TW545021B - A method for prohibiting transacting parties from subsequently repudiating an executed transaction with trusted third party - Google Patents

A method for prohibiting transacting parties from subsequently repudiating an executed transaction with trusted third party Download PDF

Info

Publication number
TW545021B
TW545021B TW89120395A TW89120395A TW545021B TW 545021 B TW545021 B TW 545021B TW 89120395 A TW89120395 A TW 89120395A TW 89120395 A TW89120395 A TW 89120395A TW 545021 B TW545021 B TW 545021B
Authority
TW
Taiwan
Prior art keywords
sub
recipient
encrypted
sender
key
Prior art date
Application number
TW89120395A
Other languages
Chinese (zh)
Inventor
Chunru Zhang
Ming Cai
Original Assignee
Ecomxml Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ecomxml Inc filed Critical Ecomxml Inc
Application granted granted Critical
Publication of TW545021B publication Critical patent/TW545021B/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Storage Device Security (AREA)

Abstract

A protocol for prohibiting non-repudiation by transacting parties involved in an executed electronic transaction, whereby a trusted third party is responsible for ensuring non-repudiation. In this protocol, a sender uses a secret sharing technology to divide the original session key into a first sub-session key and a second sub-session key. The first and second sub-session keys must be combined into the original session key in order for a recipient to decrypt a product that is encrypted with the original session key. The sender includes the first sub-session key that is encrypted with a recipient's public key and an encrypted product in a first message. Then the sender transmits the first message to the recipient. The recipient uses the first message as evidence of non-repudiation of origin, i.e., evidence of non-repudiation that the sender sent the transaction. The recipient transmits, to the sender, a second message requesting the second sub-session key. The sender may use the second message as evidence of non-repudiation of receipt, i.e., evidence of non-repudiation that the recipient received the transaction. Thereafter, the sender includes the second sub-session key which is encrypted with the trusted third party's public key in a third message that is forwarded to the trusted third party. The trusted third party decrypts the third message to retrieve the second sub-session key and then re-encrypts the second sub-session key with the recipient's public key. The trusted third parry includes the re-encrypted second sub-session key in a fourth message and publishes the fourth message on the trusted third party's web site where the recipient is responsible for retrieving i.e., This protocol therefore ensures non-repudiation of origin and non-repudiation of receipt without reliance on the trustworthiness of one of more transacting panics. Furthermore, by involving the trusted third party in minimal transaction processing, i.e., only non-repudiation processing, the responsibility and liability of die trusted third party is reduced, thereby reducing the cost associated with trusted third parties in electronic transactions.

Description

545021545021

經濟部智慧財產局員工消費合作社印製 五、發明說明()1 &lt;發明之技術領域Field of the Invention〉 本發明係有關一種確保經由電腦網路執行電子商務交 易過程之安全性的應用協定,尤其是,此應用協定可防止 交易者事後拒絕履行已執行之交易。 〈發明之技術方景 Background of the Invention &gt; 以電子資料交換方式所形成的電子商務,最早是應用 於某些特定產業中企業體的内部商業往來。從事電子資料 交換的企業體使用一種結合了專用通訊線路、撥號連結、 主機終端仿真及接卡箱轉換數據網路的技術且他們通常依 賴加值網路提供者所提供的服務。加值網路服務的提供者 依例地提供數據通訊服務,並協助產業/客戶在此範圍内 處理軟體配置、安全、稽查、交易追蹤、及修復失蹤數據 等問題。加值網路服務所產生的相關費用往往迫使從事短 期及少量交易的企業體與個人無法從事電子商務。 在電子交易真正發生之前,從事加值網路服務的交易 者通常需要數週的預備期來準備。這樣的預備期基本上包 括技術與行政上應用協定的石差商及法律同意書的簽署。電 子交易者的交易關係往往建立於彼此熟識的商業夥伴的長 期與大量交易。這種關係基本上對於使用加值網路服務所 產生的高額費用是值得的。然而,網際網路的發跡減少了 對加值網路服務的需求’也因而促使短期交易者能從事電 子商務。 現今的網際網路能有效地提供買方及賣方間交易商品 4、 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公爱) #裝 ^----訂------ (請先閱讀背面之注意事項再填寫本頁) 畢· 545021 &lt;1 A7 五、發明說明()2 或服務的方法。例如,網際網路使用者能利用電子郵件作 為快速洽談商業契約的工具、販賣者可利用網站使其他販 買者或個人在不需建立長期關係的情況下,在線上向其他 販貝者購貝商品。然而,由於網際網路的開放性,他人能 輕易地在全球的網路上攔截或操縱交易,甚至更進一步的 威脅電子父易的安全。隨著網際網路的電子交易量日漸增 多’電子交易的安全性也成為越來越重要的課題。 為了保障電子商務系統中每個電子資料交換信息的安 全性,首先必須滿足保全要件如機密性、完整性、真實性、 授權及不可否認性等。許多電腦系統利用密碼機制來控制 資料的存取。在這些系統中,每個使用者基本上都有自己 的密碼,此密碼是保密的,使用者必須鍵入此密碼,方可 進入電腦系統取得被保護的資料。此方案在使用者的密碼 不會被洩露給他人的傳統電腦系統下,運作的不錯。然而, 在網路中,特別是當連結網路的任一台電腦能在任一路由 點下載整個網路資料往來的狀況下,簡單的密碼機制就變 得手可破了。如果使用者在任一位置透過網路傳送密碼 至另一位置的另一台電腦,潛入電腦網路的他人便能取得 密碼的備份。因此,為了確保電子交易中信息内容在被潛 入的狀態下仍能保持隱密,信息便必須被加密才行。 加密術,本質上來說,就是攪合信息,使唯有目標收 信者才能解密,進而符合保密的要件。因此,擷取加密信 息備分的他人便無法從加密信息中解讀資料。這就是多種 密碼術科技誕生的原因。舉例而言,對稱金鑰加密演算法 本紙張尺度適用中國國家標準(CNS)A4規格(2】0 X 297公釐) 裝-----Γ---訂---------線 (請先閱讀背面之注意事項再填寫本頁) 545021 經濟部智慧財產局員工消費合作社印剩r A7 五、發明說明()3 或機密金錄密碼術便已發展至可滿足保密要件的程度。此 項加密演算法使寄件者能用機密金鎗以無法辨識的密碼對 七息加密,而唯有收件者才有相同的隱密金鑰能解密此 加密信息。 為了滿足完整性的要件,雜湊函數便可製造出信息完 整性檢驗,使信息的收件者能決定其完整性。