近年來，隨著網路技術的普及，越來越多傳統交易透過網路的方式進行運作。然而，網路世界並非面對面進行溝通，因此「身分驗證」成為電子商務中重要的議題。有鑑於此，本論文結合指紋辨識功能，提出一種有效率的生物測定之遠端使用者驗證系統，提供電子商務在身分驗證的應用。

在眾多現行的電子商務類型之中，「電子拍賣」扮演了重要角色。目前電子拍賣可大致分為三類：英式拍賣、荷式拍賣以及封閉式拍賣。然而，透過網路公開投競標，易產生許多隱私洩漏的疑慮。因此，如何提供拍賣者匿名性以及拍賣隱私性，則成為電子拍賣上的重要議題。基於上述原因，本論文首先提出一種植基於離散對數困難度的實用英式拍賣機制；為了提供更多元的電子拍賣應用，本論文結合零知識證明理論，以確保拍賣者擁有更完整的安全性與匿名性，提出一種安全性與強匿名性的電子拍賣機制，藉以提供更實用的電子拍賣應用與環境。除此之外，此電子拍賣機制也將更適用於現今任何型態的電子拍賣中，如：英式拍賣、荷式拍賣、以及封閉式拍賣。

在電子付款機制盛行的現今，結合各種電子付款的研究也陸續提出，例如：結合電子現金（E-Cash）以及網路現金轉帳等。然而，上述皆只確保拍賣單方可獲得金額，並未能真正達成「公平交易」的需求。此外，在現今眾多的電子拍賣相關研究中，針對公平交易的需求，也尚未提出較合適的解決方法。基於此缺失，本論文提出一種具有公平交易特性的嶄新電子拍賣機制。此機制達成兩個目標：(1) 使用數位簽章技術，提供拍賣的安全性，並確保未得標者的拍賣資訊不被洩漏；(2) 結合公平交易機制，設計並使用電子代幣（E-Token）的概念，提昇拍賣雙方在交易前的信心，並確保雙方皆能公平的完成交易。最後，本論文更針對拍賣貨品，進一步將其分為實體貨品與數位貨品兩類做討論，以便提供在現實世界中之電子拍賣機制更為多元的應用。

Recently, with the popularity of the Internet, electronic commerce (e-commerce) covers all transactions conducted through electronic means. However, the communication of network is not face to face, hence "remote user authentication" has become an important part of e-commerce. Therefore, in this thesis, we proposed an efficient biometrics remote user authentication scheme that utilizes ngerprint identication function.

The "electronic auction" (e-auction) plays an important role in e-commerce. Generally, e-auction can be categorized into three types: English auction, Dutch auction and sealed-bid auction. However, bidding through network brings a lot of security problems. Hence, how to provide anonymous and bidding privacy is an important issue. For this reason, a practical e-English auction based on the discrete logarithms is proposed. Moreover, in order to provide more practical e-auction scheme, an e-auction scheme with strong anonymity and bidding privacy is also proposed in this thesis. We combines with zero knowledge proof to provide a secure auction environment for bidders. This scheme also applies to any type of existing e-auction scheme, such as: English auction, Dutch auction, sealed-bid auction.

Many e-auction schemes based on various kinds of e-payment schemes are commonly used, for example: e-cash, the network cash transfer accounts and so on. However, the schemes only ensure that the sellers could get the money, which is not "fair-exchange" actually. So far, there are no appropriate methods to solve the fairness requirements in e-auction yet. For this reason, this thesis proposes a novel fair-exchange electronic auction scheme. We divided the novel scheme into two sub goals: (1) adopting digital signature, so that the anonymity and auction behavior of bidder can be guaranteed, (2) using the concept of e-token to promote the confidence of both parties. So that "fair-exchange" can be achieved. In order to implement this scheme in the real world, this thesis will separately discuss the scheme in entity and digital goods.

