 |
|
|
|
以作者查詢圖書館館藏 、以作者查詢臺灣博碩士 、以作者查詢全國書目 、勘誤回報 、線上人數:35 、訪客IP:3.142.172.190
姓名 李柏漢(Po-Han Lee) 查詢紙本館藏 畢業系所 資訊工程學系 論文名稱 適用P2P環境之小額付費系統研究
(The Research of Small Payment Schemes in Peer-to-peer Environment)相關論文 檔案 [Endnote RIS 格式]
[相關文章]
[文章引用]
[完整記錄]
[館藏目錄]
[檢視]
- 本電子論文使用權限為同意立即開放。
- 已達開放權限電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。
- 請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。
摘要(中) 近年來P2P應用越來越廣泛,其中又以檔案分享(File Sharing)的應用最廣為人知。在檔案分享的應用中,使用者會在網路上分享他們的資源。不過事實上,使用者為了能夠讓他們自己的利益最大化,他們會拒絕貢獻自己的資源給他人,因為貢獻資源對那些使用者沒有益處。而這種不願貢獻,只會索取他人資源的行為,稱之為「Free Riding」。目前研究者已經提出一些付費的機制,利用付費系統去鼓勵使用者貢獻他們自己的資源,例如使用PPay以及OFPPay付費系統。
PPay以及OFPPay系統提供了適用於P2P環境的付費協定,並且宣稱他們的系統是安全而且金錢是可進行高效率傳遞。我們發現了OFPPay的系統缺失,除此之外,我們還針對PPay系統提出攻擊方法。為了彌補OFPPay與PPay系統的問題,我們也分別為OFPPay以及PPay提出相對應的防禦法。而且,於我們修改過的PPay以及OFPPay中,仲裁者(Broker)以及使用者的運算負擔與原始的PPay以及OFPPay相似。
現今,可傳遞金錢的付費系統皆缺乏了使用彈性,而且在實務上,電子金錢的面額可能不等價於購買物品的價格。因此當顧客在與商家購買物品時,商家有時需要找零,不過這個找零的機制很難有效率地被實作出來。因此本論文提出了一項可分割金錢的系統,該系統並且具有高使用彈性。除此之外,系統中的金錢也可進行高效率傳遞。
雖然PPay等系統能降低仲裁者的運算負擔,不過它的交易機制仍然倚賴線上的第三者。這會造成通訊上的負擔以及時間上的延遲,以至於交易成本可能大於購買物品的價值。所以本論文的後半段提出兩種Two-way SVP的離線交易系統。第一項系統採取傳統對稱式的金鑰架構並採用防竄改裝置來達到離線交易的目標,而且這個交易協定只採用的雜湊函式。第二項系統採取非對稱式金鑰架構,因此每個防竄改裝置都擁有不同的私密金鑰,所以當某金鑰被破解時,不會危害到整個交易系統的運作安全。
摘要(英) The peer-to-peer applications are widely used today. In particular, the filesharing
system is a popular application in P2P. The peers in file-sharing system share their resources in P2P overlay network. Actually, Peers will maximize their utility, but they refuse to contribute their resources, because they do not reap the benefits of their contribution. The behavior which a peer does not attempt to share his recourse and gets other’s only is termed “free-riding”. Researchers have proposed some schemes to encourage the peers to share their resources, such as PPay and OFPPay.
PPay and OFPPay provide payment protocols in P2P environment. They claim their protocols are secure and the coin is transferable. However, we find out a weakness of OFPPay and propose an attack on PPay. Then we provide two countermeasures to resist the attack and the weakness, respectively. In terms of broker’s and peers’ workload, our improved schemes are the same as PPay and OFPPay.
Nowadays, the transferable coin has lack of flexibility. In practice, the denomination of coin may not match the price of content, therefore, when a customer pays to a vendor, and the vendor sometimes needs to give change to the customer. It is hard to implement this concept. We propose transferable and divisible coins instead of change. The divisible coins are flexible, and they can be divided into several coins, and these coins are transferable.
PPay relies on online third parties. The communication cost is high and time latency is long. For these reasons, we propose two two-way SVP schemes. The first one is Symmetric-key Based Two-way SVP. It uses a tamper proof device to implement offline payment. And all of the employed security component are lightweight, such as hash and MAC. The other one is Asymmetric-key Based Two-way SVP. It is reliable since all of the devices hold different keys. The system will not crash when a stored key has been compromised.
