107:236–250, October 2006.
[27] Q. He, D. Wu, and P. Khosla. The quest for personal control over
mobile location privacy. IEEE Communication magazine, 42:130–136,
May 2004.
[28] E. Horowitz and S. Sahni. Computing partitions with applications to
the knapsack problem. Journal of the ACM, 21(1):277–292, April 1974.
[29] X. Hou and C-H. Tan. Fair traceable off-line electronic cash in wallets
with observers. In Advanced Communication Technology, 2004, pages
595–599, Phoenix Park, Korea, February 2004. IEEE Computer Society.
[30] X. Hou and C-H. Tan. A new electronic cash model. In International
Conference on Information Technology: Coding and Computing, pages
374–379, Washigton, DC, USA, April 2005. IEEE Computer Society.
[31] W. Hua, Z. Yanchun, C. Jinli, and V. Varadharajan. Achieving secure
and flexible m-services through tickets. IEEE Transactions on Systems,
Man, and Cybernetics, Part A: Systems and Humans, 33:697–
708, November 2003.
[32] M. Jakobsson and M. Yung. Revokable and versatile electronic money.
In Conference on Computer and Communications Security, pages 76–
87, New York, NY, USA, March 1996. ACM.
[33] M. Jakobsson and M. Yung. Revokable and versatile electronic money.
In Proceedings of the 3rd ACM Conference on Computer and Communications
Security, pages 76–87, New York, March 1996. ACM.
[34] A. Karygiannis, A. Kiayias, and Y. Tsiounis. A solution for wireless
privacy and payments based on e-cash. In First International Conference
on Security and Privacy for Emerging Areas in Communications
Networks, pages 206–218. IEEE, September 2005.
[35] A. Karygiannis, A. Kiayias, and Y. Tsiounis. A solution for wireless
privacy and payments based on e-cash. In Proceedings of the First International
Conference on Security and Privacy for Emerging Areas
in Communications Networks, pages 206–218, Washington, DC, USA,
2005. IEEE Computer Society.
[36] D. Kesdogan and X. Fouletier. Secure location information management
in cellular radio systems. In IEEE Wireless Communication System
Symposium, pages 35–40, Smithtown, New York, November 1995. IEEE
Computer Society.
[37] Nina Kreyer, Key Pousttchi, and Klaus Turowski. Characteristics of
mobile payment procedures. In Proceedings of the ISMIS 2002 Workshop
on M-Services, 2002.
[38] W. D. Lin and J. K. Jan. A wireless-based authentication and anonymous
channels for large scale area. In Sixth IEEE Symposium on Computers
and Communications, pages 36–41, Hammamet, Tunisia, July
2001. IEEE Computer Society.
[39] Y. Mu and V. Varadharajan. A new scheme of credit based payment
for electronic commerce. In Proceedings of the 23rd Annual Conference on Local Computer Networks, pages 278–284, Washington, DC, USA,
October 1998. IEEE Computer Society.
[40] T. Nakanishi, N. Haruna, and Yuji Sugiyama. Unlinkable electronic
coupon protocol with anonymity control. In Information Security, pages
37–46, London, UK, February 2004. Springer-Verlag.
[41] T. Nakanishi and Y. Sugiyama. An efficient on-line electronic cash with
unlinkable exact payments. IEICE Transactions on Fundamentals of
Electronics, Communications and Computer Sciences, E88-A(10):2769–
2779, June 2005.
[42] H. Orman and P. Hoffman. Determining strengths for public keys used
for exchanging symmetric keys. IETF RFC 3766, July 2004.
[43] S. Y. Park, M. S. Han, and Y. I. Eom. An efficient authentication
protocol supporting privacy in mobile computing environments. In 5th
IEEE International Conference on High Speed Networks and Multimedia
Communications, pages 332–334, Jeju Island, Korea, July 2002. IEEE
Computer Society.
[44] S. Pearson. Trusted computing platforms, the next security solution.
Technical Report HPL-2002-221, Hewllet-Packard Laboratories, November
2002.