大體上而言, 密碼術雜凑機制暨公開金餘密碼術,能將信息編碼產生信 息鑑別碼,使他人無法破壞或編造。因此,唯有收信者能 用此相同的雜湊函數來檢查此信息是否已具危害性,同時 也能確認信息是否來自真正的寄件者。 包含了-對金錄的-數位簽章機制,也能被用來鑑別 信息寄件者。寄件者使用只有自己知道的一對金餘中任一 金錄在信息上簽章,例如,寄件者的私密金餘。收件者用 此對金錄中的另-個金餘,例如,寄件者的公開金餘來確 認此信息。因為只有寄件者才有私密金錄,收件者可知道 是誰寄的信息。為確保此信息不被複製,或不是稍後才被 重新寄送的,原始信息可能必須包含日期或時間的印記, 思即,彳5息被繕寫的日期及時間。控制誰對每一資料有責 任以及此責任如何被交付給他人便可滿足了真實性的要 件。儘管電子商務的技術曰漸進步,一交易者在事後仍可 否認在-個或整個交易行為中,曾寄發或接收過任何信 息。用以防止-個或多個交易者事後否認已執行的交易的 應用協疋,便必須滿足不可否認性的要件。 此不可否認性的要件可說是一種通訊特質,它能防止 -6 - 本紙張尺度適用中關家標準(CNS)A4規格(21G X 297公爱)-----Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs V. Invention Description (1) Field of the Invention This invention relates to an application agreement for ensuring the security of electronic commerce transactions performed through computer networks. In particular, this application agreement prevents a trader from subsequently refusing to perform an executed transaction. <Background of the Invention &gt; Electronic commerce formed by electronic data exchange was first applied to the internal business transactions of enterprises in certain industries. Enterprises engaged in electronic data exchange use a technology that combines dedicated communication lines, dial-up links, host terminal emulation, and card box conversion data networks, and they often rely on services provided by value-added network providers. Providers of value-added network services provide data communication services on a regular basis, and assist industry / customers to deal with software configuration, security, audit, transaction tracking, and repair of missing data within this scope. The related costs incurred by value-added online services often force companies and individuals engaged in short-term and small transactions to not engage in e-commerce. Before electronic transactions actually take place, traders engaged in value-added online services usually need several weeks of preparation period to prepare. Such a preparatory period basically includes a contractor for legal and technical application and the signing of a legal agreement. The trading relationships of electronic traders are often based on the long-term and large number of transactions of business partners who are familiar with each other. This relationship is basically worth the high costs of using value-added Internet services. However, the history of the Internet has reduced the need for value-added Internet services', which in turn has enabled short-term traders to engage in e-commerce. The current Internet can effectively provide goods for trading between buyers and sellers. 4. This paper size is applicable to China National Standard (CNS) A4 specifications (210 X 297 public love). # 装 ^ ---- Order ------ (Please read the notes on the back before filling out this page.) Bi · 545021 &lt; 1 A7 V. Description of Invention (2) or service method. For example, Internet users can use email as a tool for quickly negotiating business contracts, and sellers can use websites to enable other sellers or individuals to buy shellfish online from other sellers without the need to establish long-term relationships. commodity. However, due to the openness of the Internet, others can easily intercept or manipulate transactions on the global network, and even further threaten the security of the electronic parent. As the number of electronic transactions on the Internet increases, the security of electronic transactions has become an increasingly important issue. In order to ensure the security of each electronic data exchange information in the e-commerce system, it is necessary to first meet the security requirements such as confidentiality, integrity, authenticity, authorization and non-repudiation. Many computer systems use password mechanisms to control access to data. In these systems, each user basically has his or her own password. This password is confidential. The user must type this password before entering the computer system to obtain the protected information. This solution works well under the traditional computer system where the user's password will not be leaked to others. However, in the network, especially when any computer connected to the network can download the entire network of data at any routing point, the simple password mechanism becomes broken. If a user sends a password from another network to another computer in another location, others who sneak into the computer network can get a backup of the password. Therefore, in order to ensure that the information content in the electronic transaction can remain hidden under the infiltrated state, the information must be encrypted. Encryption is essentially mixing information so that only the intended recipient can decrypt it, thereby meeting the requirements for