题名

改良式ElGamal-like數位簽章於電子商務環境之應用

并列篇名

A Modified ElGamal-like Digital Signature in the Application of Electronic Commerce

DOI

10.6382/JIM.201107.0002

作者

王連杰(Lian-Jie Wang);陳正鎔(Jonathan Jen-Rong Chen);孫屏台(Pin-Tai Sun)

关键词

資訊安全 ; 數位簽章 ; 電子商務 ; 公平交易協定 ; 離散對數 ; Information Security ; Digital Signature ; Electronic Commerce ; Fair Exchange Protocols ; Discrete Logarithm

期刊名称

資訊管理學報

卷期/出版年月

18卷3期(2011 / 07 / 01)

页次

1 - 24

内容语文

繁體中文
中文摘要

由於網路及資訊科技進步,導致企業組織日常運作多已採用資訊系統輔助營運作業。在推動電子商務時,因各企業或消費者位於不同地點,彼此須隨時經由網路溝通,然而經由網路傳輸資訊,容易被入侵者從中擷取或意圖干擾,因此對網路傳遞的訊息需加保護,以免遭受損失,故安全的網路環境是電子商務之基礎。本研究提出一個改良的可偵測原始文件被偽造、冒用、竄改時,具應變能力的ElGamal-like數位簽章協定,引入公正第三者仲裁傳送者與接收者間糾紛,另外本協定具雙重防線抵禦能力,若發現惡意者在入侵第一道防線時,即能適時查覺,並舉證交由公正第三者仲裁糾紛,且本協定執行效率佳,耗費成本低,得以維護電子商務交易資料在網路傳輸上的安全。
英文摘要