Acknowledgement i
Chinese Abstract iii
English Abstract iv
Contents vi
List of Figures xi
List of Tables xiii
1 Introduction 1
1.1 Research Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Research Background and Objects . . . . . . . . . . . . . . . . . . . . . 2
1.3 Dissertation Organization . . . . . . . . . . . . . . . . . . . . . . . . . 7
2 Related Work 8
2.1 Preliminary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.1.1 Digital Signature Schemes . . . . . . . . . . . . . . . . . . . . . 8
2.1.2 Zero Knowledge Proof, ZKP . . . . . . . . . . . . . . . . . . . . 10
2.1.3 Fair-Exchange . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.1.4 One-Way Hash Function . . . . . . . . . . . . . . . . . . . . . . 11
2.1.5 Discrete Logarithms . . . . . . . . . . . . . . . . . . . . . . . . 12
2.2 Remote User Authentication . . . . . . . . . . . . . . . . . . . . . . . . 13
2.2.1 Review of Kim-Lee-Yoo Scheme . . . . . . . . . . . . . . . . . . 13
2.2.2 Cryptanalysis of Kim-Lee-Yoo Scheme . . . . . . . . . . . . . . 16
2.2.3 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.2.4 Review of Khan-Zhang Scheme . . . . . . . . . . . . . . . . . . 17
2.2.5 Cryptanalysis of Khan-Zhang Scheme . . . . . . . . . . . . . . . 20
2.2.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.3 Electronic Banking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.3.1 Unmanned Banking . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.3.2 Phone Banking . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.3.3 Internet Banking . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.4 Electronic Payment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.4.1 Electronic Cash . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.4.2 Electronic Check and Traverler's Check . . . . . . . . . . . . . . 25
2.4.3 Electronic Credit Card . . . . . . . . . . . . . . . . . . . . . . . 25
2.4.4 Micropayment . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.5 Electronic Auction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.5.1 English Auction . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.5.2 Dutch Auction . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.5.3 Sealed-bid Auction . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.5.4 Review of Chang-Chang Scheme . . . . . . . . . . . . . . . . . . 27
2.5.5 Cryptanalysis of Chang-Chang Scheme . . . . . . . . . . . . . . 30
2.5.6 Review of Chang-Chang Enhanced Scheme . . . . . . . . . . . . 31
2.5.7 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
3 Efficient Biometrics Remote User Authentication Scheme 36
3.1 Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
3.1.1 Registration Phase . . . . . . . . . . . . . . . . . . . . . . . . . 37
3.1.2 Login Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
3.1.3 Authentication Phase . . . . . . . . . . . . . . . . . . . . . . . . 38
3.1.4 Change Password . . . . . . . . . . . . . . . . . . . . . . . . . . 38
3.1.5 Mutual Authentication Phase . . . . . . . . . . . . . . . . . . . 39
3.2 Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
3.2.1 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . 39
3.2.2 Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
3.3 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
4 A Practical Electronic English Auction Based On The Discrete Logarithms 43
4.1 Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
4.1.1 Discrete Logarithms . . . . . . . . . . . . . . . . . . . . . . . . 44
4.1.2 Group Signature Scheme . . . . . . . . . . . . . . . . . . . . . . 44
4.1.3 ID Escrow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
4.2 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
4.2.1 Entities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
4.2.2 Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
4.2.3 Notations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
4.2.4 Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
4.3 Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
4.3.1 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . 52
4.3.2 Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
4.3.3 Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
4.4 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
5 Practical Electronic Auction Scheme with Strong Anonymity and
Bidding Privacy 58
5.1 Denitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
5.1.1 Entities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
5.1.2 Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
5.1.3 Notations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
5.2 Proposed Scheme for English Auctions . . . . . . . . . . . . . . . . . . 63
5.2.1 Registration Phase . . . . . . . . . . . . . . . . . . . . . . . . . 63
5.2.2 Bidding Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
5.2.3 Decision-of-Winner and Announcement Phase . . . . . . . . . . 69
5.3 Proposed Scheme for Sealed-bid Auction . . . . . . . . . . . . . . . . . 72
5.3.1 Registration Phase . . . . . . . . . . . . . . . . . . . . . . . . . 72
5.3.2 Bidding Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
5.3.3 Decision-of-Winner and Announcement Phase . . . . . . . . . . 74
5.4 Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
5.4.1 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . 76
5.4.2 Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
5.4.3 Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
5.5 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
6 Practical Fair-Exchange Electronic Auction Scheme 83
6.1 Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
6.1.1 Entity Goods . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
6.1.2 Digital Goods . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
6.2 Denitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
6.2.1 Entities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
6.2.2 Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
6.2.3 Notations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
6.3 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
6.3.1 Protocol 1: Entity Goods . . . . . . . . . . . . . . . . . . . . . 89
6.3.2 Protocol 2: Digital Goods . . . . . . . . . . . . . . . . . . . . . 96
6.4 Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
6.4.1 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . 101
6.4.2 Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
6.4.3 Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
6.5 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
7 Conclusion and Discussion 108
Bibliography 111

