| 摘要: | 隨著電子商務的勢在必行,電子付費的研究在近年來蓬勃地發展。配合各種不同的消費環境,有數種不同的電子付費系統被提出。小額付費是電子付費系統中一個獨立的研究方向,適用於必須有效率地處理持續且單次額度相當小的交易場合,通常應用在以網際網路為基礎的服務或是數位內容的消費行為。由於在未來知識的掌握與傳遞影響生活甚鉅,因此小額付費的研究也日漸重要。 到目前為止,已經有相當多的小額電子付費系統被提出。在接下來的篇幅裡,我們介紹了一般小額付費系統的模型與角色,並深入討論小額付費系統需要具備哪些基本需求,以幫助我們了解小額付費系統設計的重點與企圖解決的問題。在第二章也同時介紹了三個利用不同的密碼工具為基礎的小額付費系統,以實際的例子說明小額付費系統的運作流程。最後我們進行這些著名的小額付費系統的比較並說明其性質與差異。 匿名性在電子付費系統中被廣為注意,但由於小額付費的系統限制,匿名性在小額付費的領域中較少被研究。因此,我們提出了一個根基於PayWord 的匿名小額電子付費系統。在匿名的情況下,消費者能夠由一個事先得到的憑證,利用智慧卡在一定的額度內進行消費,而不需要銀行的上線處理。這將能夠大量地減少系統運作時中央伺服器的負擔。除此之外,這個方法維持了 PayWord 的驗證方式,因此可以被套用在其他以 PayWord 為基礎而設計的小額付費系統中。我們同時也提出了這個系統與原始系統的效率比較,讀者可以輕易地觀察出這個系統依然滿足小額付費的高效率要求。 在研究小額付費的過程中,我們發現了一個以 PayWord 為基礎而設計的小額付費系統的一些缺點。這個系統針對了 PayWord chain 只能應用在單一商家的特性做改良。然而這個新的系統在效率和儲存空間的需求上遠較原始的系統為高,此外在消費者與商家之間會有濫用行為無法分辨的問題。在本論文中深入討論了這些現象及發生的原因,以提供未來設計同樣類型的系統時做為參考。 Going with the popularity of electronic commerce, the research of electronic payment system is widely developed in recent years. In order to adapt to different transaction environments, several kinds of electronic payment systems are therefore proposed. Micropayment is one of electronic payment systems and applied to the occasions of small value but frequent transactions, such as Internet-based service and commercial activities of digital contents. Due to knowledge exchanging becomes an important application in the future, the research of micropayment plays a critical role in electronic payment system. At present, many efficient micropayment systems have been proposed. In this thesis, we review required knowledge and some important systems of them. First, the model and participated parties of micropayment are introduced. Afterwards, the requirements of micropayment systems are discussed to help readers realize efficiency and security issues on designing a micropayment system. Three important micropayment systems based on different cryptography primitives are reviewed to illustrate technologies used in micropayment. In the last of this part, comparisons among these systems on three aspects are given. The result shows that anonymity is not presented in these important micropayment systems. In order to protect privacy, anonymity is extensively concerned by users in electronic payment systems. However, due to the high performance requirement, anonymity is usually ignored in micropayment. The shortcoming reduces user's acceptance. In this thesis, a PayWord-based anonymous micropayment is proposed. The proposed system employs a smart card to move signing capability rom the bank to users and decentralizes the overhead of the bank. A spending token is issued with a determined amount limit to control the capability; hence, users make transactions in an authorized credit without the involvement of the bank. The system retains the verification process of PayWord so that it can be applied to other PayWord-based system to provide anonymity. Eventually, a performance comparison is given to show the proposed system is still efficient even anonymity is provided. In the last part of this thesis, we give some remarks on a PayWord-based multiple shopping micropayment system. PayWord is a vendor-specific payment system, therefore users have to maintain tuples of particular data of chains corresponding to distinct vendors. The multiple shopping system leads a user shopping at several vendors by paying a common hash chain. However, the system has heavier cost than original PayWord both in computation and in storage. Besides, a dispute will happen if either users or vendors misuse the system. We discuss these drawbacks and its reasons in detail. |
