公平電子現金系統之研究

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：24

、訪客IP：3.142.200.102

姓名

陳文勝(Wen-Sheng Chen) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

公平電子現金系統之研究
(The Research of Fair Electronic Cash Systems)

相關論文

★ 多種數位代理簽章之設計	★ 小額電子支付系統之研究
★ 實體密碼攻擊法之研究	★ 商業性金鑰恢復與金鑰託管機制之研究
★ AES資料加密標準之實體密碼分析研究	★ 電子競標系統之研究
★ 針對堆疊滿溢攻擊之動態程式區段保護機制	★ 通用型數域篩選因數分解法之參數探討
★ 於8051單晶片上實作可防禦DPA攻擊之AES加密器	★ 以非確定式軟體與遮罩分割對策防禦能量攻擊之研究
★ 遮罩保護機制防禦差分能量攻擊之研究	★ AES資料加密標準之能量密碼分析研究
★ 小額電子付費系統之設計與密碼分析	★ RSA公開金鑰系統之實體密碼分析研究
★ 保護行動代理人所收集資料之研究	★ 選擇密文攻擊法之研究與實作

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

近年來，由於網路的大量使用，創造了無限商機。因此，有許多傳統的交易方式漸漸朝向電子化轉型，這樣的變化便利了人們的生活。所以電子現金系統變得越來越受人注意。
雖然匿名的電子現金系統可以保障顧客的匿名性，然而這種特性卻有可能被惡意的顧客所濫用。因此，可以對付費做追蹤的這種機制不管對政府或是銀行都是很需要的。然而，那些可以匿名測銷的電子現金系統卻非常沒有效率，所以如何建構出一個有效率的可匿名撤銷的電子現金系統變成是一個很重要的目標。
為了能有效率地將顧客的身份與電子現金綁在一起，我們改進部份盲簽章而提出一個新的盲簽章。而且，我們還利用新的盲簽章建構出具有匿名撤銷及偵測雙重付費兩種防禦機制的一個電子現金系統。除此之外，我們使用批次技術的概念，使得顧客可以在一次提款中提領很多電子現金，而且商家和銀行也可以對這些電子現金只做一次的驗證動作。這樣的設計大大地分攤了在提領現電子現金時所需的計算成本。
此外，Moses Liskov和Silvio Micali使用了Markle hash tree的架構使顧客可以一次向銀行提領很多電子現金，雖然這樣的設計分攤了顧客產生電子現金時的計算成本，但卻增加了在每一次交易所需花費的計算成本。而且，在這個系統中如果顧客不誠實的輸入他的身份，將會迫使偵測雙重付費的機制失效。為了改善這個問題，我們提出一個新的電子現金系統。因為TTP的牽涉和批次技術的取代，使得改進後的系統不但額外提供追蹤機制去防範犯罪，而且還降低了在每次交易時顧客所需花費的計算成本。除此之外，由於改進後的系統不需要使用零知識證明，這大大減低了通訊成本及計算成本。因此，改進後的系統是比原來的系統來得更有效率。

摘要(英)

In recent years, due to the tremendous development of the Internet, a great deal of business opportunities are created. Therefore, many traditional business transactions are approached in an electronic form so that this is convenient for people. For this reason, electronic cash systems become more and more interesting.
Although the property of anonymity can protect customers’’ privacy, this property may be misused by malicious customers. Therefore, tracing of payments is a desired property for governments and banks. However, those anonymous electronic cash systems with anonymity revocation must pay a great sacrifice in efficiency. As a result, two efficient revocable anonymity electronic cash systems are proposed in this thesis.
In order to correctly embed customers’’ identity into the electronic coin in an efficient manner, we propose a new blind signature improving partially blind signature. Furthermore, we utilize this blind signature to construct an anonymous electronic cash system which provides two protection mechanisms to resist double spending, blackmailing, and money laundering: double-sending detection and tracing. Moreover, due to the involvement of registration protocol, the employment of zero-knowledge proofs is extremely reduced. In addition, we take advantage of the concern of batch cryptography to enable the customer to withdraw many coins once with the bank during a single withdrawal, and enable the merchant and the bank to validate these coins once. This amortizes computation cost through many coins.
Additionally, Liskov-Micali scheme uses the structure of Merkle hash tree to enable customers withdraw many coins once. Although
this amortizes computation cost, it increases customers’’ computation cost during each payment. Moreover, if customers dishonestly embed identity in Liskov-Micali scheme, double-spending detection becomes abnormal. Therefore, we propose an improved electronic cash system improving Liskov-Micali scheme. Due to the involvement of TTP and the replacement of batch cryptography, the improved system not only additionally provides tracing capability but also decreases customers’’ computation cost during each payment. In addition, because the employment of zero-knowledge proofs is not necessary in the improved system, this reduces computation and communication costs. Therefore, the improved system is more efficient than Liskov-Micali scheme.

