两个公正电子支付系统的安全缺陷及其改进.docxVIP

两个公正电子支付系统的安全缺陷及其改进 3铤1 , 于秀源2 ,康2吴陈(11 杭州电子工业学院 , 浙江 杭州 310037 ; 2 . 杭州师范学院 , 浙江 杭州 310014)摘要 : 综述离线电子支付系统的研究成果以及安全性要求 ,分析了陈恺及王常吉等人提出的基于 Brands 体制的两个公正电子支付系统的安全性 ,指出其中存在的安全缺陷 : Chen 体制存在的问题是一方面当用户能够破坏防窜扰卡时 ,银行无法追查重复使用同一货币的用户而必须借助可信的第三方 ;另一方面用户可以单独完成取款和支付协议 ,而不需要防窜扰卡的协助 。Wang 体制用户可欺骗同时该体制所使用的盲签名是错误的 。同时提出了相应的改进方案 ,并提出了相应的改进方案 。关键词 : 支付系统 ; 电子钱包 ; Brands 体制 ; 可撤销匿名性中图法分类号 : TP309文献标识码 : A文章编号 : 100123695 (2002) 1220064203Security Limits of Two Fair Payment Systems by Electronic WalletWU Ting1 , YU Xiu2yuan2 , CHEN Kang2( 1. Hangzhou Institute of Electronics Engineering , Hangzhou Zhejiang 310037 , China ; 2. Hangzhou Teacher’s College , Hangzhou Zhejiang 310014 , China)Abstract : In this thesis we summarize the achievements of secure anonymous off2line E2Cash up to now , and we show the security limits of two fair payment systems proposed by Chen Kai and Wang Chang2Ji . In Chen’s system , bank cannot identify the double2spender without Trustee ifthe customer can break the electronic wallet , meanwhile customer can withdraw the E2cash from the bank and pay it by himself without the co2 operation of the electronic wallet . In Wang’s system , the customer can cheat the bank in the withdrawal protocol if he does not show the con2 struction of his account . In the same time , the blind signature scheme used in Wang’s system is wrong that is the signature gotten by the cus2tomer is not valid. Meanwhile , we present modified systems as follows , which secures these schemes against our attacks. In the payment ofChen’s system , the customer must provide SPK{α:A2 = gα ∧A = hα} . The security limitation of Wang’s system can be overcome if the bank2 3 Cgives I 3 = IxB = (Ao Iu) xB to the customer in setup protocol and the customer uses z = I 3 hs h instead of z = hu1 hs h .2 3Key words : Payment System ; Electronic Wallet ; Bands System ; Anonymity Revocation1 2 3求1: (1) 不可重复使用 (Unreusability) 。当同一个电子1引言随着数字化进程的不断深入 ,电子商务正在成为研货币被 重 复 使