隨著網際網路之興起，帶動了電子商務(electronic commerce)的蓬勃發展，在市場交易體制下，電子付款機制(electronic payment mechanism)是電子商務系統中不可或缺的一部份。電子付款機制分為電子信用卡(electronic credit card)、電子支票(electronic check)以及電子貨幣(electronic money)等付款系統。但在資訊有價時代的來臨，網路上有許多需付費但金額較少的商品，如：一首歌曲、一份技術報告及一部短片等，因此需要一套適合小額付款(micropayment)的機制。在消費者重視隱私的今天，付款系統中唯有電子貨幣付款系統能滿足匿名性(anonymity)與擁有低交易成本等特點。綜觀過去文獻大多研究單一　銀行發行的電子貨幣，客戶僅能向該銀行的特約商店進行消費，因此使得電子貨幣使用範圍受到限制，故本論文提出一種電子小額付款　機制，使不同銀行發行的電子貨幣得以互運(interoperability)，客戶只需持有某一家銀行聯盟成員所發行的電子貨幣，即可使用於銀行聯盟中所有的特約商店。本論文所提出之方法具有以下特點：(1)採用　　雙線性群數對(bilinear pairing)之身分基底公開金鑰系統(identity-based public key system)；(2)電子貨幣具有互運性；(3)電子貨幣具有時限性(time-bound)；(4)滿足匿名性、不可偽造性(unforgeability)以及防止重複消費(double spending)等安全需求。

Along with prevalence of the Internet, it accelerates the development of the electronic commerce, which needs to deal with the payments during most of transactions. So it is important to develop the electronic payment mechanism in the electronic commerce. The electronic payment mechanism includes the electronic credit card payment system, electronic check payment system and the electronic money payment system. Today, the sale of low-priced goods over the Internet promotes micropayment and most customers emphasize on privacy. Only the electronic money payment system can satisfy anonymity and low cost of the transactions. There are a lot of researches on the electronic money schemes. However, most of them are based on a single bank, and the electronic money lacks transparency. As a result, this paper proposes a new electronic micropayment mechanism to guarantee interoperability of the electronic moneys issued by different banks. Customers are able to use the electronic money on every merchant of the bank alliance, as long as the issuing bank is one of the bank alliance. In conclusion, the scheme we proposed satisfies the following properties: 1.We adopt the identity-based public key system based on the bilinear pairing. 2.The electronic money has the property of interoperability. 3.The electronic money possesses time-bound property. 4.Our scheme achieves anonymity, unforgeability and prevents double spending.

[ASW97] N. Asokan, P. Janson, M. Steiner and M. Waidner, “State of the Art in Electronic Payment Systems,” IEEE Computer, Vol. 30, No.9, 1997, pp.28-35.
[BF01] D. Boneh and M. Franklin, “Identity-Based Encryption from the Weil Pairing,” Advances in Cryptology - Crypto 2001, Springer-Verlag, 2001, pp.213-229.
[BKLS02] Paulo S.L.M. Barreto, H.Y. Kim, B. Lynn and M. Scott, ”Efficient Algorithms for Pairing-Based Cryptosystems,” Advances in Cryptology - Crypto 2002, Springer-Verlag, 2002, pp.354-368
[BLS01] D. Boneh, B. Lynn and H. Shacham, “Short signatures from the Weil pairing,” Advances in Cryptology - Asiacrypt 2001, Springer-Verlag, 2001, pp.514-532.
[BNS05] J. Baek, R. S. Naini and W. Susilo, “Efficient Multi-receiver Identity-Based Encryption and Its Application to Broadcast Encryption,” Public Key Cryptography 2005, Springer-Verlag, 2005, pp. 380-397.
[Bra93] S. Brands, “Untraceable Off-line Cash in Wallets with Observers (Extended Abstract),” Advances in Cryptology - CRYPTO’93, Springer-Verlag, 1993, pp.302-318.
[CC03] J.C. Cha and J.H. Cheon, "An Identity-Based Signature from Gap Diffie-Hellman Groups," Public Key Cryptography 2003, Springer-Verlag, 2003, pp.18-30.
[Cer00] Certicom Corporation, “Current Public-Key Cryptographic Systems”, http://www.certicom.ca, 2000
[CFN88] D. Chaum, A. Fiat and M. Naor, “Untraceable Electronic Cash,” Advances in Cryptology - CRYPTO’88, Springer-Verlag, 1988, pp.319-327.
[Cha82] D. Chaum, “Blind signatures for untraceable payments,” Advances in Cryptology - CRYPTO’82, Springer-Verlag, 1982, pp. 199-203.
[CHL05] J. Camenisch, S. Hohenberger and A. Lysyanskaya, “Compact E-Cash,” to appear in Eurocrypt 2005.
[CL04] J. Camenisch and A. Lysyanskaya, “Signature Schemes and Anonymous Credentials from Bilinear Maps,” Advances in Cryptology - Crypto 2004, Springer-Verlag, 2004, pp.56-72.
[CWEK02] T.Y. Choi, Z. Wu, L.M. Ellram, and B. Koka, “Supplier-Supplier Relationships and Their Implications for Buyer-Supplier Relationships,” IEEE Transactions on Engineering Management, Vol. 42, No. 2, 2002, pp.119-130.
