可分电子现金系统的研究与实现
摘要
随着计算机网络技术的迅速普及,电子商务得到了飞速发展。对安全、高效、可分的公平离线电子现金系统的研究不仅具有重要的科研学术价值,而且对国家电子商务、金融机构的信息化建设和国民经济的发展具有重大的意义。但电子现金到目前为止还处于研究发展阶段,如何进一步提高效率,提高安全性,实现公平性和可分性等技术问题还没有完全解决。
论文主要对可分电子现金系统方案进行研究,提出两种新的可分电子现金方案,设计实现一个无可信第三方的可分电子现金系统,为电子现金支付进入大规模的应用进行有益的探索。
首先,介绍了电子现金的基本知识,包括国内外研究现状,主要系统模型、关键技术等,并分析了电子现金的可分性问题。
其次,提出了两种新的可分电子现金方案。其一,针对可分电子现金系统中存在的第三方集权的问题,采用分布式可信方将追踪的权力分散给n个可信机构,至少k个可信方联合起来才可以实现追踪。该方案消除了只有一个可信方的集权,在一定程度上控制了可信方任意追踪的权力。其二,针对第三方追踪不确定的问题,提出了一种无可信第三方的可控匿名性的可分电子现金方案。方案中银行根据司法机构提供的线索或凭证,要求同一时间戳的用户打开消息,实现对电子现金和取款人的追踪。
最后,设计实现了一个无可信第三方的可分电子现金支付系统。采用C/S设计结构,应用Visual C++ 6.0开发工具,利用ODBC访问SQL Server数据库,实现该系统的基本功能。
With the rapid popularization of the computer network technology, electroniccommerce begins to develop quickly. Fair off-line e-cash system with security, efficiencyand divisibility has an important scientific and academic value. Moreover it has animportant significance to our electronic commerce, the information construction offinancial organizations and the development of our national economy. However,electronic cash is still on the stage of research and development so far. Many technicalproblems such as how to enhance efficiency and security and how to realize fairness anddivisibility haven't been solved completely.
This paper devotes to the research of divisible e-cash systems, proposes two newdivisible e-cash schemes, and designs and realizes a divisible e-cash system without TTP(trusted third party), which carries on a beneficial exploration for a large-scale applicationof e-cash payment.
Firstly, this paper introduces the basic knowledge of e-cash, including researchactuality abroad and at home, main system models and key technologies, and thenanalyzes the divisibility of e-cash systems.
Secondly, two new divisible e-cash schemes are proposed. On the one hand, aimingat the problem that TTP has power centralization in a divisible e-cash system, distributedTTP can disperse the tracing power to n credible organizations, at least k of which canunite to realize tracing. The decentralization of TTP has avoided power centralization andcontrolled arbitrary tracing in a certain degree. On the other hand, aiming at the problemthat TTP causes uncertain tracing, an anonymity-revocable and divisible e-cash scheme isproposed without TTP. In this scheme, according to the clue and certificate provided bythe judicial organization, the bank requires the user to open the message with the sametime stamp, which can realize the trace to e-cash and withdrawer.
Finally, a divisible e-cash payment system without TTP is designed and realized.According to client/server design structure and Visual C++ 6.0 development kits,adopting ODBC to visit SQL Server database, this system can realize the necessaryfunctions.