confidentiality. Therefore, others who capture the backup of the encrypted information cannot interpret the data from the encrypted information. This is why many cryptographic technologies were born. For example, the symmetric key encryption algorithm is based on the Chinese National Standard (CNS) A4 specification (2) 0 X 297 mm. -Line (please read the precautions on the back before filling this page) 545021 Employees of the Intellectual Property Bureau of the Ministry of Economic Affairs, Consumer Cooperatives, Printed A A. V. Invention Description () 3 or the secret gold record cryptography has developed to meet the requirements of confidentiality degree. This encryption algorithm enables the sender to encrypt the seven-pass with a secret gold gun with an unrecognizable password, and only the recipient can have the same secret key to decrypt the encrypted information. In order to meet the requirements of integrity, a hash function can create an information integrity check, enabling the recipient of the information to determine its integrity. Generally speaking, the cryptographic hashing mechanism and the open golden cryptography can encode information to generate an information authentication code so that others cannot destroy or fabricate it. Therefore, only the recipient can use this same hash function to check if the message is harmful, and can also confirm whether the message came from the real sender. The digital signature mechanism, which includes a pair-to-gold record, can also be used to identify the sender of the message. The sender uses any of the gold balances known only to the sender to sign the message, for example, the sender's private money balance. Recipients use this pair of gold balances to confirm this information, for example, the sender's public money balance. Because only the sender has a private gold record, the recipient can know who sent the information. To ensure that this information is not copied or resent later, the original message may have to include a date or time stamp, ie, the date and time at which the information was written. Controlling who is responsible for each material and how this responsibility is passed on to others fulfills the requirements of authenticity. Despite the advancement of e-commerce technology, a trader can later deny that he or she has ever sent or received any information in one or the entire transaction. The application protocol used to prevent one or more traders from later denying executed transactions must meet the non-repudiation requirement. This undeniable requirement can be said to be a communication characteristic, which can prevent -6-This paper size applies the Zhongguanjia Standard (CNS) A4 specification (21G X 297 public love) -----

4^^---------II---------. (請先閱讀背面之注意事項再填寫本頁) 545021 經 濟· 部 智- 慧 財 產 局 員 工 消 費 合 作 社 印 製 A7 B7 五、發明說明()4 電子父易過程中,任一方否認交易曾發生的事實。共有二 種不可否認性的要件可防止事後否認交易行為的發生,一 是來源的不可否認性,這是指寄件者不可否認交易已被寄 出;另一是接收的不可否認性,這是指收件者不可否認交 易已被接收。當寄件者及收件者在加值網路上有長期的關 係性時,則能互相信賴,而不必擔心或顧慮否認交易的可 能性,這樣的情況在網際網路的交易中是很罕見的。在典 型的網路交易中,執行交易的一方未必相信另一方或者交 易雙方間根本就彼此不信任。此外,在網際網路商務上, 父易者雙方間的信賴程度是非常重要的,因為一方交易者 往往可在另一方交易者未發現的狀況下背信。例如,寄件 者一開始相信收件者,但其後懷疑收件者背信的話,寄件 者對收件者的信賴程度便很容易改變。 為了解決事後否認的問題,某些方法論的提出便改善 了習、知的應用協定·,寄件者在第一信息中加入一個數位簽 ^ # ’而收件者可以使用此數位«作為不可否認性之來源 證據。收件者自第-信息中檢索想要的情報,然後需將一 包含自己數位簽章的信息回覆至寄件者。寄件者可用回信 作為不可否認性之接收證據。此應用協定在寄件者信賴收 件者的情況下能最有效地運用。然而,此方案允許一不誠 實的收件者否認曾收過第一信息而不寄出回信。因此,寄 件者無法確認收件者是否真的收到第一信息。此外,寄件 者也無法確涊第一 k息是否成功地寄到收件者,或者已在 系統故障時被銷毀。由於習知的應用協定無法適當地保障 -7- 本紙張尺度中國國家標準(CNS)A4規格⑵G X 297公髮 裝---------訂---------線 (請先閱讀背面之注意事項再填寫本頁) 545021 Λ7 五、發明說明()5 接收的不可否認性,寄件者必須確信收件者會永遠破收信 息。 立某些方法允許每件交易中有具公信力第三者的加入, 〜P又易過㈣每—信息必須經由具公信力第三者的保 匕/、A乜力第二者必須確認每一項保全要件都能被滿 足,並需確認交易者雙方的行為是否合宜,以防止交易者 又方否w又易行為,也避免交易的安全性遭到侵害。任用 八A L力第―者執仃每項交易中所有的保全要件必定會增 加電子商務的費用。此外,隨著電子交易者及交易件數的 日漸增加,尋找具公信力第三者來執行電子交易也會越來 越困難。 此外現仃的具公信力第三者的方案仍存在著其他的 問題。現今的方案中,寄件者將包含以用對話金输加密之 商品的第一信息,傳送至收件者。收件者索取對話金錄以 _第-信息中的商品。寄件者傳送以收件者公開金餘加 役的對話金餘至具公信力第三者。具公信力第三者其後傳 送對話金鑰至收件者。然而,一狡詐的收件者可能在傳送 金錄至具A 力第二者的過程中,入侵網路。由於此 對話金鑰已用收件者的公開金餘加密,收件者可以用自己 ^私松金錄解密此對話金錄,進而以截取來的對話金餘解 松加密商品。此狡詐的收件者事後可否認交易的執行,而 寄件者則無法證明收件者曾從具公信力第三者處檢索此對 话金输。另一方面來說’若寄件者使用具公信力第三者的 公開金餘來加密對話金餘,雖然具公信力第三者身為知名 | - 8 本紙張尺度適用一中國iii^(CNS)A4規格 6 五、發明說明() 的、'且織但一狡詐的具公信力第三者可能用自己的私密金 錄解開此對话金餘,進而解密加密商品。寄件者可以收件 者一八A L力第二者的公開金鑰加密此對話金鑰,而後要 求收件者自具公信力第三者處檢索此對話金餘,然而,此 解決方法在非對稱密碼術中是很難達成效果的。 經舍部智慧財產局員工消費合作社印製 名為〃用以在無具公信力第三者介入情況下防止交易 者事後對已執行交易否認的方法&quot;的一申請中的美國專利 案,其内容便併入本發明作為參考,是―種有關在電子交 易中,無具公信力第三者介入下的應用協定❶在此協定中, 寄件者傳送加密的第—信息至收件者,此信息中包含以對 話金餘加密的-項商品。此第一信息也同時包含了寄件者 的數位簽早,但並不包含對話金餘。這第一加密信息被用 來作為不可否5忍性之來源證據。而從收件者寄出索取對話 金餘的第一 L息,便用來作為不可否認性的接收證據。之 後,寄件者撰寫-包含對話金錄並以收件者的公開金錄加 密的第三信息。寄件者將此第三信息健存在自己網站上的 公開金錄資料庫中,收件者之後必須進入寄件者的網站以 檢索此第三信息。寄件者保有金錄資料庫。透過監看自己 的網站,寄件者可在收件者事後否認的狀況下,向有關當 局證明收件者確實曾從金鑰資料庫中檢索對話金錄。本發 明在寄件者值得信賴的狀況下能有效運作,而收件者也不 必擔心寄件者否認交易。 