密封式競標應用在許多政府工程與土地標案上，其中競標者身分與競標價格保護為此機制的設計關鍵，過去許多學者提出的密封式競標中，匿名性定義為強調在競標時競標者應具有匿名性。然而，考量實際應用狀況，開標時，競標者應仍保有匿名性，以確保開標的公平性。有鑑於此，本論文將使用自我驗證鑑別加密設計具匿名保護的密封式競標。在所提出的競標機制中，招標商能自行驗證其競標者是否為合法註冊的競標者，並且讓競標者能指定其招標商競標，以確保其競標資訊不被洩漏，而招標商也能自行驗證其競標訊息之有效性與競標者的合法性，並得知其競標金額。再者，在競標與開標階段，競標管理者與招標商皆無法得知其競標者身分，直到確認最高競標價格的標單時，招標商首先驗證其標單的合法性，進而驗證其身分的正確性。

Sealed-bid auction could be applied in many places, such as government engineering, especially the bidder’s identity and the protection of bidding price is an important design issue. In the past, many scholars have been proposed many sealed-bid auction models. In their schemes, the definition of anonymity is to emphasize the bidder’s identity should be anonymous when bidding. However, considering the physical application, the bidder’s identity should be anonymous not only when bidding but also when opening to ensure the fairness. So we propose an anonymity sealed-bid auction using the self-certified authenticated encryption scheme. In our scheme, the auctioneer can self-certify whether the bidder is legal or not and let the bidder designate the auctioneer to bid in order to ensure the bidding information will not be exposed. Besides, the auctioneer also can self-verify the bidder’s validity and legality, and then can obtain the bidding price. Most importantly, in the bidding and opening phase, everyone including the bidders, auctioneers and auction manager doesn’t know the identity of bidders until the highest price is ensured and then the auctioneer shall verify the validity of bidding information and also verify the correctness of identity.

[AP03] S.S. Al-Riyami and K.G. Paterson. “Tripartite Authenticated Key Agreement Protocols from Pairings,” Proceeding of IMA Conference of Cryptography and Coding, pp. 332-359, 2003.
[AUI99] S. Araki, S. Uehara and K. Imamura, “The limited verifier signature and its application,” IEICE Transactions on Fundamentals, pp. 63-68, 1999.
[BDZ03] F. Bao, R. Deng and H. Zhu, “Variantions of Diffie –Hellman problem,” Proceeding of ICICS, pp. 301-312, 2003.
[BF01] D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing,” Proceeding in Cryptology, pp. 213-229, 2001.
[Cac99] C. Cachin, “Efficient private bidding and auctions with an oblivious third party,” Proceeding of the ACM Conference on Computer and Communication Security, pp.120-127, 1999.
[CC03] C.C. Chang and Y.F. Chang, “Efficient anonymous auction protocols with freewheeling bids,” Computer & Security, Vol. 22, No. 8, pp. 728-734, 2003.
[CC06] Y.F. Chang and C.C. Chang, “Enhanced anonymous auction protocols with freewheeling bids,” Proceeding of the 20th International Conference on Advanced Information Networking and Applications, pp. 353-358, 2006.
[CJL05] Y.J. Choie, E. Jeong and E. Lee, “Efficient identity-based authenticated key agreement protocol from pairings,” Applied Mathematics and Computation, Vol. 162, pp. 179-188, 2005.
[CLX05] T. Cao, D. Lin and R. Xue, “ID-based Ring Authenticated Encryption,” Proceedings of the 19th International Conference on Advanced Information Networking and Applications, pp. 591-596, 2005.
[DH76] W. Diffie, M. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, Vol. 22, No. 6, pp.644-654, 1976.
[FR96] M.F. Franklin and M.K. Reiter, “The design and implementation of a secure auction service,” IEEE Transaction on Software Engineering, Vol. 22, No. 5, pp. 302-312, 1996.
[Gir91] M. Girault, “Self-certified public keys,” Advances inCryptology- EUROCRYPT’ 91, pp. 491-497, 1991.
[Hes03] F. Hess, “Efficient identity-based signature schemes based on parings” Computer Science, Vol. 2595, pp. 310-324, 2003.
[HCY96] S.J. Hwang, C.C. Chang and W.P. Yang, “Authenticated encryption schemes with message linkage,” Information Processing Letters, Vol. 58, No. 4, pp. 189-194, 1996.
[HMP94] P. Horster, M. Michels and H. Petersen, “Authenticated encryption schemes with low communication costs,” Electronics Letters, pp. 1212-1213, 1994.
[HW98] C.L. Hsu and T.C. Wu, “Authenticated encryption scheme with (t, n) shared verification” Computer and Digital Techniques, Vol. 145, pp. 117-120, 1998.