论文主要对可分电子现金系统方案进行研究,提出两种新的可分电子现金方案,设计实现一个无可信第三方的可分电子现金系统,为电子现金支付进入大规模的应用进行有益的探索。
首先,介绍了电子现金的基本知识,包括国内外研究现状,主要系统模型、关键技术等,并分析了电子现金的可分性问题。
其次,提出了两种新的可分电子现金方案。其一,针对可分电子现金系统中存在的第三方集权的问题,采用分布式可信方将追踪的权力分散给n个可信机构,至少k个可信方联合起来才可以实现追踪。该方案消除了只有一个可信方的集权,在一定程度上控制了可信方任意追踪的权力。其二,针对第三方追踪不确定的问题,提出了一种无可信第三方的可控匿名性的可分电子现金方案。方案中银行根据司法机构提供的线索或凭证,要求同一时间戳的用户打开消息,实现对电子现金和取款人的追踪。
最后,设计实现了一个无可信第三方的可分电子现金支付系统。采用C/S设计结构,应用Visual C++ 6.0开发工具,利用ODBC访问SQL Server数据库,实现该系统的基本功能。
With the rapid popularization of the computer network technology, electroniccommerce begins to develop quickly. Fair off-line e-cash system with security, efficiencyand divisibility has an important scientific and academic value. Moreover it has animportant significance to our electronic commerce, the information construction offinancial organizations and the development of our national economy. However,electronic cash is still on the stage of research and development so far. Many technicalproblems such as how to enhance efficiency and security and how to realize fairness anddivisibility haven't been solved completely.
This paper devotes to the research of divisible e-cash systems, proposes two newdivisible e-cash schemes, and designs and realizes a divisible e-cash system without TTP(trusted third party), which carries on a beneficial exploration for a large-scale applicationof e-cash payment.
Firstly, this paper introduces the basic knowledge of e-cash, including researchactuality abroad and at home, main system models and key technologies, and thenanalyzes the divisibility of e-cash systems.
Secondly, two new divisible e-cash schemes are proposed. On the one hand, aimingat the problem that TTP has power centralization in a divisible e-cash system, distributedTTP can disperse the tracing power to n credible organizations, at least k of which canunite to realize tracing. The decentralization of TTP has avoided power centralization andcontrolled arbitrary tracing in a certain degree. On the other hand, aiming at the problemthat TTP causes uncertain tracing, an anonymity-revocable and divisible e-cash scheme isproposed without TTP. In this scheme, according to the clue and certificate provided bythe judicial organization, the bank requires the user to open the message with the sametime stamp, which can realize the trace to e-cash and withdrawer.
Finally, a divisible e-cash payment system without TTP is designed and realized.According to client/server design structure and Visual C++ 6.0 development kits,adopting ODBC to visit SQL Server database, this system can realize the necessaryfunctions.
引文
[1] Chaum D. Blind Signatures for Untraceable Payments[A]. Advances in Cryptology-Crypto'82[C], California: Springer-Vertag, 1983: 199-203.
[2] Chaum D, Fiat A, Naor M. Untraceable Electronic Cash[A]. Advances in Cryptology-Crypto' 88[C], Springer-Verlag, 1990: 319-327.
[3] Damgard B. Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals[A]. Advances in Cryptology-Crypto'88[C], Springer-Verlag, 1990: 328-335.
[4] Pfitzmann B, Waidner M. How to Break and Repair a Provably Secure Untraceable Payment System[A]. Advances in Cryptology-Crypto'91[C], Springer-Verlag, 1992: 338-350.
[5] Franklin M, Yung M. Secure and Efficient Off-line Digital Money[A]. In Proceedings of the 20th International Colloquium on Autmata, Languages and Programming[C], Springer-Verlag, 1993: 265-276.
[6] Brands S. Untraceable Off-line Cash in Wallets with Observers[A]. Advances in Cryptology-Crypto'93[C], German: Springer-Verlag, 1994: 302-318.
[7] Okamoto T, Ohta K. Universal Electronic Cash[A]. Advances in Cryptology-Crypto'91[C], German: Springer-Verlag, 1992: 324-337.
[8] Pailles J C. New Protocols for Electronic Money[A]. Advances in Cryptology-Au.sCrypto'92[C], LNCS718, Springer-Verlag, 1993: 263-274.
[9] Eng T, Okamoto T. Single-term Divisible Electronic Coins[A]. Advances in Cryptology-EuroCrypto'94 [C]. Berlin: Springer-Verlag, 1994: 306-319.
[10] Okamoto T. An Efficient Divisible Electronic Cash Scheme[A]. Advances in Cryptology-Crypto' 95 [C], German: Springer-Verlag, 1995:438-451.