關鍵字(中)

★ 電子現金
★ 公平

關鍵字(英)

★ electronic cash
★ fair

論文目次

1 Introduction 1
1.1 Motivation............................................................1
1.2 Overview of the Thesis................................................2
2 Review of Previous Works 5
2.1 The Model.............................................................5
2.2 Requirements of Electronic Cash System................................6
2.3 Proofs of Knowledge of Discrete Logarithms............................8
2.4 Review of Brands's Scheme.............................................9
2.4.1 Preliminaries..................................................9
2.4.2 The Brands's Protocol.........................................10
2.5 Review of Davida's Scheme............................................13
2.5.1 Preliminaries.................................................13
2.5.2 The Davida's Protocol.........................................13
2.6 Review of Miyazaki's Scheme..........................................17
2.6.1 Preliminaries.................................................18
2.6.2 The Miyazaki's Protocol.......................................18
2.7 Review of Camenisch's Scheme.........................................21
2.7.1 Preliminaries.................................................22
2.7.2 Camenisch's Protocol..........................................22
2.8 Comparisons of Different E-Cash Systems..............................26
3 An Efficient E-Cash System with Anonymity Revocation 29
3.1 Motivation...........................................................29
3.2 Previous Related Work................................................30
3.3 The Proposed Scheme..................................................31
3.3.1 The new blind signature.......................................31
3.3.2 Overview of the model.........................................33
3.3.3 The proposed protocol.........................................34
3.4 Discussion and Comparisons...........................................38
3.4.1 Security issues...............................................38
3.4.2 Efficiency analysis...........................................39
3.5 Summary..............................................................40
4 An Improved Revocable Anonymity E-Cash System 43
4.1 Motivation...........................................................43
4.2 Review of Liskov-Micali Scheme.......................................44
4.2.1 The Liskov-Micali protocol....................................45
4.2.2 Remarks.......................................................47
4.3 Improvement of Liskov-Micali Scheme..................................47
4.3.1 Preliminaries.................................................48
4.3.2 The proposed protocol.........................................48
4.4 Discussions and Comparisons..........................................51
4.4.1 Security issues...............................................51
4.4.2 Efficiency analysis...........................................52
4.5 Summary..............................................................53
5 Conclusions 55
5.1 Brief Review of Main Contributions...................................55
5.2 Further Research Topics and Directions...............................56