[1] B. B. Anderson, J. V. Hansen, P. B. Lowry and S. L. Summers, "Standards and Verication for Fair-Exchange and Atomicity in E-Commerce Transactions," Information Sciences, Vol. 176, No. 8, pp. 1045-1066, 2006.

[2] Z. Aneta and K. Zbigniew, "A Light-Weight E-Voting System with Distributed Trust," Electronic Notes in Theoretical Computer Science, Vol. 168, pp. 109-126, 2007.

[3] N. Asokan, P. A. Janson, M. Steiner and M. Waidner, "The State of The Art in Electronic Payment Systems," IEEE Computer, Vol. 30, pp. 28-35, 1997.

[4] N. Asokan, V. Shoup and M.Waidner, "Optimistic Fair Exchange of Digital Signature," in Proceedings of Financial EUROCRYPTO'98, Springer-Verlag, pp. 591- 606, 1998.

[5] N. Asokan, V. Shoup and M. Waidner, "Asynchronous Protocols for Optimistic Fair Exchange," in Proceedings of the 1998 IEEE symposium on security and privacy, Oakland, CA, USA, pp. 86-99, 1998.

[6] G. Ateniese, J. Camenisch, M. Joye and G. Tsudik, "A Practical and Provably Secure Coalition-Resistant Group Signature Scheme," Advance in Cryptology-CRYPTO 2000, Springer-Verlag, pp. 255-270, 2000.

[7] G. Ateniese and G. Tsudik, "Some Open Issues and New Directions in Group Signatures," in Proceedings of Financial CRYPTO'99, Springer-Verlag, pp. 196-211, 1999.

[8] I. G. Bae, B. H. Cho, J. S. Kim, J. H. Bae and K. Y. Yoo, "Online Fingerprint Verication System using Direct Minutia Extraction," in Proceedings of 13th International Conference on Computer Applications in Industry and Engineering, pp. 120-123, 2000.

[9] F. Bao, R. H. Deng and W. Mao, "Efficient and Practical Fair Exchange Protocols with Off-line TTP," in Proceedings of the 1998 IEEE Symposium on Security and Privacy, Oakland, CA, USA, pp. 77-85, 1998.

[10] C. Boyd and E. Foo, "Off-line Fair Payment Protocol using Convertible Signature," Advances in Cryptology, in Proceedings of ASIACRYPT'98, LNCS 1514, Springer-Verlag, pp. 271-285, 1998.

[11] C. Cachin, "Efficient Private Bdding and Auctions with An Oblivious TrirdParty," in Proceedings of 6th ACM Conference on Computer and Communications Security, pp. 120-127, 1999.

[12] J. Camenisch and M. Michels, "A Group Signature Scheme with Improved Efficiency," Advances in Cryptology-ASIACRYPT'98, Springer-Verlag, pp. 160-174, 1998.