[11] Frankel Y, Tsiounis Y, Yung M. Achieving Efficient Fair Off-line E-cash[A]. Advances in Cryptology-AsiaCrypto'96[C]. German: Springer-Verlag, 1996: 286-300.
[12] Camenisch J, Maurer U, Stadler M. Digital payment systems with passive anonymity-revoking trustees[A]. Computer Security Esorics'96[C]. LNCS 1146, Springer-Verlag, 1996: 33-43.
[13] Brickell F, Gemmell P. Kravitz D. Trustee-based Tracing Extensions to Anonymous Cash and the Making of Anonymous Change[A]. In Proceedings of the 6thACM-SIAM Symposium on Discrete Algorithms[C],ACM Press, 1995: 457-466.
[14] Stadler M, Piveteau J, Camenisch J. Fair Blind Signatures[A]. Advances in" Cryptology-EuroCrypto'95 [C]. Springer-Verlag, 1995: 209-219.
[15] David G. Frankel Y, Tsiounis Y, Yung M. Anonymity Control in E-cash Systems[A]. Financial Cryptography-FC' 97[C], German: Springer-Verlag, 1997: 1-16.
[16] 陈恺,胡子濮,肖国镇.可撤销匿名性的可分电子现金系统[J].西安电子科技大学学报(自然科学版),2001.28(1):57-61.
[17] 胡泽军.吴中福等.基于可信第三方的可撤销匿名性的公平可分电子现金系统[J].计算机应用研究,2004,10:96-99.
[18] 黄正全,张其善.一种高效公正的离线可分电子现金方案[J].计算机工程与设计,2004,25(11):1943-1945.
[19] Sander T, Ta-Shma A. Auditabte Anonymous Electronic Cash[A]. Advances in Cryptology-Crypto'99 [C]. German: Springer-Verlag, 1999: 555-572.
[20] Sander T. Auditable Membership Proof[A]. Financial Cryptography-FC'00[C]. German: Springer-Verlag, 2000: 53-71.
[21] Kulger D, Vogt H. Off-line Cash in Wallet with Observer[A]. Financial Cryptography-FC'2002 [C]. German: Springer-Verlag, 2002: 42-55.
[22] 李进,王燕鸣.一个可审计的离线电子现金方案[J].中山大学学报(自然科学版),2005,44(5):6-12.
[23] 李梦东,杨义先.无可信第三方的离线电子现金匿名性控制[J].电子学报,2005,33(3):456-458.
[24] 刘文远,刘宏有.基于角包访问控制的无可信第三方可扩展匿名性控制[J].微计算机信息,2006,22(7):153-155.
[25] Foo E, Boyd C, Caelli W, Dawson E. A Taxonomy of Electronic Cash Schemes[A]. In Proceedings of the 13th International Conference on Information Security[C], 1997.
[26] Okamoto T, Ohta K. Disposable Zero-knowledge Authentications and Their Applications to Untraceable Electronic Cash[A]. Advances in Cryptology-Crypto'89 [C], Springer-Verlag, 1990: 481-496.
[27] Chaum D, Pedersen T P. Wallet Databases with Observers[A]. Advances in Cryptology-Crypto'92 [C], Springer-Verlag, 1993: 89-105.
[28] Cramer R, Pedersen T P. Improved Privacy in Wallets with Observers[A]. Advances in Cryptology-EuroCrypto'93 [C], Springer-Verlag, 1994: 329-343.
[29] Ferguson N. Extensions of Single-term Coins[A]. Advances in Cryptology-Crypto'93 [C], Springer-Verlag, 1994: 292-301.
[30] Yacobi Y. Efficient Electronic Money[A]. Advances in Cryptology-AsiaCrypto'94 [C], Springer-Verlag, 1997: 153-163.
[31] Jarecki S, Odlyxko A. An Efficient Mocropayment System Based on Probabilistic Polling[A]. Financial Cryptography-FC' 97[C], Springer-Verlag, 1997:173-191.
[32] 陈恺,张玉清,肖国镇.基于概率验证的可分电子现金系统[J].计算机研究与发展,2000,37(6):752-757.
