學號：M9409211
論文名稱：基於橢圓曲線之自我驗證公開金鑰系統的匿名行動付費協定 頁數：67頁
院所組別：國立臺灣科技大學 資訊管理系
畢業時間及提要別：九十五學年度第二學期碩士學位論文提要
研究生：王威智 指導教授：吳宗成 博士
論文提要內容：

隨著資訊數位化的變革、無線通訊技術的進步以及行動裝置的普及，全球行動上網人口亦逐年增加，帶動行動商務的無限商機。在行動商務中，最重要的一環即為提供安全的行動付費系統。然而，綜觀現今的行動付費系統中，主要為強調買方行動付費功能，賣方的角色功能仍侷限於一般的伺服器網站，無法達到全面性的行動付費功能。而為了避免洩露買方之交易行為或習慣，在設計行動付費協定時，須考慮將買方之身分隱藏，以保障個人隱私。此外，在行動裝置計算能力有限的情況下，如何降低計算複雜度，並達到相同的安全強度，同樣為需克服的重要課題。有鑑於此，我們的方法利用橢圓曲線密碼系統與自我驗證公開金鑰系統建置行動付費協定，使買賣雙方皆可即時地運用行動裝置完成買(付費)、賣(收費)之目的，並達到買方匿名性，同時降低運算複雜度與通訊成本。本論文所提出的方法具有以下特點；(1) 達到買賣雙方皆可利用行動裝置完成行動付費之目的；(2) 執行身分鑑別機制時，以SIM卡與通行密碼為基礎，不僅提高運算效率，並達到雙向鑑別(Mutual Authentication)之目的；(3) 達到買方匿名性；(4) 達到不可否認性，即買賣雙方無法否認已進行過的交易； (5) 達到不可假冒性，即攻擊者無法利用公開資訊計算出買方、賣方與銀行的私鑰，進而假冒買方、賣方或銀行；(6) 可抵抗通行密碼猜測攻擊。

關鍵詞：行動付費、橢圓曲線、自我驗證、匿名性、不可否認性

ABSTRACT
Due to the evolution of data digitization, improvement of wireless communication technique, and popularization of mobile devices, the utilization of mobile device on the internet is incrementally increasing. Thus, it results in a great benefit to mobile commerce. The most important thing in mobile commerce is secure mobile payment system. However, most up-to-date mobile payment systems focus on consumer’s mobile payment and the payment transaction processed on the web server by the venders. So it is far from overall mobile payment system. In order to prevent buyers from the leak of their transaction behaviors and habits, we attempt to protect personal privacy by hiding buyers’ identities on the design of mobile payment system. Moreover, we also intend to reduce complexity of computation and to achieve the same security level under limited computing power of mobile device. In our proposed scheme, we design the mobile payment protocol based on ellipse curve cryptosystem and self-certified public key system. Our proposed scheme can (1) achieve mobile payment by mobile device on both of consumers and venders; (2) efficiently achieve mutual authentication by SIM card and password on both of consumers and venders; (3) achieve anonymity of consumer; (4) achieve non-repudiation; (5) achieve non-impersonation; (6) resist password guessing attack.

Keywords: Mobile Payment, ECC, Self-certified, Anonymity, Non-repudiation

參考文獻
賴溪松、韓亮、張真誠，「近代密碼學及其應用」，旗標出版公司，2002年。
[陳01] 陳宗保，「行動電子商務環境下安全協定之研究」，大葉大學 資訊管理研究所碩士論文，2001年。
[DH76] W. Diffie, M.E. Hellman, “New direction in cryptography”, IEEE Transactions on Information Theory, Vol. IT-22, No. 6, 1976, pp. 644-654.
[Dur99] Durlacher, “Mobile Commerce Report”, technical report of Durlacher Research Ltd, 1999.
[ElG85] T. ElGamal, “A public key cryptosystem and signature scheme based on discrete logarithms”, IEEE Transactions on Information Theory, Vol. IT-31, No. 4, 1985, pp. 469-472.
[Gir91] M. Girault, “Self-certified Public Key”, Lecture Notes in Computer Science, Proceedings of EuroCrypt’91, Lecture Notes in Computer Science, Vol. 547, Springer-Verlag, 1991, pp. 491-497.
[HSJ07] R.J. Hwang, S.H Shiau, and D.F. Jan, “A new mobile payment scheme for roaming services”, Electronic Commerce Research and Applications, Vol. 6, Issue 2, Summer 2007, pp. 184-191.
[HHT07] M. Hassinen, K. Hypponen, E. Trchina, “Utilizing national public-key infrastructure in mobile payment systems”, Electronic Commerce Research and Applications, In Press, Corrected Proof, Available online 20 April 2007.
[IEEE 1363] IEEE 1363 Working Group, “IEEE P1363 standard specifications for public key cryptography”.
[Kob85] N. Koblitz, “Elliptic curve cryptosystems”, Mathematics of Computation, Vol. 48, No. 17, 1985, pp. 203-209.
[LMS93] J.B. Lacy, D.P. Mitchel, and W.M. Schell, “CryptoLib: Cryptography in Software”, UNIX Security Symposium IV Proceedings, USENIX Association, 1993, pp. 1-17.
[Mil85] V.S. Miller, “Use of elliptic curves in cryptography”, Advances in Cryptology- CRYPTO’85, Springer-Verlag, 1985, pp. 417-426.
[MOI90] S. Miyaguchi, K. Ohta, and M. Iwata, “128-bit hash function (n-hash)”, Proceedings of SECURICOM'90, 1990, pp. 127-137.
[MAM06] M. Misbahuddin, M.A. Ahmed, and M.H. Shastri, “A simple and efficient solution to remote user authentication using smart cards” Innovations in Information Technonlogy, 2006, pp. 1-5.
[NIST93] National Institute of Standards and Technology, NIST FIPS PUB 180, “Secure hash standard”, U. S. Department of Commerce, 1993.
[PH97] H. Petersen and P. Horster, “Self-certified keys concepts and applications”, Proceeding of Communications and Multimedia Security’97, 1997, pp. 102-116.
[RSA78] R. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems”, Communications of the ACM, Vol.21, No. 2, 1978, pp. 120-126.
[RKVCHV04] A. Ramfos, S. Karnouskos, A. Vilmos, B. Csik, P. Hoepner, and N. Venetakis, “SEMOPS : Paying with Mobile Personal Devices”, Fourth IFIP Conference on e-Commerce, e-Business, and e-Government(13E), Toulouse, France, 2004, pp. 22-27.
[Sha84] A. Shamir, “Identity-Based Cryptosystems and Signature Schemes”, Advances in Cryptology – CRYPTO ’84, Springer-Verlag, 1984, pp. 47-53.
[Sae97] S. Saeednia, “Identity-based and self-certified key exchange protocols”, Information Security and Privacy : ACISP’97, 1997, pp. 303-313.
[VK99] R. J. Vetter and R. Kalakota, “Mobile Commerce : A new frontier”, IEEE Transaction on Knowledge and Data Engineering, 1999, pp. 509-525.
[WCL98] T.C. Wu, Y.S. Chang, and T.Y. Lin, “Improvement of Saeednia’s self-certified key exchange protocols”, IEE Electronic Letters, Vol. 34, No. 11, May 1998, pp. 1094-1095.
[ZC03] X. Zheng and D. Chen, “Study of Mobile Payments System”, IEEE International Conference on E-Commerce (CEC 2003), 2003.