關鍵字(中) ★ 點對點
★ 小額付費關鍵字(英) ★ peer-to-peer
★ small payment
★ micro payment
★ payment論文目次 1 Introduction 1
1.1 Motivation of the Research . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Our Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.3 Organization of the Thesis . . . . . . . . . . . . . . . . . . . . . . . . 3
2 Preliminary 6
2.1 The Peer-to-peer Environment . . . . . . . . . . . . . . . . . . . . . . 6
2.2 The Model of Peer-to-peer Payment Scheme . . . . . . . . . . . . . . 7
2.3 Requirements of Peer-to-peer Payment System . . . . . . . . . . . . . 9
3 Related Work 12
3.1 Review of Content Extraction Signature Scheme . . . . . . . . . . . . 12
3.1.1 Introduction to Content Extraction Signature Scheme . . . . . 12
3.1.2 Review of Steinfeld et al. CES . . . . . . . . . . . . . . . . . 12
3.2 Review of PPay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.2.1 Introduction to PPay . . . . . . . . . . . . . . . . . . . . . . . 13
3.2.2 PPay Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.2.3 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.3 Review of OFPPay . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.3.1 Introduction to OFPPay . . . . . . . . . . . . . . . . . . . . . 15
3.3.2 OFPPay Protocol . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.3.3 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . 16
4 Cryptanalysis on PPay and OFPPay 18
4.1 Replay Attack on PPay . . . . . . . . . . . . . . . . . . . . . . . . . . 18
4.2 Weakness of OFPPay . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
5 The Proposed Divisible Coin for Peer-to-peer Payment 23
5.1 Parameter Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.2 Protocol of DPPay . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.3 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
5.4 Performance Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
6 The Proposed Two-way SVP Scheme 31
6.1 Review of SVP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
6.1.1 Description of SVP . . . . . . . . . . . . . . . . . . . . . . . . 32
6.1.2 Remarks on SVP . . . . . . . . . . . . . . . . . . . . . . . . . 34
6.2 The Proposed Symmetric-key Based Two-way SVP . . . . . . . . . . 35
6.2.1 Protocol of Symmetric-key Based Two-way SVP . . . . . . . . 36
6.2.2 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . 39
6.2.3 Performance Analysis . . . . . . . . . . . . . . . . . . . . . . . 40
6.3 The Proposed Asymmetric-key Based Two-way SVP . . . . . . . . . 41
6.3.1 Protocol of Asymmetric-key Based Two-way SVP . . . . . . . 42
6.3.2 Transaction Record Checking Mechanism . . . . . . . . . . . . 44
6.3.3 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . 45
6.3.4 Performance Analysis . . . . . . . . . . . . . . . . . . . . . . . 46
7 Conclusions 48
7.1 Brief Review of Main Contributions . . . . . . . . . . . . . . . . . . . 48
7.2 Future Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
參考文獻 [1] B. Yang and H. Garcia-Molina, “PPay: Micropayments for Peer-to-peer Systems,” Proc. of 10th ACM Conference on Computer and Communications Security, pp. 300–310, 2003.
[2] B. Cox, J.D. Tygar and M. Sirbu, “NetBill Security and Transaction Protocol,” Proc. of the First USENIX Workshop on Electronic commerce, pp. 77–88, 1995.
[3] C. P. Schnorr, “Efficient Identification and Signatures for Smart Cards,” EUROCRYPT 1989, LNCS 434, pp. 688-689, 1990.
[4] E. Adar and B.A. Huberman, “Free Riding on Gnutella,” First Monday, vol. 5, no. 10, pp. 2–13, 2000.
[5] B. Horne, B. Pinkas and T. Sander, “Escrow Services and Incentives in P2P Networks,” Proc. of the 3rd ACM Conference on Electronic Commerce, pp. 85-94, 2001.
[6] K. Wei, AJ Smith, Y.F.R. Chen and B. Vo, “Whopay: A Scalable and Anonymous Payment System for Peer-to-peer Environments,” Proc. of 26th IEEE International Conference on Distributed Computing Systems, pp. 13–13, 2006.
[7] K. Chaudhary and X. Dai, “P2P-NetPay: An Off-line Micropayment System for Content Sharing in P2P-Networks,” Journal of Emerging Technologies in Web Intelligence, vol. 1, no. 1, pp. 46–54, 2009.
[8] J. Stern and S. Vaudenay, “SVP: A Flexible Micropayment Scheme,” Proc. of Financial Cryptography Conference, FC ’97, LNCS 1318, pp. 161 - 171, Springer-Verlag, 1997.
