以作者查詢圖書館館藏 、以作者查詢臺灣博碩士 、以作者查詢全國書目 、勘誤回報 、線上人數:55 、訪客IP:3.145.196.150
姓名 林思遠(Sz-Yuan Lin) 查詢紙本館藏 畢業系所 資訊工程學系 論文名稱 小額電子付費系統之設計與密碼分析
(Design and Cryptanalysis of Micropayment Schemes)相關論文 檔案 [Endnote RIS 格式] [Bibtex 格式] [相關文章] [文章引用] [完整記錄] [館藏目錄] [檢視] [下載]
- 本電子論文使用權限為同意立即開放。
- 已達開放權限電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。
- 請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。
摘要(中) 隨著電子商務的勢在必行,電子付費的研究在近年來蓬勃地發展。配合各種不同的消費環境,有數種不同的電子付費系統被提出。小額付費是電子付費系統中一個獨立的研究方向,適用於必須有效率地處理持續且單次額度相當小的交易場合,通常應用在以網際網路為基礎的服務或是數位內容的消費行為。由於在未來知識的掌握與傳遞影響生活甚鉅,因此小額付費的研究也日漸重要。
到目前為止,已經有相當多的小額電子付費系統被提出。在接下來的篇幅裡,我們介紹了一般小額付費系統的模型與角色,並深入討論小額付費系統需要具備哪些基本需求,以幫助我們了解小額付費系統設計的重點與企圖解決的問題。在第二章也同時介紹了三個利用不同的密碼工具為基礎的小額付費系統,以實際的例子說明小額付費系統的運作流程。最後我們進行這些著名的小額付費系統的比較並說明其性質與差異。
匿名性在電子付費系統中被廣為注意,但由於小額付費的系統限制,匿名性在小額付費的領域中較少被研究。因此,我們提出了一個根基於PayWord 的匿名小額電子付費系統。在匿名的情況下,消費者能夠由一個事先得到的憑證,利用智慧卡在一定的額度內進行消費,而不需要銀行的上線處理。這將能夠大量地減少系統運作時中央伺服器的負擔。除此之外,這個方法維持了 PayWord 的驗證方式,因此可以被套用在其他以 PayWord 為基礎而設計的小額付費系統中。我們同時也提出了這個系統與原始系統的效率比較,讀者可以輕易地觀察出這個系統依然滿足小額付費的高效率要求。
在研究小額付費的過程中,我們發現了一個以 PayWord 為基礎而設計的小額付費系統的一些缺點。這個系統針對了 PayWord chain 只能應用在單一商家的特性做改良。然而這個新的系統在效率和儲存空間的需求上遠較原始的系統為高,此外在消費者與商家之間會有濫用行為無法分辨的問題。在本論文中深入討論了這些現象及發生的原因,以提供未來設計同樣類型的系統時做為參考。摘要(英) Going with the popularity of electronic commerce, the research of electronic payment system is widely developed in recent years. In order to adapt to different transaction environments, several kinds of electronic payment systems are therefore proposed. Micropayment is one of electronic payment systems and applied to the occasions of small value but frequent transactions, such as Internet-based service and commercial activities of digital contents. Due to knowledge exchanging becomes an important application in the future, the research of micropayment plays a critical role in electronic payment system.
At present, many efficient micropayment systems have been proposed. In this thesis, we review required knowledge and some important systems of them. First, the model and participated parties of micropayment are introduced. Afterwards, the requirements of micropayment systems are discussed to help readers realize efficiency and security issues on designing a micropayment system. Three important micropayment systems based on different cryptography primitives are reviewed to illustrate technologies used in micropayment. In the last of this part, comparisons among these systems on three aspects are given. The result shows that anonymity is not presented in these important micropayment systems.