[13] C.-C. Chang and Y.-F. Chang, "Efficient Anonymous Auction Protocols with Freewheeling Bids," Computers and Security, Vol. 22, No. 8, pp. 728-734, 2003.

[14] Y.-F. Chang and C.-C. Chang, "Enhanced Anonymous Auction Protocols with Freewheeling Bids," in Proceedings of 20th International Conference on Advanced Information Networking and Applicatn (AINA 2006), pp. 353-358, 2006.

[15] C.-C. Chang and Y.-P. Lai, "A Flexible Date-Attachment Scheme on E-Cash," Computer and Security, Vol. 22, No. 2, pp. 160-166, 2003.

[16] C.-C. Chang and I.-C. Lin, "Remarks of Fingerprint-Based Remote User Authentication Scheme using Smart Card," ACM SIGOPS Operating Systems Review, Vol. 38, No. 4, pp. 91-96, 2004.

[17] D. Chaum and H. Antwerpen, "Undeniable Signatures," Advances in Cryptology-CRYPTO'89, Springer-Verlag, Vol. 435, pp. 212-216, 1989.

[18] D. Chaum and E. V. Heyst, "Group Signatures," Advance in Cryptology-EUROCRYPT'91, Springer-Verlag, pp. 257-265, 1991.

[19] L. Chen and T. P. Pedersen, "New Group Signature Schemes," Advances in Cryptology-EUROCRYPT'94, Springer-Verlag, pp. 171-181, 1994.

[20] H.-Y. Chien, "Forging A Winning Bid in Mu-Varadharajan's E-Auction," WSEAS Transations on Business and Economics, Vol. 5, No. 1, pp. 1-8, 2008.

[21] Y.-F. Chung, K.-H. Huang, H.-H. Lee, F.-C. Lai and T.-S. Chen, "Bidder-Anonymous English Auction Scheme with Privacy and Public Veriability," Journal of Systems and Software, Vol. 81, No. 1, pp. 113-119, 2008.

[22] V. P. Crawford and P. S. Kuo, "A Dual Dutch Auction in Taipei: The Choice of Numeraire and Auction form in Multi-Object Auctions with Bundling," Journal of Economic Behavior and Organization, Vol. 51, No. 4, pp. 427-442, 2003.

[23] W. Die and M. Hellman, "New Direction in Cryptography," IEEE Transactions on Information Theory, pp. 644-654, 1976.

[24] Y. Dodis and L. Reyzin, "Breaking and Repairing Optimistic Fair Exchange from PODC," in Proceedings of ACM Workshop on Digital Rights Management (DRM 2003), pp. 47-54, 2003.

[25] T. ElGamal, "A Public-Key Cryptosystem and A Siguature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory IT-31, pp. 469-472, 1985.

[26] C.-I. Fan, W.-K. Chen and Y.-S. Yeh, "Data Attachable Electronic Cash," Computer Communication, Vol. 23, No. 4, pp. 425-428, 2000.

[27] M. K. Franklin and M. K. Reiter, "The Design and Implementation of a Secure Auction Service," IEEE Transactions on Software Engineering, pp. 302-312, 1996.

[28] M. K. Franklin and M. K. Reiter, "Fair Exchange with A Semi-Trusted Third Party," in Proceedings of 4th ACM Conference on Computer and Communications Security, Zurich, Switzerland, pp. 1-5, 1997.

[29] L. Gong, "Increasing Availability and Security of An Authentication Service," IEEE Journal on Selected Areas in Communications, Vol. 1, No. 5, pp. 657-662, 1993.

[30] J. Heezen and W. Baets, "The Impact of Electronic Markets: The Case of The Dutch Flower Auctions," Journal of Strategic Information Systems, Vol. 5, No. 4, pp. 317-333, 1996.

[31] D. Hirakiuchi and K. Sakurai, "English vs. Sealed-Bid in Anonymous Electronic Auction Protocols," in Proceedings of 10th IEEE International Workshops on Enabling Technologies (WETICE 2001), pp.171-176, 2001.