[33] Brands S. Electronic Cash on the Internet[A]. In Proceedings of the Internet Society 1995 Symposium on Network and Distributed System Security[C]. 1995, 2.
[34] Lysyanskaya A, Ramzan Z A. Group Blind Signature: A Scalable Solution to Electronic Cash[A]. Financial Cryptography-FC'98[C], Springei-Verlag, 1998: 184-197.
[35] Yiwen Liu, Weiqin Li, Dengguo Feng. A Security Model for Cryptogaphic Protocol[J]s. Journal of Software, 2003, 14 (6): 1148~1156.
[36] Hui-Feng Huang, Chin-Chen Chang. A New Design of Efficient Partially Blind Signature Scheme[J]. Journal of Systems and Software, 2004, 73 (3): 397-403.
[37] Fangguo Zhang, Xiaofeng Chen. Cryptanalysis of Huang-Chang Partially Blind Signature Scheme[J]. Journal of Systems and Software, 2005, 76 (3): 323-325.
[38] Xiaofeng Chen, Fangguo Zhang, Shengli Liu. ID-based Restrictive Partially Blind Signatures and Applications[J]. Journal of Systems and Software, 2007, 80 (2): 164-171.
[39] 王常吉,蒋文保.用限制性群盲签名构造电子现金系统[J].通信学报,2001,22(12):63-69.
[40] 张方国,张福泰,王育民.多银行电子现金系统[J].计算机学报,2001,24(5):455-462.
[41] 陈庆,叶妙,张益新.多银行的公正可分电子现金系统[J].计算机应用,2003,23(9):99-102.
[42] 张波,徐秋亮.成员可撤销的多银行电子现金系统[J].计算机工程应用,2006,13:178-181.
[43] Chaum D, Pedersen T P. Transferred Cash Grows in Size[A]. Advances in Cryptology-Crypto'92 [C], Springer-Verlag, 1993: 89-105.
[44] Van Antwerpen H. Electronic Cash[J]: Master's thesis, Centre for Mathematics and Computer Science, Amsterdam, 1990.
[45] 喻镝,张益新,祁明.离线电子现金系统中的“可分性”探析[J].计算机工程,2001,27(2):188-190.
[46] 纪美霞,任厚来等.一种安全的可分电子现金方案[A].2006年青岛市计算机学会论文集[C],2006:28-33.
[47] 陈晓峰,王育民.基于不可信赖托管者的公平电子现金[J].电子与信息学报,2002,24(11):1566-1572.
[48] 纪美霞.贾小珠.无可信第三方的可分电子现金方案[J].青岛大学学报(自然科学版),2007,20(1):63-67.
[49] Miller L. Riemann's Hypothesis and Tests for Primality[A]. In Proceedings of the 7th Annual ACM Symposium on the Theory of Computing[C], 1975: 234-239.
[50] Rabin O. Probabilistic Algorithms for Testing Primality[J]. Journal of Number Theory. 1980, 12: 128-138.
[51] 王育民,刘建伟.通信网的安全理论与技术[M],西安电子科技大学出版社,2002年5月(第1版),95-96.
[2] Chaum D, Fiat A, Naor M. Untraceable Electronic Cash[A]. Advances in Cryptology-Crypto' 88[C], Springer-Verlag, 1990: 319-327.
[3] Damgard B. Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals[A]. Advances in Cryptology-Crypto'88[C], Springer-Verlag, 1990: 328-335.
[4] Pfitzmann B, Waidner M. How to Break and Repair a Provably Secure Untraceable Payment System[A]. Advances in Cryptology-Crypto'91[C], Springer-Verlag, 1992: 338-350.
[5] Franklin M, Yung M. Secure and Efficient Off-line Digital Money[A]. In Proceedings of the 20th International Colloquium on Autmata, Languages and Programming[C], Springer-Verlag, 1993: 265-276.
[6] Brands S. Untraceable Off-line Cash in Wallets with Observers[A]. Advances in Cryptology-Crypto'93[C], German: Springer-Verlag, 1994: 302-318.