然而,當寄件者的否認交易成為問題時,以上所述的 發明便不足以解決問題,因為寄件者仍保有金鑰資料庫, 本紙張尺度適用中目國家標準(CNS)A4規格(210 X 297公爱)—' 545021 經濟部智慧財產局員工消費合作社印製 A7 五、名务明說明()7 而收件者必須相信寄件者會在要求的時間公告金鑰。一不 誠實的寄件者可能在要求的時間後才發佈金鑰,並且利用 對話金鑰任意更改信息中的時間印記作為金鑰準時並確實 地被發佈的證明。因此,當不可否認性的來源與接收成為 一項問題時,發展出一種不需要交易一方倚賴另一方誠信 度的應用協定便有其必要性。 〈發明之概要說明 Summary of the Invention &gt; 本發明係有關一防止交易者事後否認已執行電子交易 的應用協定,其中具公信力第三者有責任確保交易的不可 否涊性。在此應用協定中,一寄件者使用一私密共享技術 將一原始對話金鑰分成第一子對話金鑰與第二子對話金 鑰。第一與第二子對話金鑰必須結合成為原始對話金鑰, 以使收件者能解密一以原始對話金鑰的加密商品。寄件者 將以收件者公用金鑰加密的第一對話金鑰與一加密商品納 入第一信息中。然後,寄件者傳送此第一信息給收件者。 其後,寄件者以用具公信力第三者的公開金餘加密的 第二子對話金餘納入第三信息中,其隨後便被轉寄至具公 信力第三者。具公信力第三者解密第三信息以檢索第二子 對話金錄,然後以收件者的公開金餘重新加密此第二子對 話金鑰。具公信力第三者將重新加密的第二子對話金輪納 入至第四信息,並將此第四信息公告在具公信力第三者的 網站上,而收件者在此網站上負責檢索第四mu 協定因而可在不必倚賴一個或多個交易者的可信度下,確 -10- 本紙張尺度適用中國國家標準(CNS)A4規格(21_0 X 297公爱)-------- U裝—^—訂--------- (請先閱讀背面之注意事項再填寫本頁) 02 B7 Ψ 經舍部智慧財產局員工消費合作社印製 發明說明()8 保來源與接收的不可否認性。更進_步來說,藉著具公信 力第三者僅涉入交易程序中最小的部分,意即,確認進行 交易之不可否認性,使具公信力第三者的責任與依賴度降 低時,電子交易中因具公信力第三者之涉入所產生的費用 可減少。 在本發明的最佳實施例中,特別地是,寄件者以對話 金鑰加密-所欲商品,並將此加密商品、寄件者自己的數 位簽章與第一子對話金錄納入第一信息中。唯有收件者能 以自己的私密金鑰解密此第一子對話金鑰。為了要解密第 一信息及檢索所欲商品,收件者也必須取得第二子對話金 鑰。收件者可以用包含第一子對話金鑰與寄件者的數位簽 章的第一加密信息作為來源的不可否認性。當收件者公告 一信息索取包含自己數位簽章的第二子對話金鑰時,寄件 者可用此索求信息作為不可否認性之接收證據。寄件者隨 後以具公信力第三者的公開金鑰來加密第二子對話金錄, 並將此第二子對話金鑰納入第三信息中。因此,只有具公 L力第二者可取得第二子對話金錄。具公信力第三者解密 第二信息,以便取得第二子對話金鑰。具公信力第三者用 收件者的公開金鑰重新加密第二子對話金鑰,並將此重 加进的第二子對話金錄納入第四信息中。具公信力第三 在自己網站上的金鑰資料庫中公告第四信息。之後,唯有 收件者可以自己的私密金鑰解密此第二子對話金鑰。 收件者必須進入具公信力第三者的網站以檢索第四 息。隨後,收件者結合第一與第二子對話金鑰,形成原 新 者 信 始 t---------^---------線 (請先閱讀背面之注意事項再填寫本頁) 11 - 297公釐) 545021 A: 經 濟 部 智 慧 財 產 局 員 工 消 費 合 作 社 印 製 發明說明()9 對話金鑰,以解密第一信息中的加密商品。具公信力第三 者保有金鑰資料庫。透過監看具自己的網站,具公信力第 三者能在收件者事後否認的狀況下,向有關當局證明收件 者確實曾從金鑰資料庫中檢索第二子對話金鑰。 本發明所揭露的其他特徵及優點將於以下的詳細說明 中細述。而本發明的一部份特徵在本文中是十分明顯的, 或者也可藉由本發明的實施而得知。本發明的目的與優點 可由發明的詳細說明、申請專利範圍以及所附圖式中所指 出的系統得到印證。 為了達成依據本發明之目的的上述及其他優點,本發 明係提供-種保障電子交易中交易者不可否認交易的方 法,交易雙方任用具公信力第三者來解決交易拒絕履行所 產生的肀議,此方法包含了,製造的步驟,即寄件者製造 -對話金餘,將其分成數個子對話錢,如第—與第二子 對話金錄;寄送的步驟,即寄件者寄送至收件者第一加密 信息’其包括了以對話金餘加密的商品、寄件者的數位簽 章,以及第-子對話金錄;收到第_加密信息後索取的步 驟’即收件者向寄件者索取第二信息中的第二子對話金 錄’此第二信息包括了收件者的數位簽章;收到第二信 後傳送的步驟’即寄件者傳送至具公信力第三者-有第 子對話金錄的第三加密信息,此第二子對話金錄乃以 信力第三者公開金墙加密;取得的步驟,即具公信力 者自第三加密信息中取得第二子對話金錄,並製造第— 密信息;公告的步驟,即具公信力第三者在自己的網站上 息 具公 第三 四加 ----------^------ (請先閱讀背面之注意事項再填寫本頁) 畢- -12· 本紙張尺度適用中國國家標準(CN^TS (210 X 297公釐Γ 545021 五、發明說明()10 公告第四加密信息;檢索的步驟,即收件者從具公斤力第 三者的網站上檢索第四加密信息;合併的步驟,即㈣件 者將事先已決定數量的數個子對話金餘併入-必要對話金 鑰,以從第-加密信息中檢索加密商品。 方 加 中 本發明另外備置了-種在交易者任用具公信力第三者 來解決拒絕履行交易爭議的情況下,確保交易者雙方不可 ►事後否認已執行電子交易的系統。此系統包含製造的 法’即寄件者製造-對話錢’將其分成數個子對話金输 如第-與第二子對話金餘;寄送的方法即寄件者寄送至 收件者個第一加密信息,其包括了用對話金餘加密的 2品、寄件者的數位簽章與第—子對話麵:收到第一 密信息後索取的方法,即收件者向寄件者索取第二信息, 第 即 合 2第二子對話金錄,此第二信息包括了收件者的數位簽 早,收到第一k息後傳送的方法,即寄件者傳送至具公信 力第三者,-有第二子對話金錄的第三加密信息,此第二 子對話金餘乃用具公信力第三者公開金餘加密;取得的方 法’即具公信力第三者自第三加密信息中取得第二子對話 金餘’並製造第四加密信息;公告的方法,即具公信力 三者在自己的網站上公告第四加密信息;檢索的方法, 收件者從具公信力第三者的網站上檢索第四加密信息·_ 併入必要對活金鑰,以從第一加密信息中檢索加密商 品 併的方法,即收件者將事先已決定數量的數個子對話金鑰 -13- 本紙張尺度適用中國國家標準(CNS)A4規格(2]〇 X 297公髮 M5021 經濟部智慧財產局員工消費合作社印製 Λ7 '----___ 五、發明說明()Η &lt; ® ^ ^ 1¾ Brief Description of the Drawings &gt; 所附的圖式可對本發明作更進一步說明,它應視為說 明書的-部份’且以實施例解說了本發明的原則。 在圖式中: 第1圖,顯示一電腦網路,其中結合了本發明中不可 否認性的應用協定; 第2圖,顯示電腦網路構件上,往來所使用的tcp/ip層 級式結構的應用協定; 第3圖,顯示一私密共享技術,其使一寄件者將一對 話金錄分為二個金鑰; 第4圖,顯示另一項能將二個對話金鑰分為二個子對 話金鑰的實施例; 第5圖,顯示本發明之不可否認性的應用協定的較佳 實施例; 第6圖,顯示第5圖中,本發明之不可否認性的應用 協定的較佳實施例所施行的步驟;以及 第7圖’顯示一保全架構,其中本發明之不可否認性 的應用協定可被施行。 &lt; 較佳實例的說明 DeScription of the Preferred Emb〇d丨ments &gt; 現在請參看顯示於所附圖式中的本發明的較佳實施 例。以下將為使用者詳述本發明所揭露之不可否認性的應 用協定的功能。當瀏覽器應用程式與網頁伺服器應用程式 l·-----Γ—t--------- (請先閱讀背面之注意事項再填冩本頁) -14-4 ^^ --------- II ---------. (Please read the notes on the back before filling out this page) 545021 Economy · Ministry of Intellectual Property-Printed by the Intellectual Property Cooperative of the Intellectual Property Bureau A7 B7 V. Description of the invention (4) During the process of electronic parent, either party denied the fact that the transaction had occurred. There are two types of non-repudiation requirements that can prevent subsequent denial of transactions. One is the non-repudiation of the source, which means that the sender's undeniable transaction has been sent. Means that the recipient cannot deny that the transaction has been received. When the sender and recipient have a long-term relationship on the value-added network, they can trust each other without worrying or worrying about the possibility of denying the transaction. Such a situation is very rare in Internet transactions. . In a typical online transaction, the party performing the transaction may not necessarily believe that the other party or the two parties to the transaction simply do not trust each other. In addition, in Internet commerce, the degree of trust between the two parties is very important, because one trader can often betray the trust of the other trader. For example, if a sender initially believes in the recipient, but later suspects that the recipient