離線電子現金系統之研究

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：29

、訪客IP：52.15.71.15

姓名

邱國哲(Kuo-Zhe Chiou) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

離線電子現金系統之研究
(The Research of Off-line Electronic Cash Systems)

相關論文

★ 多種數位代理簽章之設計	★ 小額電子支付系統之研究
★ 實體密碼攻擊法之研究	★ 商業性金鑰恢復與金鑰託管機制之研究
★ AES資料加密標準之實體密碼分析研究	★ 電子競標系統之研究
★ 針對堆疊滿溢攻擊之動態程式區段保護機制	★ 通用型數域篩選因數分解法之參數探討
★ 於8051單晶片上實作可防禦DPA攻擊之AES加密器	★ 以非確定式軟體與遮罩分割對策防禦能量攻擊之研究
★ 遮罩保護機制防禦差分能量攻擊之研究	★ AES資料加密標準之能量密碼分析研究
★ 小額電子付費系統之設計與密碼分析	★ 公平電子現金系統之研究
★ RSA公開金鑰系統之實體密碼分析研究	★ 保護行動代理人所收集資料之研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

隨著電子商務在網際網路上的蓬勃發展，電子付費系統在今日已成為重要的議題，如何確保線上交易之安全性和便利性更是消費者關注的問題。其中，在如何以電子化形式付費的研究上，電子現金系統(Electronic Cash System)更成為其重要的研究之一。
由David Chaum所提出的電子現金系統，讓消費者可以在匿名的情況下，和店家進行離線方式的交易，並且保證電子金錢之不可偽造性。但是，犯罪者卻可以利用匿名之性質來透過電子現金系統進行洗錢或勒索之犯罪之行為。因此，現今的電子現金系統都具備匿名撤銷機制來防範犯罪。
在本論文的第三章會介紹幾個電子現金系統，包含具有匿名撤銷的系統以及非常有效率的系統。前者，這類系統採用兩個密碼技術：雙重付費偵測(Double-spending Detection)以及追蹤(Tracing)，來有效地進行匿名撤銷之功能。同時也指出匿名撤銷機制卻造成這類系統在計算成本上以及通訊成本上沈重的負擔。後者，根據“一次提款多個單位電子金錢”之觀念，採用了批次簽章(Batch Signature)之密碼技術，大大地提升了電子現金系統之效率。然而，此系統在防範犯罪的能力上比較薄弱。
針對電子現金系統效率之議題，本論文根據“一次提款多個單位電子金錢”之概念，提出了兩個有效率的電子現金系統。
本論文第四章介紹第一個所提出的系統，此系統改良於PayWord。除了改變單向雜湊函數鏈的產生方式之外，並採用部份盲簽章(Partially Blind Signature)之技術，使得所提出的系統比一般電子現金系統都來得有效率且比較安全。
第二個提出的系統詳述於本論文之第五章。在考量安全與效率之議題下，提出一個新的盲簽章來建構出此系統。在安全考量下，此系統具備了雙重付費偵測和追蹤之功能；在效率考量下，採用批次簽章之技術提升本系統之效率。
最後在本論文之第六章，提出了幾項對電子現金系統之討論，做為未來研究的方向。

摘要(英)

On-line business has gradually become an important issue nowadays
due to the tremendous growth of electronic commerce on Internet.
Especially, electronic cash system is one of most popular research
topics for paying electronically.
Electronic cash system proposed by David Chaum makes electronic payment
on Internet possible with anonymity, off-line, and unforgeability.
However, malicious user can freely commit crimes by means of the
property of anonymity. In consideration of preventing
criminal activities, the anonymity revocation has become a
desired requirement.
Unfortunately, although anonymity revocation can protect electronic cash
system from being misused, it makes the category of systems inefficient at
the same time.
In this thesis, some electronic cash systems with revocable anonymity are
introduced. These systems prevent criminal activities by means of the two
most common cryptographic techniques double-spending detection and tracing.
However, these systems are inefficient and impractical. Then one very
efficient electronic cash system is presented that it is possible to resolve the
problem of efficiency of those revocable anonymity systems.
We propose two electronic cash systems concerning about efficient issue.
The first one takes advantage of hash function operation in PayWord to reduce
the use of public key operations while maintaining the anonymity property.
This system is very efficient because hash function operation is
faster than public key operation.
We propose a new blind signature which combines with batch cryptography to
construct another electronic cash system. The main idea is that amortizing
the expensive computation cost accross many coins. Moreover, in terms of
ensuring the system from being misused, it provides double-spending
detection and tracing capability. Finally, we suggest that the proposed
system works with elliptic curve in terms of security,
computational speed, and space requirement. Finally, the complete view of
the system converted to elliptic curve cryptography are also provided.