Recent network and information technology developments have enabled numerous enterprises to conduct routine operations using an e-business model. Because remote customers and businesses communicate over a network, they are vulnerable to invaders eavesdropping or forging messages or data. Therefore, internet security is fundamental to electronic commerce. This paper proposes a modified ElGamal-like digital signature scheme to protect original messages from being forged, counterfeited and interpolated. The scheme introduces a trusted third party that arbitrates disputes between the sender and receiver. Using a double-line of defense, the scheme locates the malicious invasion at the first line, collecting evidence which it transfers to the trusted third party arbitrating the dispute. Therefore, this improved digital signature scheme can manage the threat of forge activity and protect the transfer of e-commerce data over networks, and performs more efficiently than others.
主题分类 基礎與應用科學 > 資訊科學
社會科學 > 管理學
参考文献
  1. E世代公民對話誌(ALS),2007,『台灣網路安全信心調查』。(available online at http://www.als.org.tw/article/new_paper_sg.asp?id=168)
  2. Abernethy, S.(2003).Building Large-Scale Online Dispute Resolution & Trustmark Systems.Proceedings of the UNECE Forum on ODR
  3. Asokan, N.,Shoup, V.,Waidner, M.(1998).Asynchronous protocols for optimistic fair exchange.IEEE Symposium on Research in Security and Privacy,Oakland, CA:
  4. Ateniese, G.(2004).Verifiable Encryption of Digital Signatures and Applications.ACM Transactions on Information and System Security,7(1),1-20.
  5. Bao, F.,Deng, R.,Mao, W.(1998).Efficient and Practical Fair Exchange Protocols with Off-line TTP.Proceedings of IEEE Symposium on Security and Privacy
  6. Bao, F.,Deng, R.,Nguyen, K. Q.,Varadharajan, V.(1999).Multi-party fair exchange with an off-line trusted neutral party.Proceedings of the 10th International Workshop on Database and Expert Systems Applications,Berlin, Germany:
  7. Blum, M.(1983).How to Exchange (Secret) Keys.ACM Transactions on Computer Systems,1(2),175-193.
  8. Bojanc, R.,Borka, J. B.(2008).An economic modelling approach to information security risk management.International Journal of Information Management,28(5),413-422.
  9. Brickell, E. F.,Chaum, D.,Damgard, I. B.,Graaf, J. v. d.(1987).Gradual and verifiable release of a secret.Advances in Cryptology- CRYPTO,156-166.
  10. Chen, L.(1998).Efficient Fair Exchange with Verifiable Confirmation of Signatures.Proc. Of Advances in Cryptology (ASIACRYPT' 98),286-299.
  11. Corritore, L. C.,Kracher, B.,Wiedenbeck, S.(2003).On-line trust: concepts, evolving themes, a model.International Journal of Human-Computer Studies,58(6),737-758.
  12. Deng, R. H.,Gong, L.,Lazar, A. A.,Wang, W.(1996).Practical protocols for certified electronic mail.Journal of Network and System Management,4(3),279-300.
  13. Diffie, W.(1988).The first ten years of public-key cryptography.Proceedings of the IEEE
  14. Diffie, W.,Hellman, M.(1976).New Directions in Cryptography.IEEE Transactions on Information Theory,22(6),644-654.
  15. Dodis, Y.,Reyzin, L.(2003).Breaking and repairing optimistic fair exchange from PODC2003.ACM Workshop on Digital Right Management
  16. ElGamal, T.(1985).A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms.IEEE Trans.Information Theory,31(4),469-472.
  17. Even, S.,Goldreich, O.,Lempel, A.(1985).A Randomized Protocol for Signing Contracts.Communications of the ACM,28(6),637-647.
  18. Graff, J. C.(2001).Cryptography and E-Commerce.John Wiley & sons.
  19. Harn, L.(1994).Public-key cryptosystem design based on factoring and discrete logarithms.Computers and Digital Techniques, IEE Proceedings,141(3),193-195.
  20. Harn, L.,Xu, Y.(1994).Design of generalised ElGamal type digital signature schemes based on discrete logarithm.Electronics Letters,30(24),2025-2026.
  21. He, J.,Kiesler, T.(1994).Enhancing the Security of ElGamal's Signature Scheme.IEE Proc.-E,141(4),249-252.
  22. He, W. H.(2001).Digital signature scheme based on factoring and discrete logarithms.Electronics Letters,37(4),220-222.
  23. Horster, P.,Michels, M.,Petersen, H.(1994).Technical Report TR-94-16-E University of Technology Chemnitz ZwickauTechnical Report TR-94-16-E University of Technology Chemnitz Zwickau,University of Technology Chemnitz-Zwickau.
  24. Hwang, M. S.,Cheng, C. C.,Hwang, K. F.(2002).An ElGamal-Like Cryptosystem for Enciphering Large Messages.IEEE Trans. on Knowledge and Engineering,14(2),445-446.
  25. Hwang, S. J.,Lee, Y. H.(2004).Repairing ElGamal-Like Multi-signature Schemes Using Self-certified Public Keys.Applied Mathematics and Computation,156(1),73-83.
  26. Johnson, N. A.,Cooper, R. B.(2009).Media, affect, concession, and agreement in negotiation: IM versus telephone.Decision Support Systems,46(3),673-684.
  27. Kalakota, R.,Whinston, A. B.(1997).Electronic Commerce: A Manager's Guide.MA Addison-Wesley.
  28. Katsh, E.,Rifkin, J.(2001).Online Dispute Resolution-Resolving Conflicts in Cyberspace.Jossey-Bass..
  29. Ketchpel, S.(1995).Transaction protection for information buyers and sellers.Proceedings of the Dartmouth Institute for Advanced Graduate Studies,Superhighway:
  30. Ketchpel, S.,Garcia-Molina, H.(1996).Making trust explicit in distributed commerce transactions.Proceedings of the 16th International Conference on Distributed Computing Systems