has broken the letter, the sender's trust in the recipient can easily change. In order to solve the problem of later denial, some methodologies have improved the application agreement of Xi and Zhi. The sender adds a digital signature to the first message ^ # 'and the recipient can use this number «as undeniable Evidence of sexual origin. The recipient retrieves the desired information from the-message, and then needs to reply to the sender with a message containing his digital signature. The sender can use the reply as evidence of non-repudiation of receipt. This application agreement is most effective when the sender trusts the recipient. However, this scheme allows an dishonest recipient to deny having received the first message without sending a reply. Therefore, the sender cannot confirm whether the recipient actually received the first message. In addition, the sender cannot determine whether the first message was successfully sent to the recipient or was destroyed when the system failed. Due to the conventional application agreement, it cannot be properly guaranteed. -7- This paper is a Chinese national standard (CNS) A4 specification ⑵G X 297. (Please read the notes on the back before filling out this page) 545021 Λ7 V. Description of the Invention (5) The non-repudiation of the receipt, the sender must be sure that the recipient will always receive the information. Establishing certain methods to allow credible third parties to join in each transaction, ~ P is easy to pass each-the information must go through the credible third party's security / A, the second party must confirm each item The security requirements can be met, and it is necessary to confirm whether the actions of both sides of the trader are appropriate, to prevent the trader from being easy and easy, and to avoid the violation of the security of the transaction. Appointing the eight-year-old force to execute all security requirements in each transaction will definitely increase the cost of e-commerce. In addition, with the increasing number of electronic traders and transactions, it will become more and more difficult to find credible third parties to execute electronic transactions. In addition, other credible third-party programs still have other problems. In today's solutions, the sender sends the first information to the recipient that contains the product encrypted with conversational gold. Recipients request dialogue gold recorded with the goods in _ 第-信息. The sender transfers the dialogue gold surplus with the recipient's public gold surplus to a credible third party. The credible third party then sends the conversation key to the recipient. However, a fraudulent recipient may invade the network while sending gold records to a strong second person. Since this conversation key has been encrypted with the recipient ’s public balance, the recipient can use his own private account to decrypt this conversation record, and then use the intercepted conversation account to unlock the encrypted product. The fraudulent recipient could later deny the execution of the transaction, and the sender could not prove that the recipient had retrieved the conversation from a trusted third party. On the other hand, 'If the sender uses the public money of a trusted third party to encrypt the dialogue money, although the trusted third party is well-known |-8 This paper applies to a China iii ^ (CNS) A4 Specification 6 Fifth, the description of the invention (), and a succinct but credible third party may use their own private gold records to unlock this conversation, and then decrypt the encrypted goods. The sender can encrypt the conversation key with the recipient's public key, and then ask the recipient to retrieve the conversation balance from a trusted third party. However, this solution is asymmetric It is difficult to achieve results in cryptography. The Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs printed an U.S. patent case entitled 〃Method to Prevent Traders from Denying an Executed Transaction Later Without a Trustworthy Third Party Intervention, the contents of which It is incorporated into the present invention as a reference, which is an application agreement concerning electronic transactions without the credibility of a third party. In this agreement, the sender sends the encrypted first information to the recipient. This information Contains-items encrypted with conversation gold. This first message also includes the digital signature of the sender, but does not include the balance of the conversation. This first encrypted information is used as a source of irresistible evidence. The first L-interest from the recipient of the conversation was sent as proof of non-repudiation. Thereafter, the sender