隨著網路的興起，各式各樣的服務開始在網路中蓬勃發展，交易也不例外。使用者可以線上購物網站逛街，也可以在競標拍賣系統上與其他使用者競標想要的商品。我們調查了近年來以英國式拍賣法為主的研究，他們都必須仰賴受信任的拍賣者來阻止惡意的投標者破壞拍賣會的公平性，但是並沒有討論如何因應拍賣者與投標者之間相互勾串。對此提出一套新的拍賣會架構，分為使用者註冊、拍賣會初始化、競標、結標四個階段。在競標階段中包含一個四步驟的投標協定，可以避免競標系統與使用者勾串的情形。除此之外，拍賣者用雜湊鏈儲存投標訊息，並且持續更新在公佈欄上，任何人都可以存取並稽核整個競標過程。

With the rise of the Internet, a wide range of services began to flourish, transaction is no exception. Users are able to go shopping in front of their devices, or bid on the goods they loved with others. We investigate recent researches about English auction and find out that their architecture always exists a trusted component to keep the impartiality in bidding procedure. We propose an English auction framework which can avoid collusion between the auctioneer and bidders by a four-step handshake bidding protocol which will encrypt the identity of bidder and bid price then decrypt after auctioneer publish the bid is committed.

[1] Vijay Krishna. “Auction theory,” Academic press, 2009.
[2] “eBay,” http://www.ebay.com/
[3] “Yahoo 拍賣,” https://tw.bid.yahoo.com/
[4] “蘇富比,” http://www.sothebys.com/
[5] “BID Now,” http://www.sothebys.com/en/auctions/watch-live.html
[6] Leslie Lamport. “Password authentication with insecure communication,” Communications of the ACM 24.11 (1981): 770-772.
[7] “RFC 791,” https://tools.ietf.org/html/rfc791
[8] Jianying Zhou, and Dieter Gollman. “A fair non-repudiation protocol,” IEEE, 1996.
[9] Stuart G. Stubblebine and Paul F. Syverson. “Fair on-line auctions without special trusted parties,” Financial Cryptography. Springer Berlin Heidelberg, 1999.
[10] Nicolás González-Deleito and Olivier Markowitch. “An optimistic multi-party fair exchange protocol with reduced trust requirements,” International Conference on Information Security and Cryptology. Springer Berlin Heidelberg, 2001.
[11] Kazumasa Omote and Atsuko Miyaji. “A practical English auction with one-time registration,” Information Security and Privacy. Springer Berlin Heidelberg, 2001.
[12] Byoungcheon Lee, Kwangjo Kim, and Joongsoo Ma. “Efficient public auction with one-time registration and public verifiability,” Progress in Cryptology—INDOCRYPT 2001. Springer Berlin Heidelberg, 2001. 162-174.
[13] Tzer-Shyong Chen. “An English auction scheme in the online transaction environment,” Computers & Security 23.5 (2004): 389-399.
[14] Mamata Jenamani, Yuhui Zhong, and Bharat Bhargava. “Cheating in online auction–Towards explaining the popularity of English auction,” Electronic Commerce Research and Applications 6.1 (2007): 53-62.
[15] Yu Fang Chung, Kuo Hsuan Huang, Hsiu Hui Lee, Feipei Lai, and Tzer Shyong Chen. “Bidder-anonymous English auction scheme with privacy and public verifiability,” Journal of Systems and Software 81.1 (2008): 113-119.
[16] Yu-Fang Chung, Yu-Ting Chen, Tzer-Long Chen, and Tzer-Shyong Chen. “An agent-based English auction protocol using Elliptic Curve Cryptosystem for mobile commerce,” Expert Systems with Applications 38.8 (2011): 9900-9907.
[17] Hu Xiong, Zhong Chen, and Fagen Li. “Bidder-anonymous English auction protocol based on revocable ring signature,” Expert Systems with Applications 39.8 (2012): 7062-7066.
[18] Chin-Chen Chang, Ting-Fang Cheng, and Wei-Yi Chen. “A novel electronic English auction system with a secure on-shelf mechanism,” Information Forensics and Security, IEEE Transactions on 8.4 (2013): 657-668.
[19] Tzong-Chen Wu, Tzuoh-Yi Lin, Tzong-Sun Wu, and Han-Yu Lin. “Efficient English auction scheme without a secure channel,” Int. Arab J. Inf. Technol. 12.3 (2015): 246-252.
[20] Gwan-Hwan Hwang, Yi-Ling Yuan, and Chi Wu-Lee. “Cryptographic Accountability for Service-Oriented-Architecture Systems,” IEEE Transactions on Service Computing (2016) (In Revision)
[21] “JSON Web Token,” https://jwt.io/
[22] “Hop,” https://en.wikipedia.org/wiki/Hop_(networking)
[23] “POSIX,” https://en.wikipedia.org/wiki/POSIX
[24] “Amazon EC2,” https://aws.amazon.com/tw/ec2/