參考文獻

[1] NIST, ``FIPS-197: Advanced Encryption Standard,' Federal Information Processing Standard, FIPS-197, 2001.
[2] Dennis Abrazhevich, ``Classification and Characteristics of Electronic Payment Systems,' Electronic Commerce and Web Technologies - EC Web 2001, Lecture Notes in Computer Science, Vol. 2115, pp. 81--90, Springer-Verlag, 2001.
[3] Masayuki Abe and Jan Camenisch, ``Partially Blind Signature Schemes,' Proc. of the 1997 Symposium on Cryptography and Information Security, SCIS97-33D, 1997.
[4] Masayuki Abe and Eiichiro Fujisaki, ``How to Date Blind Signatures,' Advances in Cryptology - ASIACRYPT '96, Lecture Notes in Computer Science, Vol. 1163, pp. 244--251, Springer-Verlag, 1996.
[5] N. Asokan, Phil Janson, Michael Steiner, and Michael Waidner, ``State of the Art in Electronic Payment Systems,' IEEE Computer, Vol. 30, No. 9, pp. 28--35, 1997.
[6] R. Sai Anand and C.E. Veni Madhavan, ``An Online, Transferable E-Cash Payment System,' Progress in Cryptology - INDOCRYPT 2000, Lecture Notes in Computer Science, Vol. 1977, pp. 93--103, Springer-Verlag, 2000.
[7] Masayuki Abe and Tatsuaki Okamoto, ``Provable Secure Partially Blind Signatures,' Advances in Cryptology - CRYPTO 2000, Lecture Notes in Computer Science, Vol. 1880, pp. 271--286, Springer-Verlag, 2000.
[8] Stefan Brands, ``Untraceable Off-Line Cash in Wallets with Observers,' Advances in Cryptology - CRYPTO '93, Lecture Notes in Computer Science, Vol. 773, pp. 302--318, Springer-Verlag, 1994.
[9] Stefan Brands, ``Restrictive Binding of Secret-Key Certificates,' Advances in Cryptology - EUROCRYPT '95, Lecture Notes in
Computer Science, Vol. 921, pp. 231--247, Springer-Verlag, 1995.
[10] Colin Boyd, Ernest Foo, and Chris Pavlovski, ``Efficient Electronic Cash Using Batch Signatures,' Information Security and Privacy - ACISP '99, Lecture Notes in Computer Science, Vol. 1587, pp. 244--257, Springer Verlag, 1999.
[11] Ernie Brickell, Peter Gemmell, and David Kravitz, ``Trustee-based Tracing Extensions to Anonymous Cash and the Making of Anonymous Change,' Proc. of the 6th Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 457--466, Jan 1995.
[12] David Chaum, ``Blind Signatures for Untraceable Payments,' Advances in Cryptology - CRYPTO '82, Lecture Notes in Computer Science, Vol. 1440, pp. 199--203, Springer-Verlag, 1998.
[13] David Chaum, ``Elections with Unconditionally-Secret Ballots and Disruption Equivalent to Breaking RSA,' Advances in
Cryptology - EUROCRYPT '88, Lecture Notes in Computer Science, Vol. 330, pp. 177--182, Springer-Verlag, 1988.
[14] David Chaum, Jan-Hendrik Erertse, and Jeroen van de Graaf, ``An Improved Protocol for Demonstrating Possession of Discrete Logarithms and Some Generalizations,' Advances in Cryptology - EUROCRYPT '87, Lecture Notes in Computer Science, Vol. 304, pp. 127--141, Springer-Verlag, 1988.
[15] David Chaum, Amos Fiat, and Moni Naor, ``Untraceable Electronic Cash,' Advances in Cryptology - CRYPTO '88, Lecture Notes
in Computer Science, Vol. 403, pp. 319--327, Springer-Verlag, 1990.
[16] Agnes Chan, Yair Frankel, and Yiannis Tsiounis, ``Easy Come - Easy Go Divisible Cash,' Advances in Cryptology - EUROCRYPT '98, Lecture Notes in Computer Science, Vol. 1403, pp. 561--575, Springer-Verlag, 1998.
[17] Ronald J.F. Cramer and Torben P. Pedersen, ``Improved Privacy in Wallets with Observers,' Advances in Cryptology - EUROCRYPT '93, Lecture Notes and Computer Science, Vol. 765, pp. 329--343, Springer-Verlag, 1994.
