在現在的社會中,網際網路與電子化的發明,使得電子商務越來越受到歡迎。進行交易的方式已經越來越方便,而無線電射頻辨識與電子現金在電子商務應用中扮演了重要的角色。然而,電子資料在傳輸過程中容易被攔截以及竄改。因此,為了安全的傳輸資料,制訂一套安全的協定或系統是非常的重要的。 本篇論文中,我們提出一個有關於無線電射頻辨識安全驗證的研究和一個安全電子現金系統的研究。在第一個研究中,我們指出現行無線電射頻辨識安全驗證方法中的弱點,提出一個符合EPC Class 1 Generation 2 這個標準的驗證協定。而此驗證協定不只可以抵抗存在於無線電射頻辨識系統的安全威脅,更可以應用在任何的無線電射頻辨識的系統中。另外,在第二個研究中,我們利用了祕密分享跟橢圓曲線密碼學提出一個在雲端環境中的電子現金系統,根據分析的結果顯示。跟許多已存在的研究相比,我們的系統具備了低成本以及安全性。
With the development of the Internet and technology in today society, e-commerce has become increasingly popular. The ways for carrying out transactions have become more and more convenient as well. Radio-frequency identification (RFID) and e-cash play important roles of e-commerce. However, sharing electronic data during transmissions makes it easy for malicious attackers to eavesdrop on, tamper with, or duplicate the information shared. Hence, creating a secure protocol or system is critical. In this thesis, we propose research to study RFID secure authentication and an e-cash system. In the first study, we point out the weaknesses of recent works and propose an improved RFID authentication protocol that conforms to the Electronic Product Code (EPC) Class 1 Generation 2 standard. Our protocol is not only able to defend against various security threats existing in RFID systems, but is also suitable for any RFID systems. In the second study we propose a new, secure e-cash payment system using elliptic curve cryptosystem (ECC) and secret sharing combined with cloud computing in the second study. According to the results of our analysis, our system requires a lower cost than previous systems while achieving the secure requirements.