In order to protect privacy, anonymity is extensively concerned by users in electronic payment systems. However, due to the high performance requirement, anonymity is usually ignored in micropayment. The shortcoming reduces user’’s acceptance. In this thesis, a PayWord-based anonymous micropayment is proposed. The proposed system employs a smart card to move signing capability rom the bank to users and decentralizes the overhead of the bank. A spending token is issued with a determined amount limit to control the capability; hence, users make transactions in an authorized credit without the involvement of the bank. The system retains the verification process of PayWord so that it can be applied to other PayWord-based system to provide anonymity. Eventually, a performance comparison is given to show the proposed system is still efficient even anonymity is provided.
In the last part of this thesis, we give some remarks on a PayWord-based multiple shopping micropayment system. PayWord is a vendor-specific payment system, therefore users have to maintain tuples of particular data of chains corresponding to distinct vendors. The multiple shopping system leads a user shopping at several vendors by paying a common hash chain. However, the system has heavier cost than original PayWord both in computation and in storage. Besides, a dispute will happen if either users or vendors misuse the system. We discuss these drawbacks and its reasons in detail.關鍵字(中) ★ 智慧卡
★ 匿名性
★ 電子付費
★ 小額付費關鍵字(英) ★ anonymity
★ micropayment
★ electronic payment
★ smart card論文目次 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1. 1 Introduction to Electronic Payment System . . . . . . . . . . . . . . . . . 1
1. 2 Overview of Micropayment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1. 3 Organization of This Thesis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2 Review of Micropayment Systems . . . . . . . . . . . . . . . . . . . . . . . . . 6
2. 1 Model of Micropayment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2. 2 Requirements of Micropayment System . . . . . . . . . . . . . . . . . . . 7
2. 3 Review of PayWord . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2. 3. 1 The PayWord model and hash chain . . . . . . . . . . . . . . . . . . . . 8
2. 3. 2 The PayWord protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2. 4 Review of SVP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2. 4. 1 The SVP model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2. 4. 2 The SVP protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2. 5 Review of Millicent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2. 5. 1 The Millicent model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2. 5. 2 The structureof scrips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2. 5. 3 The Millicent protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2. 6 Comparisons on Different Micropayment Scheme . . . . . . . . . . . 16
3 An Anonymous Micropayment Scheme with Smart Card . . . . . . . . 19
3. 1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3. 2 Previous Related Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3. 2. 1 Review of Blind Signature . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3. 2. 2 Possible solution of incorporating anonymity into PayWord . . 21
3. 3 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
3. 3. 1 Basic idea of the proposed scheme . . . . . . . . . . . . . . . . . . . . . 22
3. 3. 2 Overview of the system components . . . . . . . . . . . . . . . . . . . . 23
3. 3. 3 Cryptographic primitives and notations . . . . . . . . . . . . . . . . . . 24
3. 3. 4 The basic version protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
3. 3. 5 The full version protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3. 4 Comparisons and Discussions . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
3. 4. 1 Security analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
3. 4. 2 Performance analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3. 4. 3 Extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
3. 5 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
4 Remarks on PayWord-based Multiple Shopping Scheme . . . . . . . . 35
4. 1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
4. 2 Review of PayWord-based Multiple Shopping Scheme . . . . . . . . 35
4. 2. 1 Notations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
4. 2. 2 Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
4. 3 Remarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
5 Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
5. 1 Brief Review of Main Contributions . . . . . . . . . . . . . . . . . . . . . . . 41
5. 2 Further Research Topics and Directions . . . . . . . . . . . . . . . . . . . . 42參考文獻 [1] MasterCard and VISA Corporations, Secure Electronic Trasaction (SET) pecification -- Book 1: Business Description, June 1996.
[2] MasterCard and VISA Corporations, Secure Electronic Trasaction (SET) Specification -- Book 2: Programmer's Guide, June 1996.
[3] MasterCard and VISA Corporations, Secure Electronic Trasaction (SET) Specification -- Book 3: Formal Protocol Definition, June 1996.