[7] Okamoto T, Ohta K. Universal Electronic Cash[A]. Advances in Cryptology-Crypto'91[C], German: Springer-Verlag, 1992: 324-337.
[8] Pailles J C. New Protocols for Electronic Money[A]. Advances in Cryptology-Au.sCrypto'92[C], LNCS718, Springer-Verlag, 1993: 263-274.
[9] Eng T, Okamoto T. Single-term Divisible Electronic Coins[A]. Advances in Cryptology-EuroCrypto'94 [C]. Berlin: Springer-Verlag, 1994: 306-319.
[10] Okamoto T. An Efficient Divisible Electronic Cash Scheme[A]. Advances in Cryptology-Crypto' 95 [C], German: Springer-Verlag, 1995:438-451.
[11] Frankel Y, Tsiounis Y, Yung M. Achieving Efficient Fair Off-line E-cash[A]. Advances in Cryptology-AsiaCrypto'96[C]. German: Springer-Verlag, 1996: 286-300.
[12] Camenisch J, Maurer U, Stadler M. Digital payment systems with passive anonymity-revoking trustees[A]. Computer Security Esorics'96[C]. LNCS 1146, Springer-Verlag, 1996: 33-43.
[13] Brickell F, Gemmell P. Kravitz D. Trustee-based Tracing Extensions to Anonymous Cash and the Making of Anonymous Change[A]. In Proceedings of the 6thACM-SIAM Symposium on Discrete Algorithms[C],ACM Press, 1995: 457-466.
[14] Stadler M, Piveteau J, Camenisch J. Fair Blind Signatures[A]. Advances in" Cryptology-EuroCrypto'95 [C]. Springer-Verlag, 1995: 209-219.
[15] David G. Frankel Y, Tsiounis Y, Yung M. Anonymity Control in E-cash Systems[A]. Financial Cryptography-FC' 97[C], German: Springer-Verlag, 1997: 1-16.
[16] 陈恺,胡子濮,肖国镇.可撤销匿名性的可分电子现金系统[J].西安电子科技大学学报(自然科学版),2001.28(1):57-61.
[17] 胡泽军.吴中福等.基于可信第三方的可撤销匿名性的公平可分电子现金系统[J].计算机应用研究,2004,10:96-99.
[18] 黄正全,张其善.一种高效公正的离线可分电子现金方案[J].计算机工程与设计,2004,25(11):1943-1945.
[19] Sander T, Ta-Shma A. Auditabte Anonymous Electronic Cash[A]. Advances in Cryptology-Crypto'99 [C]. German: Springer-Verlag, 1999: 555-572.
[20] Sander T. Auditable Membership Proof[A]. Financial Cryptography-FC'00[C]. German: Springer-Verlag, 2000: 53-71.
[21] Kulger D, Vogt H. Off-line Cash in Wallet with Observer[A]. Financial Cryptography-FC'2002 [C]. German: Springer-Verlag, 2002: 42-55.
[22] 李进,王燕鸣.一个可审计的离线电子现金方案[J].中山大学学报(自然科学版),2005,44(5):6-12.
[23] 李梦东,杨义先.无可信第三方的离线电子现金匿名性控制[J].电子学报,2005,33(3):456-458.
[24] 刘文远,刘宏有.基于角包访问控制的无可信第三方可扩展匿名性控制[J].微计算机信息,2006,22(7):153-155.
[25] Foo E, Boyd C, Caelli W, Dawson E. A Taxonomy of Electronic Cash Schemes[A]. In Proceedings of the 13th International Conference on Information Security[C], 1997.
[26] Okamoto T, Ohta K. Disposable Zero-knowledge Authentications and Their Applications to Untraceable Electronic Cash[A]. Advances in Cryptology-Crypto'89 [C], Springer-Verlag, 1990: 481-496.
[27] Chaum D, Pedersen T P. Wallet Databases with Observers[A]. Advances in Cryptology-Crypto'92 [C], Springer-Verlag, 1993: 89-105.
