对一种电子支付协议的改进

随着电子商务在全球的迅猛发展,电子商务的安全问题日益受到人们的关注。安全的电子商务协议是确保电子商务活动可靠开展的基础,其中不可否认性和公平性则是电子商务协议的两个重要安全需求。介绍了Bolignano电子支付协议,对其不可否认性和公平性进行了分析,发现了协议在公平性方面存在不足,并通过引入ftp传送的思想,对协议进行了改进。最后本文通过严格的协议形式化分析,证明了改进后的协议满足不可否认性和公平性。     

A New Proxy Signature Scheme with Message Recovery Using Self-Certified Public Key

A proxy signature scheme with message recovery using self-certified public key is proposed, which withstands public key substitution attacks, active attacks, and forgery attacks. The proposed scheme accomplishes the tasks of public key verification, proxy signature verification, and message recovery in a logically single step. In addition, the proposed scheme satisfies all properties of strong proxy signature and does not use secure channel in the communication between the original signer and the proxy signature signer.     

一个公平的反拒认协议

在电子证据的基础上提出了一个新的公平的反拒认协议,它具有效率高、实用性强的特点,高效地解决了收发双方拒认问题.     

A New Forward-Secure Authenticated Encryption Scheme with Message Linkages

Yoon and Yoo recently proposed a robust authenticated encryption scheme and claimed their scheme has the properties of forward secrecy and confidentiality. The current paper, however, points out that Yoon-Yoo＇s scheme also can not provide forward secrecy and confidentiality such that any adversary can easily recover the transferred message. Based on intractability of reversing the one-way hash function and discrete logarithm problem, an improved authenticated encryption scheme with messages linkage is proposed. The above security faults get solved perfectly. The new scheme is proven to satisfy all the basic security requirements of the authenticated encryption scheme. And by the concrete comparison, it has the similar efficiency of the original scheme.     

一种基于恶意主体的通用公平交换协议

在公平交换协议中,无可信第三方的协议不能实现较充分的公平性,离线可信第三方协议在恶意主体的情况下仍需第三方的介入,且效率大大降低.另外,现有的公平交换协议大多针对特定项的交换,通用性不强.针对以上不足,采用低负荷在线第三方的方法,提出了一种基于恶意主体的通用公平交换协议,并给出了可能影响协议公平性的各种属性分析.分析结...     

一种基于RSA的混合签密方案

研究了RSA签密技术.基于Coron的通用填充方法,提出了一种使用RSA的混合签密方案RSA-HS.基于RSA问题的困难性假设,可以证明该方案在随机预言(RO, Random Oracle)模型下是安全的.仿真结果表明:该方案能签密任意长度的消息,以一种简单的方式提供不可否认性,并且其通信开销仅为一个RSA模长.在消息恢复带宽方面,该方案明显优于传统的StE方案.     

一个新的代理签名方案的设计

在Shum和V ictor研究的基础上,提出了一个保护代理签名者隐私的强代理签名新方案,这个方案不要求在原始签名人和代理签名人之间保持一个安全的信道,任何一个恶意的攻击者都不可以通过截取代理授权信息来伪造代理签名者的签名.并且这个方案能够满足强不可伪造性和强不可否认性.     

基于可验证秘密分享的移动代理安全支付协议

移动代理的安全问题是移动代理技术面临的一个很大障碍,为保护移动代理支付时的信息安全,采用Pedersen可验证秘密分享方案,设计了一个基于移动代理技术的安全支付协议．文中详细分析和讨论了协议的性能,包括安全性、不可否认性以及协议的运行效率．结果表明,和已有的方案相比,该协议在保证具有合适运行效率的同时,弱化了已有方案的安全执行条件,增加了系统的安全性和灵活性,因此具有更好的应用价值。     

An Improved Non-Repudiation Protocol and Its Security Analysis

This paper proposes an improved non-repudia-tion protocol after pointing out two attacks on an existing non-repudiation protocol. To analyze the improved protocol,it also proposes an extension of Kailar logic. Using the extended Kailar logic, the security analysis of the improved protocol has been presented.     

Accountability Analysis of Electronic Commerce Protocols by Finite Automaton Model

The accountability of electronic commerce protocols is an important aspect to insures security of electronic transaction. This paper proposes to use Finite Automaton(FA) model as a new kind of framework to analyze the transaction protocols in the application of electronic commerce.