[9] L. Bull, D. Squire and Y. Zheng, “A Hierarchical Extraction Policy for Content Extraction Signatures,” International Journal on Digital Libraries, Special issue
on Security, 2004, vol. 4, no. 3, pp. 208–222, Springer-Verlag, 2004.
[10] M. Feldman and J. Chuang, “Overcoming Free-riding Behavior in Peer-to-peer Systems,” ACM SIGecom Exchanges, vol. 5, no. 4, pp. 41–50, 2005.
[11] M. Manasse, “The Millicent Protocols for Electronic Commerc,” Proc. of 1st USENIX Workshop on Electronic Commerce, New York, July 11-12, 1995.
[12] P. Daras, D. Palaka, V. Giagourta, D. Bechtsis, K. Petridis and M.G. Strintzis,“A Novel Peer-to-peer Payment Protocol,”International Journal of Network Security, vol. 4, no. 1, pp. 107–120, 2007.
[13] P. Golle, K. Leyton-Brown, I. Mironov and M. Lillibridge , “Incentives for Sharing in Peer-to-peer Networks,” Electronic Commerce, LNCS 2232, pp. 75–87, Springer, 2001.
[14] R. Steinmetz and K. Wehrle (eds), “Peer-to-peer Systems and Applications,” LCIS 3485,Spring-Verlag, 2005.
[15] R. Rivest and A. Shamir, “PayWord and MicroMint: Two Simple Micropayment Schemes,” Security Protocols, LNCS 1189, pp. 69–87, Springer, 1996.
[16] R. Steinfeld, L. Bull and Y. Zheng, “Content Extraction Signatures,” Information Security and CryptologyXICISC 2001, LNCS 2288, pp. 285–304, Springer, 2002.
[17] S. Glassman, M. Manasse, M. Abadi, P. Gauthier and P. Sobalvarro, “The Millicent Protocol for Inexpensive Electronic Commerce,” Proc. of 4th Int. World Wide Web Conference, Boston, MA, pp. 603–618, 1995.
[18] S. Micali and R.L. Rivest, “Micropayments Revisited,” Proc. of Cryptographer's Track at the RSA Conference, CT-RSA 2002, LNCS 2271, pp. 149–163, Springer-Verlag, 2002.
[19] S. Androutsellis-theotokis and D. Spinellis, “A Survey of Peer-to-peer Content Distribution Technologies”, ACM Computing Surveys, vol. 36, pp. 335–371, 2004.
[20] S.M. Yen, H.C. Lin, Y.C. Chen, J.J. Hung and J.M. Wu, “PAYSTAR: A Denomination Flexible Micropayment Scheme,” WEBIST (2) 2008, pp. 387-393, 2008.
[21] T. Elgamal, “A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,” IEEE Transactions on Information Theory, vol. 31, no.4, pp. 469-472, 1985.
[22] Y. Liu, J. Fu and H. Zhang, “An Optimistic Fair Protocol for P2P Chained Transaction,” Advances in Computer Science{ASIAN 2005, LNCS 3818, pp.135–145, Springer, 2005.
[23] Y. Liu, “ Optimistic Fair Peer-to-peer Payment System,” Proc. of IEEE International Conference on Management Science and Engineering 2007, ICMSE 2007, pp. 228-233, 2007.
[24] Z. Jia ,S. Tiange ,H. Liansheng and D. Yiqi , “A New Micro-payment Protocol Based on P2P Networks,” Proc. of the IEEE International Conference on eBusiness Engineering, pp. 445, 2005.
[25] Bittorrent available at http://www.bittorrent.com/
[26] Easy Card available at http://www.easycard.com.tw/
[27] ebay website available at http://www.ebay.com/
[28] Felica website available at http://www.sony.net/Products/felica/
[29] Mifare website available at http://mifare.net/
[30] Napster website available at http://www.napster.com/
[31] Soulseek website available at http://www.slsknet.org/
[32] Yahoo auction website available at http://shopping.yahoo.com/
[33] Gnutella forum http://www.gnutellaforums.com/
[34] KaZaA website http://www.kazaa.com/
[35] Skype website http://www.skb ype.com/
指導教授 顏嵩銘(Sung-Ming Yen) 審核日期 2010-11-16 推文 plurk
funp
live
udn
HD
myshare
netvibes
friend
youpush
delicious
baidu
網路書籤 Google bookmarks
del.icio.us
hemidemi
facebook
twitter
google
reddit