【作者】 杨加喜；

【导师】 王育民；

【作者基本信息】 西安电子科技大学 ， 密码学， 2008， 博士

【摘要】 电子拍卖是最重要的电子商务应用之一,精心设计的电子拍卖系统可以实现资源的最优分配,提供公开、公平和公正的经济交易环境,这对我国的经济发展特别是电子商务的健康发展具有重要现实意义,而且有助于建立社会信用机制;同时,电子拍卖涉及到多种网络和信息安全技术,这些技术不仅可以用于电子拍卖,也可以用于其它电子商务和电子政务。电子拍卖的安全研究对网络与信息安全的研究也有重要意义。本文主要通过使用密码学中一些基本常用工具(数字签名、Hash函数、秘密共享和零知识证明等)对安全电子拍卖进行系统的研究和设计。本文的主要研究成果如下:1.结合零知识证明协议,给出了一个新的高效的匹配协议,证明了协议是语义安全的,协议是高效的,计算复杂性和通信复杂性都为O(1);并利用该匹配协议,提出了一种安全电子拍卖方案,可达到最小泄漏,泄漏的只是中标价,其余标价及其相互关系在任何勾结情况下都是保密的,而且,标价的正确性可以公开验证。2.应用二次剩余理论对RSA中Z n?的代数结构进行了研究;基于RSA函数,给出了一个M+1电子拍卖方案,实现投标者的身份匿名,任何投标者不能否认所投的标书,未中标价不会被泄露,执行开标算法至多需要p轮交互,至多2 p log2t次模乘法运算,计算量与投标者的数量无关,方案安全、高效。3.提出一种公平安全、简单高效的可公开验证电子拍卖方案,采用较多的对称加解密代替公钥体制加解密,大大提高了效率,克服了第三方和恶意投标者勾结,使恶意投标者以一个最优价赢得投标的缺陷,体现了拍卖的公平性,可以保护投标者的匿名身份,所有投标价可以公开验证。4.基于Hash链,提出了一种简单的电子拍卖协议,创建一条Hash链,把链的根和随机数的Hash值一次提交到拍卖中心,实现标价的匿名性,在计算效率和通信效率上有显著提高。5.利用签名技术和位承诺协议,提出了一个安全高效的M+1电子拍卖协议,协议不仅保证了标价的保密性和可验证性,投标者对所投标价的不可否认性和匿名性,而且保证了在整个拍卖过程中,无人可以操纵其他人的投标,即使某一投标者与拍卖代理相互勾结,也不会影响协议的安全性和有效性。更多还原

【Abstract】 Electronic auction is one of the most important application of e-commerce. Well-designed electronic auction system can achieve optimal allocation of resources, and provide an open, fair and just trading environment for the economy, which has important practical significance to Chinese economic development, especially the healthy development of e-commerce, and is also conducive to the establishment of social credit mechanisms. Meanwhile, electronic auction involves the application of a variety of network and information security technologies that not only can be used for electronic auction, can also be used for other e-commerce and e-government activities. Research on security of electronic auction also has great significance to study of network and information security. In this thesis, through the use of some basic cryptography tools(digital signature, Hash function, secret sharing and zero-knowledge proof, and so on), the systemic research and design of secure electronic auction is carried out. The main research results are as follows:1. A new efficient match protocol is presented, which is of semantic security and also highly efficient. The complexity of computation and communication are both O (1). Taking advantage of the new match protocol, a secure electronic auction scheme is proposed. The scheme can minimize leakage. The only leakage is the selling price while the other bids and their relation keep confidential in any collusion. The correctness of bids can be publicly verified.2. The algebra structure of Z n? in RSA arithmetic is researched . A new (M+1)-st electronic auction scheme based on the RSA function is presented, which preserves losing bids and bidders’s anonymous identities. No bidder can repudiate his or her bid. In the scheme , opening bids requires at most p rounds of interactions and 2 p log2t modular multiplications where p is the range of bids and t is the RSA public-key. The computational cost is independent of the number of bidders. The scheme is secure and highly efficient.3. A fair and efficient secure electronic auction scheme is presented, which is simple and can be publicly verified. The scheme adopts more symmetric encryption/decryption instead of public key cryptosystem which makes the scheme more efficient.The scheme overcomes the drawback that the third party conspires with a malicious bidder so that he can win the auction with an optimal bidding price, and then provides fairness. The scheme preserves losing bids and bidders’s anonymous identities. No bidder can repudiate his or her bid and all the bidding prices can be publicly verified.4. A simple electron auction scheme based on hash chain is presented, with constructing a hash chain, and root of the chain and hash value of the random number submitted to the auctioneer by only one time. The scheme preserves losing bids and bidders’s anonymous identities. Its efficiency is distinctly improved in computation and communication.5. A secure and efficient (M+1)-st auction protocol is designed. Using the digital signature technology and bit commitment protocol, it not only guarantees the non-repudiation and anonymity of bidders, but also ensures that nobody can manipulate others in the whole auction. And also , this protocol achieves properties of bid secrecy and verifiability. Even when malicious bidders collude with auctioneers, it is still secure and valid.更多还原