關鍵字(中)

★ 電子現金系統
★ 匿名性
★ 匿名撤銷
★ 公平交易
★ 追蹤

關鍵字(英)

★ Anonymity revocation
★ Anonymity
★ Fair payment
★ Tracing
★ Electronic cash

論文目次

1 Introduction 1
1.1 Introduction to E-cash System.......................................1
1.2 Overview of the Thesis..............................................3
2 Preliminary 5
2.1 The Basic Model of Modern E-cash System.............................5
2.2 The Requirements of Modern E-cash System............................6
2.3 Introduction to Blind Signature.....................................7
2.3.1 RSA Blind Signature...............................................7
2.3.2 Schnorr Blind Signature...........................................8
2.3.3 Partially Blind Signature.........................................9
2.3.4 Nyberg-Rueppel Blind Signature...................................10
2.4 Summary............................................................12
3 Review of Off-line E-cash Systems 14
3.1 The First E-cash System............................................15
3.1.1 The first e-cash system..........................................15
3.1.2 Security analysis................................................16
3.2 An Off-line E-cash System with Revocable Anonymity.................16
3.2.1 Brands e-cash system.............................................17
3.2.2 Proving equality of logarithms...................................19
3.2.3 An Off-line E-cash System with Revocable Anonymity...............20
3.3 An Efficient E-cash System Using Nyberg-Rueppel Blind Signature....24
3.3.1 Proving equality of logarithms...................................24
3.3.2 The proposed e-cash system.......................................25
3.4 A Very Efficient E-cash System Using Batch Signature...............28
3.4.1 Batch Schnorr signature..........................................29
3.4.2 The proposed e-cash system.......................................30
3.4.3 Remarks and Discussions..........................................33
3.5 Summary............................................................33
4 An Efficient E-cash System Using Hash Chain 36
4.1 Review of PayWord..................................................36
4.1.1 Payword certificate..............................................37
4.1.2 Commitment to a payword chain....................................37
4.1.3 Spending paywords................................................38
4.1.4 Depositing spent paywords........................................38
4.2 A New Efficient E-cash System......................................38
4.2.1 System setup.....................................................39
4.2.2 Withdrawal protocol..............................................39
4.2.3 Payment protocol.................................................40
4.2.4 Deposit protocol.................................................40
4.3 Remarks and Discussions............................................40
4.3.1 Security Analysis................................................40
4.3.2 Efficiency Analysis..............................................41
5 An Efficient E-cash System with Revocable Anonymity 43
5.1 Previous Work......................................................43
5.2 New Blind Signature................................................44
5.3 A New E-cash System................................................46
5.3.1 Registration protocol............................................46
5.3.2 Withdrawal protocol..............................................47
5.3.3 Payment protocol.................................................48
5.3.4 Deposit protocol.................................................49
5.3.5 Tracing protocol.................................................49
5.3.6 Security analysis................................................50
5.3.7 Efficiency analysis..............................................50
5.4 A Variant of The Proposed System...................................52
5.4.1 Elliptic curve cryptography (ECC)................................52
5.4.2 Proof of equality of logarithms using ECC........................53
5.4.3 The improved system using ECC....................................54
5.5 Remarks and Discussions............................................58
6 Conclusions 60
6.1 Brief Review of Main Contributions.................................60
6.2 Further Research Topics and Directions.............................60