composes-a third message containing the conversation record and encrypted with the recipient's public record. The sender keeps this third information in the public gold record database on his website. The recipient must then enter the sender's website to retrieve this third information. The sender keeps a database of gold records. By monitoring their own website, the sender can prove to the relevant authorities that the recipient has indeed retrieved the dialogue record from the key database if the recipient has denied it afterwards. The invention works effectively when the sender is trusted, and the recipient does not have to worry about the sender denying the transaction. However, when the sender's denial transaction becomes a problem, the above-mentioned invention is not enough to solve the problem, because the sender still maintains a key database, and this paper standard applies the CNS A4 specification (210 X 297 Public Love) — '545021 Printed A7 by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs V. Name and Description () 7 The recipient must believe that the sender will announce the key at the required time. A dishonest sender may publish the key after the required time, and use the time stamp in the conversation key to arbitrarily change the message as proof that the key was released on time and reliably. Therefore, when the source and acceptance of non-repudiation becomes an issue, it is necessary to develop an application agreement that does not require one party to rely on the integrity of the other. <Summary of the Invention> The present invention relates to an application agreement that prevents a trader from subsequently denying that an electronic transaction has been performed, in which a credible third party is responsible for ensuring the irreversibility of the transaction. In this application agreement, a sender uses a private sharing technique to divide an original conversation key into a first sub-session key and a second sub-session key. The first and second child conversation keys must be combined into the original conversation key, so that the recipient can decrypt an encrypted commodity with the original conversation key. The sender includes the first conversation key encrypted with the recipient's public key and an encrypted commodity into the first message. The sender then sends this first message to the recipient. Thereafter, the sender encrypted the second sub-conversational surplus encrypted by the public third-party of the trusted third party into the third message, which was then forwarded to the third-party trusted. A trusted third party decrypts the third message to retrieve the second sub-conversation record, and then re-encrypts the second sub-conversation key with the recipient's public balance. A trusted third party incorporates the re-encrypted second sub-dialog golden wheel into the fourth message, and announces this fourth information on the trusted third party's website, and the recipient is responsible for retrieving the fourth mu on this website The agreement can therefore be confirmed without relying on the credibility of one or more traders -10- This paper size applies the Chinese National Standard (CNS) A4 specification (21_0 X 297 public love) -------- U装 — ^ — Order --------- (Please read the notes on the back before filling out this page) 02 B7 发明 Printed invention description by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs (8) Undeniable. Furthermore, when a third party with credibility is involved in only the smallest part of the transaction process, which means that the non-repudiation of the transaction is confirmed, and the responsibility and dependence of the third party is reduced, the electronic Expenses incurred by transactions involving credible third parties can be reduced. In the preferred embodiment of the present invention, in particular, the sender encrypts the desired product with the conversation key, and incorporates the encrypted commodity, the sender's own digital signature, and the first sub-conversation record into the first A message. Only the recipient can decrypt this first sub-session key with his own private key. In order to decrypt the first information and retrieve the desired product, the recipient must also obtain the second sub-dialogue key. The recipient can use the first encrypted information containing the first sub-session key and the sender's digital signature as the source's non-repudiation. When the recipient announces a message requesting a second sub-conversation key containing his digital signature, the sender can use this request message as evidence of non-repudiation of receipt. The sender then uses the public key of a trusted third party to encrypt the second sub-dialogue record