[CZK03] X. Chen, F. Zhang and K. Kim, “A New ID-Based Group Signature Scheme from Bilinear Pairings,” Proceedings of WISA 2003, 2003, pp.585-592.
[DQ86] Y. Desmedt and J. Quisquater, “Public-key Systems based on the Difficulty of Tampering,” Advances in Cryptology - Crypto’86, Springer-Verlag, 1986, pp.111-117.
[EJMSB02] M. Ernst, M. Jung, F. Madlener, S. Huss and R. Blmel, “A Reconfigurable System on Chip Implementation for Elliptic Curve Cryptography over GF(2n),” Cryptographic Hardware and Embedded Systems - CHES 2002, 2002
[Fol03] S.N. Foley, “Using trust management to support transferable Hash-Based Micropayments,” Financial Cryptography 2003, Springer-Verlag, 2003, pp.1-14.
[FTY98] Y. Frankel, Y. Tsiounis and M. Yung, “Fair Off-Line Cash made easy,” Advances in Cryptology - Asiacrypt’98, Springer-Verlag, 1998, pp.257-270.
[GT03] M. Gaud, J. Traor, “On the Anonymity of Fair Offline E-cash Systems,” Financial Cryptography 2003, Springer-Verlag, 2003, pp.34-50.
[GW00] A. Goh and W.K. Yip, “A Divisible Extension of the Brands Digital Cash Protocol:K-Term Coins. Implemented Via Secret Sharing,” Proceedings of TENCON 2000, Vol.3, 2000, pp. 452-457.
[HL02] J. Horwitz and B. Lynn, “Toward Hierarchical Identity-Based Encryption,” Advances in Cryptology - Eurocrypt 2002, Springer-Verlag, 2002, pp.466-481.
[JW95] P. Janson and M. Waidner, “Electronic Payment over Open Networks,” IBM Zurich Research Laboratory, 1995.
[LR98] A. Lysyanskaya and Z. Ramzan, “Group blind digital signatures: A scalable solution to electronic cash,” Financial Cryptography’98, Springer-Verlag, 1998, pp.184-197.
[MB01] G. Maitland and C. Boyd, “Fair Electronic Cash Based on a Group Signature Scheme,” Proceedings of ICICS 2001, Springer-Verlag, 2001, pp.461-465.
[MOV93] A.J. Menezes, T. Okamoto, and S.A. Vanstone, “Reducing elliptic curve logarithms to a finite field,” IEEE Transactions on Information Theory, Vol. 39, 1993, pp.1639-1646.
[MX03] B. Meng and Q. Xiong, ”Research on electronic payment model,” The 8th International Conference on Computer Supported Cooperative Work in Design Proceedings, 2003, pp.597-602.
[NHS99] T. Nakanishi, N. Haruna and Y. Sugiyama, “Unlinkable Electronic Coupon Protocol with Anonymity Control,” In proceeding of 2nd International Workshop on Information Security 1999, Springer-Verlag, 1999, pp.37-46.
[Sha84] A. Shamir, “Identity-based cryptosystems and signature schemes,” Advances in cryptology - CRYPTO’84, Springer-Verlag, 1984, pp.47-53.
[SOK00] R. Sakai, K. Ohgishi and M. Kasahara, “Cryptosystems based on pairing,” Symposium on Cryptography and Information Security 2000, 2000, pp.26-28.
[Tan87] H. Tanaka, “A realization scheme for the identity-based cryptosystem,” Advances in cryptology - Crypto’87, Springer-Verlag, 1987, pp.341-349.
[TI89] S. Tsuji and T. Itoh, ”An ID-based cryptosystem based on the discrete logarithm problem, ”IEEE Journal of Selected Areas in Communications, Vol.7, No.4, 1989, pp.467-473.
[Wan03] C.H. Wang, “Untraceable Fair Network Payment Protocols with Off-Line TTP,” Advances in Cryptology - Asiacrypt 2003, Springer-Verlag, 2003, pp.173-187.
[XSGT01] X. Xianhua, S.Y. Sung, L. Ge and C.L. Tan, “Virtual Card Payment Protocol and Risk Analysis using Performance Scoring,” International Parallel and Distributed Processing Symposium 2001, 2001, pp.1-7.
[XY03] S. Xu and M.i Yung, “Retrofitting Fairness on the Original RSA-Based E-cash,” Financial Cryptography 2003, Springer-Verlag, 2003, pp.51-68.
[XZ00] Q. Xu and H. Zhao “Distributed electronic payment system based on bank union,” High Performance Computing in the Asia-Pacific Region 2000, 2000, pp.548-551.
[ZK03] F. Zhang and K. Kim, ”Efficient ID-Based Blind Signature and Proxy Signature from Bilinear Pairings,” Proceedings of ACISP 2003, Springer-Verlag, 2003, pp.312-323.
[ZNL03] F. Zhang, R.S. Naini and C.Y. Lin, “New Proxy Signature, Proxy Blind Signature and Proxy Ring Signature Schemes from Bilinear Pairings,” Cryptology ePrint Archive, http://eprint.iacr.org/2003/104/