參考文獻

Masayuki Abe and Jan Camenisch, ``Partially Blind Signature Schemes,'
Proceedings of the 1997 Symposium on Cryptography and
Information Security, SCIS97-33D, 1997.
Masayuki Abe and Eiichiro Fujisaki, ``How to Date Blind Signature,'
In Advances in Cryptology - ASIACRYPT '96, Lecture Notes
in Computer Science, Vol. 1163, pp. 244--251, Springer-Verlag, 1996.
Masayuki Abe and Tatsuaki Okamoto,
``Provably Secure Partially Blind Signature,'
In Advances in Cryptology - CRYPTO 2000,
Lecture Notes in Computer Science, Vol. 1880, pp. 271--286,
Springer-Verlag, 2000.
Stefan Brands,
``Untraceable Off-Line Cash in Wallets with Observers,'
In Advances in Cryptology - CRYPTO '93,
Lecture Notes in Computer Science, Vol. 773, pp. 302--318,
Springer-Verlag, 1994.
Feng Bao, Robert H. Deng, and Peirong Feng,
``An Efficient and Practical Scheme for Privacy
Protection in the E-Commerce of Digital Goods,'
In Information Security and Cryptology - ICISC 2000,
Lecture Notes in Computer Science, Vol. 2015, pp. 162--170,
Springer-Verlag, 2001.
Colin Boyd, Ernest Foo, and Chris Pavlovski,
``Efficient Electronic Cash Using Batch Signatures,'
In Information Security and Privacy - ACISP '99,
Lecture Notes in Computer Science, Vol. 1587, pp. 244--257,
Springer-Verlag, 1999.
Ernie Brickell, Peter Gemmell, and David Kravitz,
``Trustee-based Tracing Extensions to Anonymous
Cash and the Making of Anonymous Change,'
In Proceedings of the 6th Annual ACM - SIAMs
pp. 457--466, Association for Computing Machinery,
January 1995.
Certicom Corp, ``The Elliptic Curve Cryptosystems for Smart Cards,'
May 1998, available: http://www.certicom.com/research/wecc4.html.
David Chaum,
``Blind Signatures for Untraceable Payments,'
In Advances in Cryptology - CRYPTO '82,
Lecture Notes in Computer Science, Vol. 1440, pp. 199--203,
Springer-Verlag, 1998.
Agnes Chan, Yair Frankel, and Yiannis Tsiounis, ``Easy
Come -- Easy Go Divisible Cash,' In Advances in
Cryptology - EUROCRYPT '98, Lecture Notes in Computer Science,
Vol. 1403, pp. 561--575, Springer-Verlag, 1998.
Jan Camenisch, Ueli Maurer, and Markus Stadler, ``Digital Payment
Systems with Passive Anonymity-Revoking Trustees,'
In Computer Security - Esorics '96, Lecture Notes and Computer
Science, Vol. 1146, pp. 33--43, Springer-Verlag, 1996.
Ronald Cramer and Torben P. Pedersen, ``Improved Privacy in
Wallets with observers,' In Advances in Cryptology - EUROCRYPT '93
, Lecture Notes and Computer Science, Vol. 765, pp. 329--343,
Springer-Verlag, 1994.
Jan Camenisch, Jean-Marc Piveteau, and Markus Stadler,
``An Efficient Fair Payment System,'
In 3rd ACM Conference on Computer and Communications
Security, pp. 88--94, 1996.
George Davida, Yair Frankel, Yiannis Tsiounis, and Moti Yung,
``Anonymity Control in E-Cash Systems,'
In Financial Cryptography - FC '97,
Lecture Notes in Computer Science, Vol. 1318, pp. 1--16,
Springer-Verlag, 1997.
Niels Ferguson, ``Single Term Off-Line Coins,'
In Advance in Cryptology - EUROCRYPT '93,
Lecture Notes in Computer Science, Vol. 765,
pp. 318--328 Springer-Verlag, 1993.
Amos Fiat, ``Batch RSA,' In Advance in Cryptology
- CRYPTO '89, Lecture Notes in Computer Science,
Vol. 435, pp. 175--185 Springer-Verlag, 1990.
Yair Frankel, Yiannis Tsiounis, and Moti Yung,
``Indirect discourse Proofs: Achieving Efficient
Fair Off-Line E-Cash System,' Proceedings of
ASIACRYPT '96, pp. 286--300.
Markus Jakobsson, ``Fractal Hash Sequence Representation
and Traversal,' Proceedings of International Symposium on
Information Theory, ISIT'02, also available: http://www.
rsasecurity.com/rsalabs/staff/bios/mjakobsson/full.html
Markus Jakobsson and Ari Juels,
``X-Cash: Executable Digital Cash,'
In Financial Cryptography - FC '98,
Lecture Notes in Computer Science, Vol. 1465, pp. 16--27,
Springer-Verlag, 1998.
Markus Jakobosson and Moti Yung,
``Revokable and Versatile Electronic Money,'
In 3rd ACM Conference on Computer and
Communications Security, pp. 76--87, 1996.