  31. Kumar, N.,K., M.,Holowczak, R.(2008).Locking the door but leaving the computer vulnerable: Factors inhibiting home users' adoption of software firewalls.Decision Support Systems,46(1),254-264.
  32. Laih, C. S.,Kuo, W. C.(1997).New Signature Schemes Based on Factoring and Discrete Logarithms.IEICE Trans. Fundamentals,80(1),46-53.
  33. Lee, N. Y.(1999).Security of Shao's Signature Schemes Based on Factoring and Discrete Logarithms.IEE Proc.,146(2),119-121.
  34. Lee, N. Y.,Hwang, T.(1995).The Security of He and Kiesler's Signature Schemes.IEE Proc.-E,142(5),370-372.
  35. Lee, N. Y.,Hwang, T.(1996).Modified Harn signature scheme based on factoring and discrete logarithms.IEE Proc. Computers And Digital Techniques,143(3),196-198.
  36. Lim, C. H.,Lee, P. J.(1998).A study on the proposed Korean digital signature algorithm.Advances in Cryptology-Asiacrypt '98
  37. Markowitch, O.,Kremer, S.(2001).An optimistic non-repudiation protocol with transparent trusted third party.International Security Conference 2001 Lecture Notes in Computer Science,Malaga, Spain:
  38. McCurley, K. C.(1988).A key distribution system equivalent to factoring.Journal of Cryptology,1(2),95-106.
  39. Mel, H. X.,Baker, D. M.(2001).Cryptography Decrypted.Addison Wesley.
  40. Michels, M.,Naccache, D.,Petersen, H.(1996).GOST 34.10-A brief overview of Russia's DSA.Computers and Security,15(8),725-732.
  41. Monsuwe, T. P.,Dellaert, B. G. C.,Ruyter, K. D.(2004).What Drives Consumers to Shop Online? A Literature Review.Journal of Service Industry Management,15(1),102-121.
  42. Naccache, D.(1994).Can O.S.S. be Repaired? Proposal for a New Practical Signature Scheme.Advances in Cryptology: Proceedings of Eurocrypt '93 New York
  43. National Institute of Standards and Technology, U. S.(1992).The Digital Signature Standard Proposed by NIST.Communication of ACM,35(7),36-40.
  44. Ong, H.,Schnorr, C.,Shamir, A.(1984).An Efficient Signature Scheme Based On Quadratic Equations.Proceedings of the 16th Symposium on the Theory of Computing,Washington:
  45. Park, J.,Chong, E.,Siegel, H.(2003).Constructing fair exchange protocols for e-commerce via distributed computation of RSA signatures.Proc. of the 22nd Annual ACM Symposium on Principles of Distributed Computing
  46. Pfitzmann, B.,Waidner, M.(1991).Fail-stop Signatures and Their Application.Securicom'91
  47. Pollard, J.,Schnorr, C.(1987).An Efficient Solution of the Congruence x2 + ky2 = m modn.IEEE Trans. on Information Theory,33(5),17-28.
  48. Rabin, M. O.(1979).Digitalized Signature and Public-Key Functions as Intractable as Factorization.Combridge Mass.:MIT Lab. for Computer Scince.
  49. Ranganathan, C.,Ganapathy, S.(2002).Key Dimensions of Bussiness-to-consumer Web Sites.Information & Management,39(6),457-465.
  50. Ray, I.,Ray, I.,Natarajan, N.(2005).An anonymous and failure resilient fair-exchange e-commerce protocol.Decision Support Systems,39(3),267-292.
  51. Rivest, R. L.,Shamir, A.,Adleman, L.(1978).A Method for Obtaining Signatures and Public-Key Cryptosystems.Comm. of the ACM,21(2),120-126.
  52. Schmeh, K.(2003).Cryptography and Public Key Infrastructure on the Internet.New York:John Wiley & Sons.
  53. Schneier, B.(1996).Applied Cryptography.New York:John Wiley & Sons.
  54. Shao, Z.(1998).Signature schemes based on factoring and discrete logarithms.Computers and Digital Techniques, IEE Proceedings,145(1),33-36.
  55. Shao, Z.(2008).Fair exchange protocol of signatures based on aggregate signatures.Computer Communications,31(10),1961-1969.
  56. Shao, Z.(2002).Digital signature schemes based on factoring and discrete logarithms.Electronics Letters,38(24),1518-1519.
  57. Silverman, J. H.(2004).A Friendly Introduction to Number Theory 2e.Pearson.
  58. Srinivasan, S.(2004).Role of Trust in E-Business Success.Information Management & Computer Security,12(1),66-72.
  59. Stallings, W.(2004).Cryptography and Network Security Principle and Practices.Prentice Hall.
  60. Stinson, D. R.(2005).Cryptography Theory and Practice.CRC press.
  61. Susilo, W.,Safavi, N.R.,Gysin, M.,Seberry, J.(2000).A New and Efficient Fail-stop Signature Scheme.The computer journal,43(5),430-437.
  62. Turban, E.,King, D.,Lee, J. K.,Viehland, D.(2006).Electronic Commerce 2006: A Managerial Perspective.New Jersey:Prentice Hall.
  63. Udo, J. G.(2001).Privacy and Security Concerns as Major Barriers for E-Commerce: a Survey Study.Information Management & Computer Security,9(4),165-174.
  64. Viswanathan, K.(2006).Secure E-Commerce: Understanding the Public Key Cryptography Jigsaw Puzzle.Information Systems Security,14(6),44-52.
  65. Wu, T. C.(2000).ElGamal-Like Digital Signature and Multisignature Schemes Using Selfcertified Public Keys.The Journal of systems and software,50(2),99-105.
  66. Zhou, J.,Gollman, D.(1997).An efficient non-repudiation protocol.10th Computer Security Foundations Workshop
  67. Zhou, J.,Gollman, D.(1996).A fair non-repudiation protocol.Proceedings of the IEEE Symposium on Security and Privacy,Oakland, CA:
  68. Zwass, V.(1996).Electronic Commerce: Structures and Issues.International Journal of Electronic Commerce,1(1),3-23.
  69. 周永彬、張振峰、卿斯漢(2004)。基于RSA签名的优化公平交換协议。软件学扱,15(7),1049-1055。
  70. 許美玲(2006)。電子商務信賴機制締造B2C雙效雙贏。經濟部商業司。
  71. 葉亭佳(2008)。創新資訊應用研究計畫─我國網際網路用戶數調查。經濟部技術處。
  72. 詹超宇(2008)。2008年台灣網友行為與B2C消費發展趨勢。資策會產業情報研究所。
  73. 詹超宇(2008)。2008年台灣網友C2C消費發展趨勢。資策會產業情報研究所。
  74. 詹超宇(2009)。2008年台灣電子商店發展現況與趨勢。資策會產業情報研究所。
  75. 马昌社(2007)。简单快速的优化公平交換协议。计算机工程,33(15),13-15。
print cancel