[32] C.-L. Hsu, T.-S.Wu, M.-J. Li and M.-J. Shiu, "Forgery attacks on Improved Group Signature Scheme," in Proceedings of the 2003 National Computer Symposium (NCS 2003), Taichung, Republic of China (Taiwan), pp. CD-ROM, December, 2003.

[33] T. Hwang and Y. Chen and C.-S. Laih, "Non-Interactive Password Authentications without Password Table," in Proceedings of IEEE Region 10 Conference on Computer and Communication Systems, pp. 429-431, 1990.

[34] S.-Y. Hwang, H.-A. Wen and T. Hwang, "On The Security Enhancement for Anonymous Secure E-Voting over Computer Network," in Proceedings of 10th IEEE International Workshops on Enabling Technologies (WETICE'01), pp. 171-176, 2001.

[35] C. Ito, M. Iwaihara and Y. Kambayashi, "Fair Exchange under Limited Trust," in Proceedings of Third International Workshop on Technologies for E-Services, LNCS 2444, pp. 161-169, 2002.

[36] R. Jiang, L. Pan and J.-H. Li, "An Improvement on Efficient Anonymous Auction Protocols," Computers and Security, Vol. 24, No. 2, pp. 169-174, 2005.

[37] W.-S. Juang, H.-T. Liaw, P.-C. Lin and C.-K. Lin, "The Design of a Secure and Fair Sealed-Bid Auction Service," Mathematical and Computer Modelling, Vol. 41, No. 8-9, pp. 973-985, 2005.

[38] M.-K. Khan and J. Zhang, "Improving the Security of A Flexible Biometrics Remote User Authentication Scheme," Computer Standards and Interfaces, Vol. 29, No. 1, pp. 82-85, 2007.

[39] H. Kikuchi, M. Harkavy and J. D. Tygar, "Multi-Round Anonymous Auction," in Proceedings of the First IEEE Workshop on Dependable and Real-Time E-Commerce Systems, pp. 62-69, June 1998.

[40] H. Kikuchi, S. Hotta, K. Abe and S. Nakanishi, "Resolving Winner and Winning Bid without Revealing Privacy of Bids," in Proceedings of International Workshop on Next Generation Internet (NGITA 2000), pp. 307-312, July 2000.

[41] H. Kikuchi, "(M+1)st-Price Auction," in Proceedings of The Fifth International Conference on Financial Cryptography 2001 (IFCA 2001), pp. 291-298, February 2001.

[42] J. Kilian and E. Petrank, "Identity Escrow," Advances in Cryptology-CRYPTO'98, Springer-Verlag, pp. 169-185, 1998.

[43] H. S. Kim, S. W. Lee and K. Y. Yoo, "ID-Based Password Authentication Scheme using Smart Card and Fingerprints," ACM SIGOPS Operating Systems Review, Vol. 37, No. 4, pp. 32-41, 2003.

[44] N. Koblitz, A. Menezes and S. Vanstone, "The State of Elliptic Curve Cryptography," Designs Codes Crypto, Vol. 19, No. 2-3, pp. 173-193, 2000.

[45] W.-C. Ku, S.-T. Chang and M.-H. Chiang, "Further Cryptanalysis of Fingerprint-Based Remote User Authentication Scheme using Smart Card," Electronics Letters, Vol. 41, No. 5, pp. 240-241, 2004.

[46] M. Kudo, "Secure Electronic Sealed-Bid Auction Protocol with Public Key Cryptography," IEICE Transactions on Fundamentals, Vol. E81-A, No. 1, pp. 20-27, 1998.

[47] L. Lamport, "Password Authentication with Insecure Communication," Communications of the ACM, Vol. 24, No. 11, pp. 770-772, 1981.

