Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/19350
標題: 適用於行動商務以秘密分享為基礎的伺服器輔助簽章機制
A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce
作者: 劉玲君
Liu, Ling-June
關鍵字: Hashing chain
赫序鏈
digital signature
secret sharing
server-aided signature
mobile commerce
數位簽章
秘密分享
伺服器輔助簽章
行動商務
出版社: 資訊科學系所
引用: [1] N. Asokan, G. Tsudik, M. Waidner (1997), Server-supported signatures, Journal of Computer Security, Vol. 5, No. 1, pp. 91–108, January 1997. [2] M. Badra, A. Serhrouchni and P. Urien (2004), A lightweight identity authentication protocol for wireless networks, Computer Communications, Vol. 27, pp.1738–1745, 2004. [3] S. Bellovin and M. Merritt (1992), Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks, Proceedings of the 1992 IEEE Symposium on Research in Security and Privacy, Oakland, California, pp.72 – 84, 4-6 May 1992. [4] S. Bellovin and M. Merritt (1993), Augmented Encrypted Key Exchange: a Password-Based Protocol Secure Against Dictionary Attacks and Password File Compromise, Proceedings of the First ACM Conference on Computer and Communications Security, pp. 244-250, November 1993. [5] K. Bicakci and N. Baykal (2005), Improved server assisted signature, Computer Networks, Vol.47, pp.351-366, 2005. [6] D. Boneh and N. Daswani (1999), Experimenting with electronic commerce on the Palm Pilot, Proceedings of 1999 Financial Cryptography, pp. 1–16, February 1999. URL: http://citeseer.ist.psu.edu/daswani98experimenting.html [7] E. Bresson, O. Chevassut and A. Essiari and D. Pointcheval (2004), Mutual authentication and group key agreement for low-power mobile devices, Computer Communications, Vol. 27, pp.1730–1737, 2004. [8] W. Diffie, M.E. Hellman (1976), New directions in cryptography, IEEE Transactions on Information Theory IT-11, 644–654, November 1976. [9] X. Ding, D. Mazzocchi, and G. Tsudik (2002), Experimenting with Server-Aided Signatures, Proceedings of 2002 Network and Distributed System Security Symposium (NDSS’2002), San Diego, 2002. URL: http://citeseer.ist.psu.edu/ding02experimenting.html. [10] A. O. Freier, P. Karlton and P. C. Kocher (1996), The SSL Protocol Version 3.0, URL: http://www.netscape.com/eng/ssl3/draft302.txt, 1996. [11] S. Goldwasser (1990), The search for provably secure cryptosystems, Proceedings Symposia in Applied Mathematics, Vol. 42, pp.89–113. [12] S. S. Grosche and H. Knospe (2002), Secure Mobile Commerce, Electronics & Communication Engineering Journal, Vol. 14, No. 5, pp.228-238. [13] D. Jablon (1996), Strong Password-Only Authenticated Key Exchange, ACM Computer Communications Review, Vol. 26, No.5, October 1996. [14] D. Jablon (1997), Extended Password Protocols Immune to Dictionary Attack, Proceedings of the WETICE ’97 Enterprise Security Workshop, June 1997. [15] Y. Lei, D. Chen and Z. Jiang (2004), Generating Digital Signatures on Mobile Devices, 18th International Conference on Advanced Information Networking and Applications (AINA''04), Fukuoka, Japan, Vol. 2, pp.532-535, March 29 - 31, 2004 Available at: http://citeseer.ist.psu.edu/698886.html [16] H. -Y Lin and L. Harn (1995), Authentication Protocols for Personal Communication System, Proceedings of the 1995 conference on application, computer, communication, Cambridge, Massachusetts, United States, pp. 256-261, 1995. [17] B. Ozen and O. Kilic (2004), Highly Personalized Information Delivery to Mobile Clients, Wireless Networks, Vol. 10 , No. 6, pp.665 – 683, 2004. [18] R. Perlman and C. Kaufman (1999), Secure Password-Based Protocol for Downloading a Private Key, Proceedings of the 1999 Network and Distributed System Security Symposium (NDSS ''99), Catamaran Resort Hotel, San Diego, California, February 1999. [19] A. Raghunathan, S. Ravi, S. Hattangady and J.