針對建置一個安全且便利的電子交易系統,本論文提出離散式的電子支票付費系統,此系統的特點在於完全依照傳統支票交易流程的考量設計電子支票系統,此設計最主要的目的為讓使用者不需重新適應新的付款機制,而能就習慣性的交易方式進行原有的商業貿易行為。在雛形系統的實作方面,本系統分為銀行指標伺服器(Echeck Pointer Server,EPS)、認證中心(CA server ,CA)、使用者交易機制(User Transaction Mechanism,UTM)及資料庫等四個部份。使用者交易機制包括一個相似於傳統支票的介面系統及數個管理支票簽章的工具,其中包含了簽章的產生、儲存與備份等功能。在認證中心方面,僅實做出一個提供公開金匙(Public Key)的查詢與分送機制,並無實作一個完整的憑證中心。銀行指標伺服器,即為本論文所提伺服器端交易協定之實作,主要是以Five-Way Handshaking的機制來達到杜絕重複使用與不可否認的目的。此外,在簽章的安全性方面,本系統採用離散式的ElGamal簽章方式來代替使用較為廣泛的RSA簽章,此項變更最主要的優點在於可以產生無限多組“明文/簽章文”對,藉以達到更高的安全性。在資料庫部分,則採用關聯式資料庫管理系統來實作電子支票之儲存、擷取與查詢等功能。
In order to perform a safe and convenient electronic payment system, we develop a probability-based electronic cheque payment system, which is wholly designed through the business transaction of traditional check for the purpose of letting users to avoid not only repeatedly adapting to the new payment mechanism, but also to proceed with the original business behavior in their habitual business transaction. On implementation of a prototype, we divide the system into four parts:Echeck Pointer Server(EPServer), Certification Authority Server(CAServer), User Transaction Mechanism(UTMechanism), and Database. The UTMechanism includes an interface being similar to the traditional check interface, and several instruments, including the production, storage, and backup of signatures, to manage check signatures. On the CAServer, instead of implementing a complete certification authority, we only carry out a query mechanism and a sending mechanism to offer the Public Key. EPServer is the implementation of the server transaction protocol, which we’ve mentioned in this thesis. We use a five-way handshaking mechanism to achieve the purpose of precluding the reuse and non-repudiation. In addition, the safety of this system is governed by the ElGamal signature rather than the broadly used RSA signature on account of that we can produce infinite “Plaintext/Signature” pairs to promote the better safety. Finally, we use the relational database management system to implement the database, which has the functions of electronic check in storage, collection, and query, etc.