[28] Cramer R, Pedersen T P. Improved Privacy in Wallets with Observers[A]. Advances in Cryptology-EuroCrypto'93 [C], Springer-Verlag, 1994: 329-343.
[29] Ferguson N. Extensions of Single-term Coins[A]. Advances in Cryptology-Crypto'93 [C], Springer-Verlag, 1994: 292-301.
[30] Yacobi Y. Efficient Electronic Money[A]. Advances in Cryptology-AsiaCrypto'94 [C], Springer-Verlag, 1997: 153-163.
[31] Jarecki S, Odlyxko A. An Efficient Mocropayment System Based on Probabilistic Polling[A]. Financial Cryptography-FC' 97[C], Springer-Verlag, 1997:173-191.
[32] 陈恺,张玉清,肖国镇.基于概率验证的可分电子现金系统[J].计算机研究与发展,2000,37(6):752-757.
[33] Brands S. Electronic Cash on the Internet[A]. In Proceedings of the Internet Society 1995 Symposium on Network and Distributed System Security[C]. 1995, 2.
[34] Lysyanskaya A, Ramzan Z A. Group Blind Signature: A Scalable Solution to Electronic Cash[A]. Financial Cryptography-FC'98[C], Springei-Verlag, 1998: 184-197.
[35] Yiwen Liu, Weiqin Li, Dengguo Feng. A Security Model for Cryptogaphic Protocol[J]s. Journal of Software, 2003, 14 (6): 1148~1156.
[36] Hui-Feng Huang, Chin-Chen Chang. A New Design of Efficient Partially Blind Signature Scheme[J]. Journal of Systems and Software, 2004, 73 (3): 397-403.
[37] Fangguo Zhang, Xiaofeng Chen. Cryptanalysis of Huang-Chang Partially Blind Signature Scheme[J]. Journal of Systems and Software, 2005, 76 (3): 323-325.
[38] Xiaofeng Chen, Fangguo Zhang, Shengli Liu. ID-based Restrictive Partially Blind Signatures and Applications[J]. Journal of Systems and Software, 2007, 80 (2): 164-171.
[39] 王常吉,蒋文保.用限制性群盲签名构造电子现金系统[J].通信学报,2001,22(12):63-69.
[40] 张方国,张福泰,王育民.多银行电子现金系统[J].计算机学报,2001,24(5):455-462.
[41] 陈庆,叶妙,张益新.多银行的公正可分电子现金系统[J].计算机应用,2003,23(9):99-102.
[42] 张波,徐秋亮.成员可撤销的多银行电子现金系统[J].计算机工程应用,2006,13:178-181.
[43] Chaum D, Pedersen T P. Transferred Cash Grows in Size[A]. Advances in Cryptology-Crypto'92 [C], Springer-Verlag, 1993: 89-105.
[44] Van Antwerpen H. Electronic Cash[J]: Master's thesis, Centre for Mathematics and Computer Science, Amsterdam, 1990.
[45] 喻镝,张益新,祁明.离线电子现金系统中的“可分性”探析[J].计算机工程,2001,27(2):188-190.
[46] 纪美霞,任厚来等.一种安全的可分电子现金方案[A].2006年青岛市计算机学会论文集[C],2006:28-33.
[47] 陈晓峰,王育民.基于不可信赖托管者的公平电子现金[J].电子与信息学报,2002,24(11):1566-1572.
[48] 纪美霞.贾小珠.无可信第三方的可分电子现金方案[J].青岛大学学报(自然科学版),2007,20(1):63-67.
[49] Miller L. Riemann's Hypothesis and Tests for Primality[A]. In Proceedings of the 7th Annual ACM Symposium on the Theory of Computing[C], 1975: 234-239.
[50] Rabin O. Probabilistic Algorithms for Testing Primality[J]. Journal of Number Theory. 1980, 12: 128-138.
[51] 王育民,刘建伟.通信网的安全理论与技术[M],西安电子科技大学出版社,2002年5月(第1版),95-96.