[18] Jan Camenisch, Jean-Marc Piveteau, and Markus Stadler, ``An Efficient Fair Payment System,' Proc. of the 3rd ACM Conference on Computer and Communications Security - ACM-CCS '96, pp. 88--94, 1996.
[19] ``Data Encryption Standard,' Federal Information Processing Standards Publication 46-3, October 25, 1999.
[20] George Davida, Yair Frankel, Yiannis Tsiounis, and Moti Yung, ``Anonymity Control in E-Cash Systems,' Financial Cryptography - FC '97, Lecture Notes in Computer Science, Vol. 1318, pp. 1--16, Springer-Verlag, 1997.
[21] Robert H. Deng, Yongfei Han, Albert B. Jeng, and Teow-Hin Ngair, ``A New On-Line Cash Check Scheme,' Proc. of the 4rd ACM Conference on Computer and Communications Security - ACM-CCS '97, pp. 111--116, 1997.
[22] Niels Ferguson, ``Single Term Off-Line Coins,' Advance in Cryptology - EUROCRYPT '93, Lecture Notes in Computer Science, Vol. 765, pp. 318--328 Springer-Verlag, 1993.
[23] Amos Fiat, ``Batch RSA,' Advance in Cryptology - CRYPTO '89, Lecture Notes in Computer Science, Vol. 435, pp. 175--185
Springer-Verlag, 1990.
[24] Eiichiro Fujisaki and Tatsuaki Okamoto, ``Practical Escrow Cash Syatem,' Security Protocols, Lecture Notes in Computer
Science, Vol. 1189, pp. 33--48, Springer-Verlag, 1997.
[25] Atsushi Fujioka, Tatsuaki Okamoto, and Kazuo Ohta, ``A Practical Secret Voting Scheme for Large Scale Elections,' Advances
in Cryptology - ASIACRYPT '92, Lecture Notes in Computer Science, Vol. 718, pp. 244--251, Springer-Verlag, 1993.
[26] Yair Frankel, Yiannis Tsiounis, and Moti Yung, ``Indirect Discourse Proofs: Achieving Efficient Fair Off-Line E-Cash System,' Advances in Cryptology - ASIACRYPT '96, Lecture Notes in Computer Science, Vol. 1163, pp. 286--300, Springer-Verlag, 1996.
[27] Taher El Gamal, ``A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,' Advances in Cryptology - CRYPTO '84, Lecture Notes in Computer Science, Vol. 196, pp. 10--18, Springer-Verlag, 1985.
[28] Oded Goldreich, Silvio Micali, and Avi Wigderson, ``Proofs That Yield Nothing but Their Validate or All Languages in NP Have Zero-Knowledge Proof Systems,' Journal of the ACM, Vol. 38, No. 3, pp. 690--728, 1991.
[29] Markus Jakobsson, ``Mini-Cash: A Minimalistic Approach to E-Commerce,' Public Key Cryptography - PKC '99, Lecture Notes in Computer Science, Vol. 1560, pp. 122--135, Springer-Verlag, 1999.
[30] Ik Rae Jeong and Dong Hoon Lee, ``Anonymity Control in Multi-bank E-Cash System,' Progress in Cryptology - INDOCRYPT 2000, Lecture Notes in Computer Science, Vol. 1977, pp. 104--116, Springer-Verlag, 2000.
[31] Markus Jakobsson and David M'Raihi, ``Mix-based Electronic Payments,' Selected Areas in Cryptography - SAC '98, Lecture Notes in Computer Science, Vol. 1556, pp. 157--173, Springer-Verlag, 1999.
[32] Markus Jakobosson and Moti Yung, ``Revokable and Versatile Electronic Money,' Proc. of the 3rd ACM Conference on Computer and Communications Security, pp. 76--87, 1996.
[33] Markus Jakobosson and Moti Yung, ``Applying Anti-Trust Policies to Increase Trust in a Versatile E-Money System,' Financial Cryptography - FC '97, Lecture Notes in Computer Science, Vol. 1318, pp. 217--238, Springer-Verlag, 1997.
[34] Moses Liskov and Silvio Micali, ``Amortized E-Cash,' Financial Cryptography - FC 2001, Lecture Notes in Computer Science, Vol. 2339, pp. 1--20, Springer-Verlag, 2002.
