两个公正电子支付系统的安全缺陷及其改进

Security Limits of Two Fair Payment Systems by Electronic Wallet

综述离线电子支付系统的研究成果以及安全性要求,分析了陈恺及王常吉等人提出的基于Brands体制的两个公正电子支付系统的安全性,指出其中存在的安全缺陷:Chen体制存在的问题是一方面当用户能够破坏防窜扰卡时,银行无法追查重复使用同一货币的用户而必须借助可信的第三方;另一方面用户可以单独完成取款和支付协议,而不需要防窜扰卡的协助。Wang体制用户可欺骗同时该体制所使用的盲签名是错误的。同时提出了相应的改进方案,并提出了相应的改进方案。

In this thesis we summarize the achievements of secure anonymous offline ECash up to now, and we show the security limits of two fair payment systems proposed by Chen Kai and Wang ChangJi. In Chen's system, bank cannot identify the doublespender without Trustee if the customer can break the electronic wallet, meanwhile customer can withdraw the Ecash from the bank and pay it by himself without the cooperation of the electronic wallet. In Wang's system, the customer can cheat the bank in the withdrawal protocol if he does not show the construction of his account. In the same time, the blind signature scheme used in Wang's system is wrong that is the signature gotten by the customer is not valid. Meanwhile, we present modified systems as follows, which secures these schemes against our attacks. In the payment of Chen's system, the customer must provide SPK{α:A2=gα2∧A3=hαC}. The security limitation of Wang's system can be overcome if the bank gives I*=IxB=(AoIu)xB to the customer in setup protocol and the customer uses z=I*hs2h3 instead of z=hu11hs2h3.