隨著數位科技的進步以及行動網路的普及，許多行動商務上的應用得以迅速發展，對於網路上資訊的取得與服務更不受時間與空間的限制。其中行動優惠券(Mobile Coupon)的可攜帶性與兌換便利性，可有效增加企業營收且為行動廣告中一重要之行銷工具。然而如何透過廣播加密的技術，提供機密性與可驗證性的數位內容，並設計一個具彈性與安全之行動優惠券轉移機制，為現今發展行動加值服務與交易之重要研究課題。有鑑於此，本研究利用基於雙線性配對(Bilinear Maps)之廣播加密機制(Broadcast Encrytion Scheme)與變色龍雜湊函數(Chameleon Hash)，設計具可轉移性之行動安全推播機制。本論文所提出的方法可達到機密性(Confidentiality)、不可否認性(Undeniable)、不可偽造性(Unforgeability)、可驗證性(Verifiability)、抵抗重送攻擊(Replay Attack)及可轉移(Transferable)等需求。

With the advances in digital technology and the popularity of mobile networks, many mobile commerce applications evolved quickly. Without time and space constraints, it is more convenient to get information and services through internet. Portability of Mobile Coupon and the convenience to exchange coupon, can effectively increase business revenue. And it is also one of the important tools of advertising and marketing. However, using the technique of broadcast encryption to provide confidentiality and verifiability of digital content, and design a flexible and secure transfer mechanism of Mobile Coupon, become an important issue of mobile value-added services and transaction. According to this, this thesis proposes a secure push mechanism based on Bilinear Maps of Broadcast Encrytion Scheme and the Chameleon Hash function, with transferability for mobile applications. In this thesis, the proposed method can achieve the requirements of confidentiality, undeniable, unforgeability, verifiability, resisting replay attacks and transferability.

[1] U. Varshney and R. Vetter, "Mobile commerce: framework, applications and networking support," Mobile Networks and Applications, pp. 185-198, 2002.
[2] R.J. Hwang, S.H. Shiau and D.F, "A new mobile payment scheme for roaming services," Electronic Commerce Research and Applications, Vol. 6, No. 2, pp. 184-191, 2007.
[3] J. Qaddour, "Wap and push technology integrated into mobile commerce applications," ACS/IEEE International Conference on Computer Systems and Applications, pp. 779-785, 2006.
[4] D.L. Hoffman and T.P. Novak, "A new marketing paradigm for electronic commerce," The Information Society, Vol. 13, No. 1, pp. 43-54, 1997.
[5] J. Tahtinen, "Mobile advertising or mobile marketing. A need for a new concept?" Mobile Advertising or Mobile Marketing, pp. 152-164, 2006.
[6] A. Fiat and M. Naor, "Broadcast encryption," Advances in Cryptology, pp. 480-491, 1993.
[7] B. Chor, A. Fiat, and M. Naor, "Tracing traitors," Advances in Cryptology, pp. 257-270, 1994.
[8] D. Halevy and A. Shamir, "The LSD broadcast encryption scheme," Advances in Cryptology, pp. 47-60, 2002.
[9] D. Naor, M. Naor and J. Lotspiech, "Revocation and tracing schemes for stateless receivers," Advances in Cryptology, pp. 41-62, 2001.
[10] D. Boneh and M. Franklin, "An efficient public key traitor tracing scheme," Advances in Cryptology, pp. 338-357, 1999.
[11] Y. Dodis and N. Fazio, "Public key trace and revoke schemes secure against adaptive chosen ciphertext," Public Key Cryptography, pp. 100-115, 2003.
[12] S. Mitsunari, R. Sakai, and M. Kasahara, "A new traitor tracing," IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Vol. E85-A, No. 2, pp. 481-484, 2002.
[13] M. Naor and B. Pinkas, "Efficient trace and revoke schemes," Financial Cryptography, pp. 1-20, 2000.
[14] T. Bouchard, M. Hemon, F. Gagnon, V. Gravel, and O. Munger, "Mobile telephones used as boarding passes: enabling technologies and experimental results," Proceedings of the IEEE International Conference on Autonomic and Autonomous Systems, pp. 255-259, 2008.
[15] S. Tarkoma, J. Heikkinen, and M. Pohja, "Secure push for mobileairline services," Telecommunication Systems, Vol. 35, No. 3-4,pp. 177-187, 2007.
[16] H.C. Hsiang, H.C. Kuo and W.K. Shih, "Secure mcoupon scheme Uusing near field communication," International Journal of Innovative Computing, Information and Control, Vol. 5, No. 11(A), pp. 3901-3909, 2009.
[17] D.R. Fortin, "Clipping coupons in cyberspace: a proposed model of behavior for dealprone consumers," Psychology & Marketing, Vol. 17, No. 6, pp. 515-534, 2000.
[18] C. Blundo, S. Cimato and A.D. Bonis, "A lightweight protocol for the generation and distribution of secure e-coupons," Proceedings of the 11th International Conference on World Wide Web, pp. 542-552, 2002.