[4] M. Bellare, J. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steinter, G. Tsudik, and M. Waidner, "iKP - A Family of Secure Electronic Payment Protocols," Proc. of 1st USENIX workshop on Electronic Commerce, pp. 89--106, 1995.
[5] MasterCard, Secure Electronic Payment Protocol, October 1995.
[6] A. Shamir, "SecureClick: A Web Payment System with Disposable Credit Card Number," Proc. of Financial Cryptography 2001, Lecture Notes in Computer Science, Vol. 2339, pp. 232--242, 2002.
[7] M. Sirbu, and J. D. Tyger, "NetBill: An Electronic Commerce System Optimized for Network Delivered Information and Services," Proc. of IEEE Compcon '95, pp. 20--25, 1995.
[8] B. Cox, J. D. Tygar, and M. Sirbu, "Netbill Security and Transaction Protocol," Proc. of 1st USENIX workshop on Electronic Commerce, pp. 77--88, 1995.
[9] B. C. Neuman and G. Medvinsky, "NetCheque, NetCash, and the Characteristics of Internet Payment Services," Proc. of MIT Workshop on Internet Economics 1995, 1995.
[10] D. Chaum, "Blind Signatures for Untraceable Payments," Advances in Cryptology -- CRYPTO '82, pp. 199--203, Plenum Press, 1983.
[11] D. Chaum, A. Fiat, and M. Naor, "Untraceable Electronic Cash," Advances in Cryptology -- CRYPTO '88, Lecture Notes in Computer Science, Vol. 403, pp. 21--25, Springer-Verlag, 1990.
[12] S. Brands, "Untraceable Off-line Cash in Wallet with Observers," Advances in Cryptology -- CRYPTO '93, Lecture Notes in Computer Science, Vol. 773, pp. 302--138, Springer-Verlag, 1993.
[13] A. Chan, Y. Frankel, and Y. Tsiounis, "Easy Come - Easy Go Divisible Cash," Advances in Cryptology -- EUROCRYPT '98, Lecture Notes in Computer Science, Vol. 1403, pp. 561--575, Springer-Verlag, 1998.
[14] M. Jakobosson and M. Yung, "Revokable and Versatile Electronic Money," Proc. of the 3rd ACM Conference on Computer and Communications Security, pp. 76--87, ACM Press, 1996.
[15] R. Sai Anand and C.E. Veni Madhavan, "An Online, Transferable E-Cash Payment System," Progress in Cryptology -- INDOCRYPT 2000, Lecture Notes in Computer Science, Vol. 1977, pp. 93--103, Springer-Verlag, 2000.
[16] Y. Mu, K. Quoc Nguyen, and V. Varadharajan, "A Fair Electronic Cash Scheme," Topics in Electronic Commerce: Second International Symposium - ISEC 2001, Lecture Notes in Computer Science, Vol. 2040, pp. 20--32, Springer-Verlag, 2001.
[17] Y. Frankel, Y. Tsiounis, and M. Yung, "Indirect Discourse Proofs: Achieving Efficient Fair Off-Line E-Cash System," Advances in Cryptology - ASIACRYPT '96, Lecture Notes in Computer Science, Vol. 1163, pp. 286--300, Springer-Verlag, 1996.
[18] N. B. Salem, L. Buttyan, J. P. Hubaux, and M. Jakobsson, "A Charging and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular Networks," Proc. of MobiHoc'03, pp. 13--24, ACM Press, 2003.
[19] M. Jakobsson, J. P. Hubaux, and L. Buttyan, "A Micro-Payment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks," Proc. of Financial Cryptography 2003, Lecture Notes in Computer Science, Vol. 2742, pp. 15--33, Springer-Verlag, 2003.
[20] D. O'Mahony, M. Peirce, and H. Tewari, "Multiparty Micropayments for Ad Hoc Networks," Electronic Payment Systems for E-Commerce, 2nd Edition, Artech House Publishers, Boston/London, 2001.