and incorporates this second sub-dialogue key into the third message. Therefore, only the second person with public power can get the second sub-dialog gold record. A trusted third party decrypts the second message in order to obtain the second sub-dialogue key. A trusted third party re-encrypts the second sub-conversation key with the recipient's public key, and incorporates this re-added second sub-conversation record into the fourth message. Trustworthy third Announce the fourth information in the key database on your website. After that, only the recipient can decrypt the second sub-session key with his own private key. Recipients must go to a trusted third party's website to retrieve the fourth interest. Then, the recipient combines the first and second sub-conversation keys to form the original t --------- ^ --------- line (please read the note on the back first) Please fill in this page again for details) 11-297 mm) 545021 A: The Consumer Cooperative of Intellectual Property Bureau of the Ministry of Economic Affairs printed a description of the invention () 9 Dialogue key to decrypt the encrypted product in the first message. A trusted third party maintains a key database. By monitoring its own website, a credible third party can prove to the relevant authorities that the recipient has indeed retrieved the second sub-conversation key from the key database without the recipient's subsequent denial. Other features and advantages disclosed by the present invention will be described in detail in the following detailed description. A part of the features of the present invention is very obvious in this article, or can be learned through the implementation of the present invention. The object and advantages of the present invention can be confirmed by the detailed description of the invention, the scope of patent application, and the system indicated in the drawings. In order to achieve the above-mentioned and other advantages according to the purpose of the present invention, the present invention provides a method for guaranteeing a trader's undeniable transaction in electronic transactions, and both parties to the transaction use a third party with credibility to resolve the dispute arising from the refusal to perform the transaction. This method includes the manufacturing step, that is, the sender manufactures the dialogue money, and divides it into several sub-conversation money, such as the first and second sub-conversation gold records; the sending step, that is, the sender sends to Recipient's first encrypted message 'It includes the product encrypted with the conversation surplus, the digital signature of the sender, and the first sub-conversation gold record; the steps to request after receiving the _encrypted message' are the recipient Ask the sender for the second sub-conversation record in the second message 'This second message includes the recipient's digital signature; the steps to send after receiving the second letter' are the sender's transmission to the trusted Three-the third encrypted information with the first sub-dialog gold record, this second sub-dialog gold record is encrypted with the third party's public golden wall encryption; the obtaining step is that the credible person obtains the third encrypted information from the third encrypted information Golden Dialogue of Two Sons And create the first-secret information; the steps of the announcement, that is, the third party with credibility on their website, the third and fourth plus ---------- ^ ------ (Please read first Note on the back page, please fill in this page again) -12-This paper size applies the Chinese national standard (CN ^ TS (210 X 297 mm Γ 545021) 5. Description of the invention () 10 Announces the fourth encrypted information; the steps of retrieval, That is, the recipient retrieves the fourth encrypted information from the website of a third party with a kilogram force; the step of merging, that is, the recipient merges a number of sub-conversation balances that have been determined in advance-the necessary dialogue key to -Retrieve encrypted commodities from encrypted information. Fang Jiazhong The present invention additionally prepares-in the case that the third party of the trader's credibility is used to resolve the refusal to perform the transaction dispute, to ensure that both sides of the trader cannot ► afterwards deny that the electronic transaction has been performed System. This system includes the manufacturing method 'ie sender manufacturing-dialogue money' which divides it into several sub-conversations and loses the first-and second sub-conversation balance; the sending method is the sender's delivery to the recipient This is the first encrypted message, which includes