行動條碼(QR Code)具有系統架構開放、條碼標籤易於產生、複製、抗污損等優點,加上建置成本低廉與設備普及,在各個商務層面中被廣泛應用。由於條碼標籤規格開放且易於產生與複製等之特點,在防偽的機制上並無健全的機制。有鑑於此,本研究提出行動條碼整合NTRU公開金鑰密碼系統之防偽機制,其特點除可滿足行動通訊裝置與行動條碼之需求外,亦可將研究延伸至各項資訊安全防護。與其它非對稱式密碼系統比較之下,NTRU具有金鑰短、產生速度快與加解密速度高的優點,也是在理論上可以有效抵擋未來”量子計算機”攻擊之密碼系統。在國內目前此一方面的研究者很少,因此本研究將對NTRU做深入的探討。本論文之貢獻,將可對行動商務之付款流程建立一個有效且安全的機制,透過本論文所提出之方法,能夠將二維條碼的應用範圍更加擴大,也避免傳統交易方式的風險,讓顧客與供應商可以更迅速更安全地完成每一筆交易,有助於未來行動商務的推廣,更能加強使用者對行動商務的信賴感。研究方法方面,將著重在NTRU理論之研究、行動條碼應用與偽冒攻擊上,進而評估應用於行動商務方面上的效益。實證方面,將NTRU公開金鑰密碼系統與行動條碼作結合,發展系統雛型。
Barcode is operated on a well-established open system. The tags can be generated and copied easily and cheaply, so it is widely used in a variety of business sectors, also in mobile commerce. Since the tag specifications are open to the public and the tags can be read easily, the mechanism in the security mechanism is not perfect. Therefore, we suggest using NTRU encryption in barcode system to enhance security in mobile applications. It is expected to encourage mobile commerce. Compared to other asymmetric encryption systems, NTRU has the advantages of shorter key, speeder computation and higher security. It can even resist the attacks from future quantum computers. NTRU is seldom researched inlands; our study will help to better understand the system. Contribution of this paper will be on mobile commerce payment process to establish an effective and safe mechanism. Through the methods proposed in this paper, two-dimensional bar code can further expand its scope of applications. It can also avoid the risks in trading, so that customers and suppliers can complete their transactions more quickly and safely. It will help promote future business operations, by enhancing the trust of users in e.g. mobile business. On research methods, we focus on the study in NTRU theory, QR code applications, and compromise attacks. We will implement a prototype based on the NTRU public key cryptosystem integrated in QR code. and assess the effectiveness of using such a mechanism in mobile commerce.