-J Quisquater (2003), Securing mobile appliances: new challenges for the system designer, Design, Automation and Test in Europe Conference and Exhibition, 2003, pp.176 – 181, 2003. [20] N. M. Sadeh, T. Chan, L. Van, O. Kwon and K. Takizawa (2003), A Semantic Web Environment for Context-Aware M-Commerce, Proceedings of the 4th ACM conference on Electronic commerce, San Diego, CA, USA, pp. 268 – 269, 2003. [21] R. Sandhu (2002), Password-Enabled Public-Key Infrastructure (PKI) and Role-Based Access Control (RBAC) on the Secure Identity Appliance, Proceedings of ISC 2002 (Information Security Conference 2002) Invited Speech, Taichung Taiwan, May 2002. [22] J. A. Senn (2000), The Emergence of M-Commerce, Computer, Vol. 33, No. 12, pp.148-150, 2000. [23] A. Shamir (1979), How to share a secret, Communications of the ACM, Vol. 22, No. 11, Nov. 1979. [24] G. Shih and S. S.Y. Shim (2002), A Service Management Framework for M-Commerce Applications, Mobile Networks and Applications, Vol. 7, No. 3, pp.199 – 212, 2002. [24] N J A Sloane and A D Wyner (editors) (1993), Claude Elwood Shannon : collected papers (New York, IEEE Press, 1993). [25] K. Siau and Zixing Shen (2003), Building Customer Trust in Mobile Commerce, Communications of the ACM, Vol.46 No.4, pp. 91-94, April 2003. [26] Z. Trabelsi, S. Cha, D. Desai, C. Tappert (2002), A voice and ink XML multimodal architecture for mobile e-commerce systems, International Conference on Mobile Computing and Networking, Proceedings of the 2nd international workshop on Mobile commerce table of contents, Atlanta, Georgia, USA, pp. 100-104, 2002. [27] A. Tsalgatidou and E. Pitoura (2001), Business Models and Transactions in Mobile Electronic Commerce: Requirements and Properties, Computer Networks, 37, pp.221-236, 2001. [28] A. Tsalgatidou, J. Veijalainen and E. Pitoura (2000), Challenge in Mobile Electronic Commerce, Proceeding of IeC 2000, 3rd Int. Conf. On Innovation through E-Commerce, UK, Nov. 14th-16th, 2000. [29] U. Varshney, R. Vetter and R. Kalakota (2000), Mobile Commerce: A New Frontier, Computer, Vol. 33, No. 10, pp.32-38, 2000. [30] J. Veijalainen, V. Terziyan and H. Tirri (2003), Transaction Management for M-Commerce at a Mobile Terminal, Proceedings of the 36th Annual Hawaii International Conference on System Sciences, Page(s):10, 6-9 Jan., 2003. [31] D. Wagner and B. Schneier (1996), Analysis of the SSL 3.0 protocol, Proceedings of the Second USENIX Workshop on Electronic Commerce, USSENIX Press, pp. 29-40, 1996. [32] Wireless Transport Layer Security Specification, WAP Forum, 06-04-2001, URL: http://www.wapforum.org/ [33] Gartner Company, URL: http://www.gartner.com/ [34] Jupiter Communications Inc., URL: http://sales.jup.com/jupiter/ [35] NTT DoCoMo company, URL:http://www.nttdocomo.com/ [36]楊舜仁資訊網,行動商務的時代已經到來, URL: http://www.giga-tv.com/sooner/article/59217343/
摘要: 近年來由於行動通信網路科技的進步,以及各種行動設備的普及,使得行動商務的發展越來越受到重視。人們可以隨時隨地應用各式各樣的行動設備和服務的提供者進行交易。諸如透過網路購買股票、購物以及存取重要的網路資源等。一旦使用者所提出的要求服務需要被驗證時,使用者的身分驗證問題以及如何達到交易的不可否認性即成為討論的焦點。無論如何,這對處於無線環境、計算能力薄弱的行動設備而言是一項挑戰。 本文提出一種具有實用價值的一次通行碼伺服器輔助簽章方式,透過驗證及秘密分享的機制,產生出簽章伺服器和行動設備使用者之共同簽章值。同時,我們所提出之協定不管在安全性、不可否認性、簡單性、有效性和機動性等都能達到令人滿意的結果。
With the progress of the mobile communication technology and the generalization of the handheld devices, mobile commerce is of great importance to modern society. We can use these devices to conduct business such as to purchase books, stocks, digital goods (video, audio, code), play games, receive email and even access various network resources, etc. Once the request services need to be verified, the users' authentication and how to achieve the transaction non-repudiation become very important. There are challenges for limited computational capabilities devices to complete the tasks in wireless environment. In this research, we propose a server-aided signature scheme based on secret sharing for mobile commerce. Through the one-time password authentication and secret sharing technology, we generate the cooperative signature of the server and the hand-held device satisfying the issues of security, non-repudiation, simplicity, validity and mobility.
URI: http://hdl.handle.net/11455/19350
其他識別: U0005-1901200711205100
文章連結: http://www.airitilibrary.com/Publication/alDetailedMesh1?DocID=U0005-1901200711205100
Appears in Collections:資訊科學與工程學系所

文件中的檔案:

取得全文請前往華藝線上圖書館



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.