[45] C. Popescu. An off-line electronic cash system with revokable
anonymity. In Proceedings of the 12th IEEE Mediterranean, pages 763–
767, Dubrovnik, Croatia, May 2004. IEEE Computer Society.
[46] W. Qiu, K. Chen, and D. Gu. A new offline privacy protecting e-cash
system with revokable anonymity. In Information Security, pages 177–
190, London, UK, October 2002. Springer-Verlag.
[47] D. Shah and S. Zhong. Benchmarking security computations on wireless
devices. http://www.cse.buffalo.edu/tech-reports/2006-19.pdf, pages 1–
4, 2006.
[48] R. Song and L. Korba. How to make e-cash with non-repudiation and
anonymity. In Information Technology: Coding and Computing, pages
167–172, Washington, DC, USA, April 2004. IEEE Computer Society.
[49] R. Tracz and K. Wrona. Fair electronic cash withdrawal and change
return for wireless networks. In Proceedings of the 1st International
Workshop on Mobile Commerce, pages 14–19, Rome, Italy, July 2001.
ACM.
[50] V. Varadharajan, K.Q. Neguyen, and Y. Mu. On the design of efficient
rsa-based off-line electronic cash schemes. Theoretical Computer Science,
226(1-2):173–184, September 1999.
[51] H. Wang and Y. Zhang. Untraceable off-line electronic cash flow in ecommerce.
In Australasian Computer Science Conference, pages 191–
198, Los Alamitos, CA, USA, February 2001. IEEE Computer Society.
[52] C.C. Yang, Y.L. Tang, R.C. Wang, and H.W. Yang. A secure and efficient
authentication protocol for anonymous channel in wireless communications.
Applied Mathematics and Computation, 169:1431–1439,
October 2005.
[53] D. Zhang and L. Zhou. Discovering golden nuggets: data mining in
financial application. IEEE Transactions on Systems, Man, and Cybernetics,
Part C: Applications and Reviews, 34:513–522, November 2004.
[54] J. Zhu and J. Ma. A new authentication scheme with anonymity for
wireless environments. IEEE Transactions on Consumer Electronics,
50(1):231–235, February 2004.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
1. 〈樂府詩總論〉,張草湖。﹙中華文化復興月刊第十三卷第三期,民國六十九年三月﹚
2. 〈漢樂府詩所反映的生活藝術〉,邱燮友。﹙中華文化復興月刊第十一卷一期,民國六十七年﹚
3. 〈從艷歌何嘗行論漢魏晉樂府詩的幾個問題〉,朴英姬。﹙中國文化月刊193期,民國八十四年十一月﹚
4. 〈漢代樂府之研究〉,陳萬鼐。﹙藝術評論第三期,民國八十年十月﹚
5. 〈樂府詩試論〉,張春榮。﹙鵝湖第七卷第九期,民國七十一年三月﹚
6. 〈漢代民歌的藝術分析〉,廖蔚卿,﹙文學評論第六集,民國六十九年﹚
7. 〈試論古樂府孤兒行的幾個命題〉,沈志方。﹙中國文化月刊17期,民國七十年三月﹚
8. 〈樂府詩的特性及其源流〉,邱燮友。﹙幼獅月刊第四十七卷第六期,民國六十七年六月﹚
9. 〈漢樂府詩中的婦女問題〉,黃淑貞。﹙中國語文第五九七期,民國九十四年九月﹚
10. 〈兩漢樂府歌辭的考識〉,陳友新。﹙花蓮師專學報第十二期,民國七十年﹚
11. 〈兩漢樂府古辭研究〉,韓屏周。﹙崑山工專學報第一期,民國六十二年七月﹚
12. 〈紅樓夢的民俗學價值及其在文學上的意義〉,葉麗婭。﹙漢學研究第九卷一期,民國八十年六月﹚
13. 吳雅婷(1994a)。鋼琴上的巨人—李斯特(上)。古典音樂,27,112-116。
14. 吳雅婷(1994b)。鋼琴上的巨人—李斯特(中)。古典音樂,28,120-125。
15. 吳雅婷(1994c)。鋼琴上的巨人—李斯特(下)。古典音樂,29,106-113。
 
系統版面圖檔 系統版面圖檔