[48] W.-B. Lee and C.-C. Chang, "Efficient Group Signature Scheme Based on The Discrete Logarithm," IEE Proceedings Computers and Digital Techniques, Vol. 145, No. 1, pp. 15-18, 1998.

[49] B. Lee, K. Kim and J. Ma, "Efficient Public Auction with One-Time Registration and Public Veriability," in Proceedings of INDOCRYPT 2001, pp. 16-20, 2001.

[50] W.-B. Lee, K.-C. Liao and Y.-H. Hsiao, "The Security of User Efficient E-Cash Scheme with Anonymous Certicates," in Proceedings of the 12th Conference on Information Security, Taichung, Republic of China (Taiwan), pp. CD-ROM, May 2002.

[51] W.-B. Lee, Y.-H. Hsiao and K.-C. Liao, "Improved Proxy Deposit Protocol for E-Cash Systems," in Proceedings of the 12th Conference on Information Security, Taichung, Republic of China (Taiwan), pp. CD-ROM, May 2002.

[52] J. K. Lee, S. R. Ryn and K. Y. Yoo, "Fingerprint-Based Remote User Authentication Scheme using Smart Card," Electronics Letters, Vol. 38, No. 12, pp. 554-555, 2002.

[53] Z.-Y. Lee, H.-C. Yu and P.-J. Kuo, "An Analysis and Comparison of Dierent Types of Electronic Payment Systems," in Proceedings of the Portland International Conference on Management of Engineering and Technology, pp. 38-45, 2001.

[54] M.-J. Li and Justie S.-T. Juan, "A Practical English Auction Based on the Discrete Logarithms," in Proceedings of the 2007 International Conference on Security and Management (SAM 2007), Vol. 1, pp. 413-419, 2007.

[55] M.-J. Li and Justie S.-T. Juan, "Efficient Biometrics Remote User Authentication Scheme," in Proceedings of the 2008 International Conference on Security and Management (SAM 2008), Vol. 1, pp. 87-90, 2008.

[56] M.-J. Li and Justie S.-T. Juan, "A Practical Fair Electronic Auction Scheme with Physical Delivery," in Proceedings of the 20th International Conference on Information Management (ICIM 2009), Shih Hsin University, Taipei, Republic of China (Taiwan), pp. 1459-1468, May 23, 2009.

[57] M.-J. Li and Justie S.-T. Juan, "New Cryptanalysis of an ID-Based Password Authentication Scheme using Smart Cards and Fingerprints," International Journal of Engineering Science and Technology (IJEST), Vol. 2, No. 11, pp. 6840-6844, 2010.

[58] H.-T. Liaw, W.-S. Juang and C.-K. Lin, "An Electronic Online Bidding Auction Protocol with Both Security and Efficiency," Applied Mathematics and Computation, Vol. 174, No. 2, pp. 1487-1497, 2006.

[59] I.-C. Lin and C.-C. Chang, "A Countable and Time-Bound Password-Based User Authentication Scheme for the Applications of Electronic Commerce," Information Sciences, Vol. 179, No. 9, pp. 1269-1277, 2009.

[60] C.-H. Lin and Y.-Y. Lai, "A Flexible Biometrics Remote User Authentication Scheme," Computer Standard and Interfaces, Vol. 27, No. 1, pp. 19-23, 2004.

[61] S. Liu and M. Wang, "Sealed-Bid Auctions based on Cobb-Douglas utility Function," Economics Letters, Vol. 107, No. 1, April, pp. 1-3, 2010.

[62] K. Nguyen and J. Traor'e, "An Online Public Auction Protocol Protecting Bidder Privacy," in Proceedings of Australasion Conference on Information Security and Privacy (ACISP 2000), pp. 427-442, 2000.

[63] D. O'Mahany, M. Peirce and H. Tewari, "Electronic Payment Systems," Artech House, Boston, pp. 145-185, 1997.