Neal Koblitz, ``Elliptic Curve Cryptosystems,' In
Mathematics of Computation, Vol. 48, pp. 203--209, 1987.
Dennis K"{ugler and Holger Vogt,
``Auditable Tracing with Unconditional Anonymity,'
In Proceedings of the 2nd International Workshop
on Information Security Application - WISA 2001,
pp. 108--120, Seoul, Korea, 2001.
Dennis K"{ugler and Holger Vogt,
``Fair Tracing without Trustees,'
In Financial Cryptography - FC 2001,
Lecture Notes in Computer Science, Vol. 2339, pp. 136--148,
Springer-Verlag, 2002.
Dennis K"{ugler and Holger Vogt,
``Off-line Payments with Auditable Tracing,'
In Financial Cryptography - FC 2002.
Moses Liskov and Silvio Micali,
``Amortized E-Cash,'
In Financial Cryptography - FC 2001,
Lecture Notes in Computer Science, Vol. 2339, pp. 1--20,
Springer-Verlag, 2002.
Victor S. Miller, ``Use of Elliptic Curve in Cryptography,'
In Advances in Cryptology - CRYPTO '85, Lecture Notes
in Computer Science, Vol. 218, pp. 417--426,
Springer-Verlag, 1986.
Greg Maitland and Colin Boyd,
``Fair Electronic Cash Based on a Group Signature Scheme,'
In Information and Communications Security - ICICS 2001,
Lecture Notes in Computer Science, Vol. 2229, pp. 461--465,
Springer-Verlag, 2001.
Yi Mu, Khanh Quoc Nguyen, and Vijay Varadharajan,
``A Fair Electronic Cash Scheme,'
In Topics in Electronic Commerce: Second
International Symposium - ISEC 2001, Lecture Notes in
Computer Science, Vol. 2040, pp. 20--32, Springer-Verlag, 2001.
Shingo Miyazaki and Kouichi Sakurai,
``A More Efficient Untraceable E-Cash System with Partially
Blind Signatures Based on the Discrete Logarithm Problem,'
In Financial Cryptography - FC '98,
Lecture Notes in Computer Science, Vol. 1465, pp. 296--307,
Springer-Verlag, 1998.
Randall K. Nichols, ``ICSA Guide to Cryptography,' Computing McGraw-Hill,
first edition, December, 1999.
Kaisa Nyberg and Rainer A. Rueppel, ``Message Recovery for
Signature Schemes Based on the Discrete Logarithms Problem,'
In Advances in Cryptology - EUROCRYPT '94, Lecture Notes in
Computer Science, Vol. 950, pp. 182--193, Springer-Verlag, 1995.
Tatsuaki Okamoto,
``Provably Secure and Practical Identification Schemes
and Corresponding Signature Schemes,' In Advances in
Cryptology - CRYPTO '92, Lecture Notes in Computer Science,
Vol. 740, pp. 31--53, Springer-Verlag, 1992.
Tatsuaki Okamoto,
``An Efficient Divisible Electronic Cash Scheme,'
In Advances in Cryptology - CRYPTO '95,
Lecture Notes in Computer Science, Vol. 963, pp. 438--451,
Springer-Verlag, 1995.
Tatsuaki Okamoto and Kazuo Ohta,
``Universal Electronic Cash,'
In Advances in Cryptology - CRYPTO '91,
Lecture Notes in Computer Science, Vol. 576, pp. 324--337,
Springer-Verlag, 1992.
Ronald L. Rivest and Adi Shamir, ``PayWord and MicroMint:
Two Simple Micropayment Schemes,' In CryptoBytes,
Pressed by RSA Laboratories, Vol. 2, No. 1, pp. 7--11, 1996.
Ronald, L. Rivest, Adi Shamir, and Len Adleman, ``A Method
for Obtaining Digital Signatures and Public Key
Cryptosystems,' Communications of the
ACM, February 1978.
Claus-Peter Schnorr, ``Efficient Signature Generation for
Smart Cards,' In Adcances in Cryptology -
CRYPTO '89, Lecture Notes in Computer Science,
Vol. 435, pp. 239--252, Springer-Verlag, 1990.
Sebastiaan von Solms and David Naccache, ``On Blind Signatures
and Perfect Crimes,' Computers and Security, Vol. 11, Issue
6, pp. 581--583, Oct. 1992.
Markus Stadler, Jean-Marc Piveteau, and Jan Camenisch,
``Fair Blind Signatures,' In Adcances in Cryptology -
EUROCRYPT '95, Lecture Notes in Computer Science, Vol. 921,
pp. 209--219, Springer-Verlag, 1995.
Shouhuai Xu and Moti Yung,
``Retrofitting Fairness on the Original RSA-Based E-Cash,'
In Financial Cryptography - FC 2003,
Lecture Notes in Computer Science, Vol. 2742, pp. 51--68,
Springer-Verlag, 2003
Sung-Ming Yen, Chi-Sung Laih, and Arjen K. Lenstra,
``Multi-exponentiation,' IEE Proceedings:
Computers and Digital Techniques, Vol. 141, No. 6,
pp. 325--326, Nov. 1994.

指導教授

顏嵩銘(Sung-Ming Yen)

審核日期

2004-6-28

推文