[21] R. L. Rivest and A. Shamir, "PayWord and MicroMint: Two simple micropayment schemes," Proc. of Security Protocols Workshop, Lecture Notes in Computer Science, Vol. 1189, pp. 69--87, Springer-Verlag, 1997.
[22] M. Lee, and K. Kim, "A Micro-payment System for Multiple-Shopping," Proc. of Symposium on Cryptography and Information Security 2002, Vol 1/2, pp. 229--234, 2002.
[23] G. Yuval, "How to Swindle Rabin," Cryptologia}, Vol. 3, No. 3, pp. 187--190, 1979.
[24] J. Stern, S. Vaudenay, "SVP: a Flexible Micropayment Scheme," Proc. of Financial Cryptography '97, Lecture Notes in Computer Science, Vol. 1318, pp. 161--172, Springer-Verlag, 1997.
[25] M. S. Manasse, "The Millicient Protocols for Electronic Commerce," Proc. of 1st USENIX workshop on Electronic Commerce, pp. 117--123, 1995.
[26] S. Glassman, M. S. Manasse, M. Abadi, P. Gauthier, and P. Sobalvarro, "The Millicent Protocol for Inexpensive Electronic Commerce," Proc. of 4th International World Wide Web Conference, pp. 603--618, O'Reilly, 1995.
[27] P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis," Advances in Cryptology - CRYPTO 1999, Lecture Notes in Computer Science, Vol. 1666, pp. 388--397, Springer-Verlag, 1999.
[28] D. Chaum, "Security Without Identification: Transaction System to Make Big Brother Obsolete," Communications of the ACM, Vol. 28, pp. 1030--1044, 1985.
[29] "The Digital Signature Standard Proposed by NIST," Communications of the ACM, Vol. 35, No. 7, pp. 36--40, 1992.
[30] K. Nyberg, and R. Rueppel, "A New Signature Scheme Based on the DSA Giving Message Recovery," Proc. of the 1st ACM Conference on Computer and ommunications Security, pp. 58--61, 1993.
[31] J. Camenisch, J. M. Piveteau, and M. Staler, "Blind Signatures based on the discrete Logarithm Problem," Advances in Cryptology -- EUROCRYPT '94, Lecture Notes in Computer Science, Vol. 1146, pp. 428--432, Springer-Verlag, 1995.
[32] "Data Encryption Standard," Federal Information Processing Standards Publication 46-3, October 1999.
[33] NIST, "FIPS-197: Advanced Encryption Standard," Federal Information Processing Standard, FIPS-197, November 2001.
[34] "Secure Hash Standard," Federal Information Processing Standards Publication 180, May 1993.
[35] R. L. Rivest, "The MD5 Message-digest Algorithm," Internet Request for Comments, April 1992, RFC 1321.
[36] C.P. Schnorr, "Efficient Identification and Signature for Smart Cards," Advances in Cryptology -- CRYPTO '89, Lecture Notes in Computer Science, Vol. 435, pp. 339--351, Springer-Verlag, 1990.
[37] Y. Mu, V. Varadharajan, and Y. Lin, "New Micropayment Schemes Based on PayWords," Proc. of the 2nd Australasian Conference on Information Security and Privacy -- ACISP '97, Lecture Notes in Computer Science, Vol. 1270, pp. 283--293, Springer-Verlag, 1997.
[38] R. L. Rivest, "Electronic Lottery Tickets as Micropayments," Proc. of Financial Cryptography '97, Lecture Notes in Computer Science, Vol. 1318, pp. 307--314, Springer-Verlag, 1997.指導教授 顏嵩銘(Sung-Ming Yen) 審核日期 2004-6-24 推文 facebook plurk twitter funp google live udn HD myshare reddit netvibes friend youpush delicious baidu 網路書籤 Google bookmarks del.icio.us hemidemi myshare