[19] R. Garg, P. Mittal, V. Agarwal and N. Modani, "An architecture for secure generation and verification of electronic coupons," Proceedings of the Usenix Annual Technical Conference, pp. 51-63, 2001.
[20] D. Chincholle, M. Eriksson and A. Burden, "Location-sensitive services: it’s now ready for prime time on cellular phones," Proceedings of the 4th Conference on Designing Interactive Systems: Processes, Practices, Methods, and Techniques, pp. 331-334, 2002.
[21] S.C. Hsueh and J.M. Chen, "Sharing secure m-coupons for peer-generated targeting via eWOM communications," Electronic Commerce Research and Applications, Vol. 9, No. 4, pp. 283-293, 2010.
[22] N.Y. Lee, "Fairness and privacy on pay-per view system for web-based video service," IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, pp. 980-985, 2000.
[23] C.L. Chen, "An all-in-one mobile DRM system design," International Journal of Innovative Com-puting, Information and Control, Vol. 6, No. 3(A), pp. 897-911, 2010.
[24] M. Gulbis, E. Muller and M. Steinebach, "Content-based audio authentication watermarking," International Journal of Innovative Computing, Information and Control, Vol. 5, No. 7, pp. 1883-1892, 2009.
[25] H. Luo, F.X. Yu, S.C. Chu and Z.M. Lu, "Hiding multiple watermarks in transparencies of visual cryptography," International Journal of Innovative Computing, Information and Control, Vol. 5, No. 7, pp. 1875-1881, 2009.
[26] M. Dobashi, H. Nakayama, N. Kato, Y. Nemoto and A. Jamalipour, "Traitor tracing technology of streaming contents delivery using traffic pattern in wired/wireless environments," Proceedings of the IEEE Global Telecommunications Conference, pp. 1-5, 2006.
[27] M. Bellare and P. Rogaway, "Random oracles are practical: A paradigm for designing efficient protocols," Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62-73, 1993.
[28] M. Zhang, G. Chen and J. Li, "Efficient ID-based proxy chameleon signature from bilinear pairings," Proceedings of the 1st International Multi-Symposiums on Computer and Computational Sciences, Vol. 2, pp. 135-141, 2006.
[29] H. Jin and J. Lotspiech, "Hybrid traitor tracing," Proceedings of the IEEE International Conference on Multi- media and Expo, pp. 1329-1332, 2006.
[30] D. Boneh, B. Lynn and H. Shacham, "Short signatures from the Weil pairing," Advances in Cryptology, pp. 514-532, 2001.
[31] G. Ateniese and B. Medeiros, "On the key exposure problem in chameleon hashes," Security in Communication Networks, pp. 165-179, 2005.
[32] Yankee Group, Yankee Group Forecasts Global Mobile Transaction Value will near $1 Trillion by 2014, http://www.yankeegroup.com/about_us/press_releases/2011-02-14 .html, 2011.
[33] WAP Forum, "The over-the-air protocol specification," April, 2001.
[34] Mobile Marketing Association., "Mobile advertising guidelines," www.mmaglobal.com/mobileadvertising.pdf, 2007
[35] Magazine, Fortune, "Global 500: Our annual ranking of the world’s largest corporations," Fortune Magazine, 2008
[36] The Nielsen Company, "Nielsen NetWatch report," http://www.nielsen.com/us/en/reports/2012/state-of-the-media-the-social-media-report-2012.html, 2012
[37] 資策會FIND,「2010 行動廣告效益指標調查」- 數位媒體溝通效果超越傳統，LBS和消費者主動索取的行動廣告價值高, http://www.find.org.tw/find/home.aspx?page=many&id=261#註1： 行動廣告5R1A效益模型指標定義及公式, 2011.
[38] S. Dominikus and M. Aigner, "mCoupons: An application for Near Field Communication (NFC)," Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops, Niagara Falls , Canada , pp. 421-428, 2007.
[39] S. Bekovits, "How to broadcast a Seret," Advanced in Cryptology – Eurocrypt’91, Spring-Verlag, pp.535-541, 1991.
[40] A.Shamir, "How to share a secret," Communications of ACM, Vol.22, No.11, pp. 612-613, 1979.
[41] Y. Mu, W. Susilo, and Y. X. Lin, "Identity-Based broadcasting," Progres in Cryptology-INDORCRYPT 2003, pp. 177-190, 2003.
[42] K. Y. Tsai, T. C. Wu, C. L. Hsu, "New secret key traitor tracing scheme with dispute settlement from billnear maps," International Journal of Innovative Computing, Information and Control, Vol 7, NO.3, pp.1499-1510, 2011.
[43] H. Krawczyk and T. Rabin, "Chameleon hashing and signatures," Network and Distributed System Security Symposium 2000, pp. 143-154, 2000.
[44] A. Shamir, "Identity-based cryptosystems and signature Schemes," Proceeding in Advance in Cryptology, pp. 47-53, 1984.
[45] M. Holbl, T. Welzer, B. Brumen, "An improved two-party identity-based authenticated key agreement protocol using pairings," Journal of Computer and System Sciences, Vol. 78, pp. 142-150, 2012.