[HWB12] M. Holbl, T. Welzer, B. Brumen, “An improved two-party identity-based authenticated key agreement protocol using pairings,” Journal of Computer and System Sciences, Vol. 78, pp. 142-150, 2012.
[IR08] M.N. Islam and M.Z. Rahman, “Secure online sealed bid auction,” Proceeding of 11th the International Conference on Computer and Information Technology (ICCIT 2008), pp. 25-27, 2008.
[Jou00] A. Joux, “A one round protocol for tripartite Diffie-Hellman,” Proceeding of Algorithmic Number Theory symposium, Vol. 1838, pp. 385-394, 2000.
[JLL05] W.S. Juang, H.T. Liaw, P.C. Lin and C.K. Lin, “The design of a secure and fair sealed-bid auction service,” Mathematical and Computer, Vol. 41, pp. 973-985, 2005.
[Kud98] M. Kudo, “Secure electronic sealed-bid auction protocol with public key cryptography,” IEICE Trans Fundamental, Vol. E81-A, pp. 20-27, 1998.
[LC95] W.B. Lee and C.C. Chang, “Authenticated encryption schemes without using a one way function,” Electronics Letters, Vol. 31, No. 19, pp. 1656-1657, 1995.
[LJT11] M.J. Li, J.S.T. Juan and J.H.C. Tsai, “Practical electronic auction scheme with strong anonymity and bidding privacy,” Information Sciences, Vol. 181, pp. 2576-2586, 2011.
[LRC04] J. Lv, K. Ren, X. Chen and K. Kim, “Ring authenticated encryption: a New type of authenticated encryption,” Proceeding of the 2004 symposium on Cryptography and Information Security, pp. 1179-1184, 2004.
[LK02] B. Lee and K. Kim, “Self-certified signatures,” Proceedings of Cryptology-INDOCRYPT and Lecture Notes in Computer Sciences, pp.199-214, 2002.
[MOI90] S. Miyaguchi, K. Ohta and M. Iwata, “128-bit hash function (n-hash),” Proceeding of SECURICOM’90, pp. 127-137, 1990.
[NR93] K. Nyberg and R.A. Rueppel, “A new signature scheme based on the DSA giving message recovery,” The first ACM conference on Computer and Communications Security, pp. 58-61, 1993.
[NR96] K. Nyberg and R.A. Rueppel, “Message recovery for signature schemes based on the discrete logarithm,” Designs, codes, and Cryptography, pp. 61-68, 1996.
[OM02] K. Omote and A. Miyaji, “A practical english auction with simple revocation,” IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences, Vol. E85-A, No. 5, pp. 1054-1061, 2002.
[Sha84] A. Shamir, “Identity-based cryptosystems and signature Schemes,” Proceeding in Advance in Cryptology, pp. 47-53, 1984.
[Sma02] N.P. Smart, “An identity based authenticated key agreement protocol based on the Weil pairing,” Electronic letters, Vol. 38, No. 13, pp. 630-632, 2002.
[Shim03] K. Shim, “Efficient ID-based authenticated key agreement protocol based on the Weil pairing,” Electronics letters, Vol. 39, No. 8, pp. 653-654, 2003.
[Sha07] Z. Shao, “Self-certified signature scheme from pairings,” The journal of systems and software, No. 80, pp. 388-395, 2007.
[SKM02] K. Suzuki, K. Kobayashi and H. Morita, “Efficient sealed-bid auction using hash chain,” Proceeding of International Conference Information Security and Cryptography Conference, pp. 183-191, 2002.
[TH04] S.F. Tzeng and M.S. Hwang, “Digital signature with message recovery and its variants based on elliptic curve discrete logarithm problem,” Computer Standards and Interfaces, Vol. 26, No. 2, pp. 61-71, 2004.
[TJC03] Y.M. Tseng, J.K. Jan and H.Y. Chien, “Digital signature with message recovery using self-certified public keys and its variants,” Applied Mathematics and Computation, Vol. 136, pp. 203-214, 2003.
[TLH05] C.S. Tsai, S.C. Lin and M.S. Hwang, “Cryptanalysis of an authenticated encryption scheme using self-certified public keys,” Applied Mathematics and Computation, Vol. 166, pp. 118-122, 2005.
[WH02] T.S. Wu and C.L. Hsu, “Covertible authenticated encryption scheme,” The Journal of Systems and Software, Vol. 62, No. 3, pp. 491-497, 2002.
[ZMM07] S. Zheng, L. McAven and Y. Mu, “First Price sealed bid auction without auctioneers,” Proceedings of the 2007 international conference on Wireless communications and mobile computing, pp. 127-131, 2007.