[35] R. Merkle, ``Protocols for Public Key Cryptosystems,' Proc. of the IEEE Symposium on Security and Privacy, pp. 122--134, 1980.
[36] Greg Maitland and Colin Boyd, ``Fair Electronic Cash Based on a Group Signature Scheme,' Information and Communications
Security - ICICS 2001, Lecture Notes in Computer Science, Vol. 2229, pp. 461--465, Springer-Verlag, 2001.
[37] Yi Mu, Khanh Quoc Nguyen, and Vijay Varadharajan, ``A Fair Electronic Cash Scheme,' Topics in Electronic Commerce: Second International Symposium - ISEC 2001, Lecture Notes in Computer Science, Vol. 2040, pp. 20--32, Springer-Verlag, 2001.
[38] Shingo Miyazaki and Kouichi Sakurai, ``A More Efficient Untraceable E-Cash System with Partially Blind Signatures Based on the Discrete Logarithm Problem,' Financial Cryptography - FC '98, Lecture Notes in Computer Science, Vol. 1465, pp. 296--308, Springer-Verlag, 1998.
[39] Toru Nakanishi, Nobuaki Haruna, and Yuji Sugiyama, ``Unlinkable Electronic Coupon Protocol with Anonymity Control,' Information Security - ISW '99, Lecture Notes in Computer Science, Vol. 1729, pp. 37--46, Springer-Verlag, 1999.
[40] Kaisa Nyberg and Rainer A. Rueppel, ``A New Signature Scheme Based on the DSA Giving message recovery,' Proc. of the 1st ACM Conference on Computer and Communications Security - ACM-CCS '93, pp. 58--61, 1993.
[41] Tatsuaki Okamoto, ``An Efficient Divisible Electronic Cash Scheme,' Advances in Cryptology - CRYPTO '95, Lecture Notes in Computer Science, Vol. 963, pp. 438--451, Springer-Verlag, 1995.
[42] Tatsuaki Okamoto and Kazuo Ohta, ``Universal Electronic Cash,' Advances in Cryptology - CRYPTO '91, Lecture Notes in
Computer Science, Vol. 576, pp. 324--337, Springer-Verlag, 1992.
[43] Weidong Qiu, Kefei Chen, and Dawu Gu, ``A New Offline Privacy Protecting E-cash System with Revokable Anonymity,' Information Security - ISC 2002, Lecture Notes in Computer Science, Vol. 2433, pp. 177--190, Springer-Verlag, 2002.
[44] Claus P. Schnorr, ``Efficient Identification and Signatures for Smart Cards,' Advances in Cryptology - CRYPTO '89, Lecture
Notes in Computer Science, Vol. 435, pp. 239--252, Springer-Verlag, 1990.
[45] Sebastiaan von Solms and David Naccache, ``On Blind Signatures and Perfect Crimes,' Computers and Security, Vol. 11, Issue 6,
pp. 581--583, Oct. 1992.
[46] Markus Stadler, Jean-Marc Piveteau, and Jan Camenisch, ``Fair Blind Signatures,' Advances in Cryptology - EUROCRYPT '95, Lecture Notes in Computer Science, Vol. 921, pp. 209-219, Springer-Verlag, 1995.
[47] Shouhuai Xu and Moti Yung, ``Retrofitting Fairness on the Original RSA-Based E-Cash,' Financial Cryptography - FC 2003, Lecture Notes in Computer Science, Vol. 2742, pp. 51--68, Springer-Verlag, 2003.
[48] Yacov Yacobi, ``Efficient Electronic Money,' Advances in Cryptology - ASIACRYPT '94, Lecture Notes in Computer Science, Vol. 917, pp. 153--163, Springer-Verlag, 1994.
[49] Yacov Yacobi, ``On the Continuum Between On-Line and Off-Line E-Cash System,' Financial Cryptography - FC '97, Lecture Notes in Computer Science, Vol. 1318, pp. 193--202, Springer-Verlag, 1997.
[50] Sung-Ming Yen, Chi-Sung Laih, and Arjen K. Lenstra, ``Multi-Exponentiation,' IEE Proceedings: Computers and Digital Techniques, Vol. 141, No. 6, pp. 325--326, 1994.

指導教授

顏嵩銘(Sung-Ming Yen)

審核日期

2004-6-24

推文