[64] K. Omote and A. Miyaji, "A Practical English Auction with One-Time Registration," Lecture Note in Computr Science of Information Security and Privacy-Proceedings on ACISP 2001, Springer-Verlag, pp. 221-234, 2001.

[65] K. Omote and A. Miyaji, "A Pratical English Auction with Simple Revocation," IEICE Transactions Fundamentals, Vol. E85-A, No. 5, pp. 1054-1061, 2002.

[66] J. Park, E. Chong and H. Siegel, "Constructing Fair-Exchange Protocols for E-Commerce via Distributes Computation of RSA Signature," in Proceedings of 2003 ACM Symposium on Principles of Distributed Computing (PODC 2003), pp. 172-181, July, 2003.

[67] N. K. Ratha, K. Karu, S. Chen and A. K. Jain, "A Real-Time Matching System for Large Fingerprint Databases," IEEE Transactions on Pattern Analysis and Machine Intelligence, Vol. 18, No. 8, pp. 799-813, 1996.

[68] R. Rivest, "The MD-5 Message-Digest Algorithm," RFC 1321, Internet Activities Board, Internet Privacy Task Force, 1992.

[69] C. P. Schnorr, "Efficient Signature Generation for Smart Cards," Journal of Cryptology, Vol. 4, No. 3, pp. 239-252, 1991.

[70] A. Shamir, "Identity-Based Cryptosystems and Signature Scheme," Advances in Cryptology-CRYPTO'84, Springer-Verlag, Vol. 196, pp. 47-53, 1984.

[71] D.-H. Shih, H.-Y. Huang and D.-C. Yen, "A Secure Reverse Vickrey Auction Scheme with Bid Privacy," Information Sciences, Vol. 176, No. 5, pp. 550-564, 2006.

[72] M. Stadler, "Publicly Veriable Secret Sharing," Advances in Cryptology, in Proceedings of EUROCRYPT'96, LNCS 1070, Springer-Verlag, pp. 190-199, 1996.

[73] K. Suzuki, K. Kobayashi and H. Morita, "Efficient Sealed-Bid Auction using Hash Chain," in Proceedings of the 3th International Conference on Information Security and Cryptoogy (ICISC 2000), pp. 189-197, 2000.

[74] A. Verma, M. K. Tiwari and N. Mishra, "Minimizing Time Risk in On-line Bidding: An Adaptive Information Retrieval based Approach," Expert Systems with Applications, Vol. 38, No. 4, April, pp. 3679-3689, 2011.

[75] C.-F. Wang, J.-H. Ge, X.-J. Du, J. Qu, T.-S. Zhao and S.-Y. Yang, "A Multi-Party Non-Repudiation Protocol with Semi-Trusted Third Party," in Proceedings of IEEE TENCON 2002, pp. 188-191, 2002.

[76] C.-H. Wang, C.-H. Yin and C.-H. Juan, "How to Protect Exchanged Secrets in the Fair Exchange Protocol with Off-line TTP," Computers and Electrical Engineering, Vol. 32, No. 5, pp. 364-375, 2006.

[77] Q. Wu, H. Zhang and J. Pu, "A Fair-Exchange Protocol Based on Off-line Semi-Trusted Third Part," International Journal of Computer Science and Network Security (IJCSNS), Vol. 7, No. 7, pp. 208-212, 2007.

[78] S. Xia and J. You, "A Group Signature Scheme with Strong Separability," Journal of Systems and Software, Vol. 60, No. 3, pp. 177-182, 2002.

[79] Z. Zhao, M. Naseri and Y. Zheng, "Secure Quantum Sealed-Bid Auction with Post-Conrmation," Optics Communications, Vol. 283, No. 16, August 15, pp. 3194-3197, 2010.

[80] J. Zhou, R. Deng and F. Bao, "Some Remarks on a Fair Exchange Protocol," in Proceedings of Third International Workshop on Practice and Theory in Public Key Cryptosystems, LNCS 1751, pp. 46-57, 2000.