the The second product encrypted by Jinyu, the digital signature of the sender, and the first-child dialogue surface: the method of requesting after receiving the first confidential information, that is, the recipient requests the second information from the sender, which is the second Second child dialogue record, this second message includes the digital signature of the recipient early, and the method of sending after receiving the first k message, that is, the sender sends to a trusted third party,-there is a second child dialogue Recorded third encrypted information, this second sub-dialog Jinyu is encrypted by a third party with public credibility; the acquisition method is 'the third party with credibility obtains the second sub-dialog from the third encrypted information' and Manufacture the fourth encrypted information; the method of announcement, that is, the three credible people announce the fourth encrypted information on their own website; the retrieval method, the recipient retrieves the fourth encrypted information from the third-party trusted website. The method of entering the necessary live key to retrieve the encrypted product from the first encrypted information, that is, the recipient will determine a number of sub-conversation keys in advance. 13- This paper standard applies Chinese National Standard (CNS) A4 Specifications (2) 〇X 297 M5021 Printed by the Consumers 'Cooperative of the Ministry of Economic Affairs of the Ministry of Economic Affairs Λ7' ----___ V. Description of the invention () Η &lt; ® ^ ^ 1¾ Brief Description of the Drawings &gt; The attached drawings can further explain the present invention, It is to be considered a 'part of the description' and illustrates the principles of the invention by way of example. In the diagram: FIG. 1 shows a computer network incorporating the non-repudiation application agreement in the present invention; FIG. 2 shows the TCP / IP hierarchical structure used on the computer network components. Application agreement; Figure 3 shows a private sharing technology that enables a sender to divide a conversation record into two keys; Figure 4 shows another item that can divide two conversation keys into two subkeys An embodiment of a conversation key; FIG. 5 shows a preferred embodiment of an undeniable application agreement of the present invention; FIG. 6 shows a preferred implementation of an undeniable application agreement of the present invention in FIG. 5 The steps performed by the example; and Figure 7 'shows a security architecture in which the non-repudiation application agreement of the present invention can be implemented. &lt; Description of the Preferred Embodiments &gt; Reference will now be made to the preferred embodiments of the present invention as shown in the accompanying drawings. The function of the undeniable application agreement disclosed by the present invention will be described in detail below for the user. When the browser application and web server application l · ----- Γ—t --------- (Please read the precautions on the back before filling this page) -14-

經 濟- 部 智_ 慧 財 產 局 員 工 消 費 合 作 社 印 製 545021 A7 -------- —__B7____ 五、發明說明()I2 產生互動時,此二應用程式便遵循超文件傳送協定HTTP。 超文件傳送協定HTTP允許瀏覽器應用程式索取一特定物 件’其後,伺服器應用程式將歸還此一特定物件。為了確 保劉覽器應用程式與伺服器應用程式之間能有效地互動, 超文件傳送協定Ηττρ為了瀏覽器應用程式對伺服器應用 耘式要求定義確實的格式,也定義了伺服器應用程式歸還 的回應格式。 齡 第1圖是區域網路Ί 〇〇的一個實施例,它被構形成可 使用一不可否認性的應用協定。區域網路1〇〇包含了一 伺服器1 02、四個電腦網路ί 04-1 *! 〇、以及周邊設備,例 如印表機及其他相關裝置Η 2等,他們都可在區域系統 1〇〇中共旱。電腦系統104-110可作為伺服器〗〇2的委 吒人,或且作為其它連結至區域網路]〇〇的構成要件的 委託人。區域網路100上的構成要件較佳地連結至電纜 線媒介,例如銅或光纖電纜,而網路拓樸學可能作為象徵 Φ 性的環向拓樸學114。顯然地,對熟悉其他媒介的技術者, 如無線媒介、光纖以及廣播頻率等媒介技術者,也可連結 至區域網路100的構件上。同樣明顯的是,其他的網路 拓樸學,如乙太網路,也能如此的運用。 資料可在區域網路1 〇〇上的構成要件之間封包傳輸, 意即,大塊的資料能在區域網路1〇〇上個別地傳送著。 路由器1 20與1 22利用區域網路1 〇〇與其他電腦網路的 連結來建造擴張網路,例如網際網路、其他區域網路或是 廣域網路WAN。路由器是包含傳統處理器、記憶體、及 -------------裝-----Γ---訂---------線 (請先閱讀背面之注意事項再填寫本頁)Economy-Ministry of Wisdom _ Printed by the Consumer Affairs Bureau of Huicai Property Bureau 545021 A7 -------- —__ B7____ 5. Description of the Invention () When I2 interacts, these two applications follow the Hyper File Transfer Protocol HTTP. The Hyper File Transfer Protocol HTTP allows a browser application to request a specific object ', after which the server application will return this specific object. In order to ensure the effective interaction between the Liu Lanjia application and the server application, the hyper file transfer protocol Ηττρ defines the exact format for the browser application to request the server application, and also defines the server application return Response format. Age Figure 1 is an example of a local area network (OO), which is structured to use an undeniable application agreement. The local area network 100 includes a server 102, four computer networks ί 04-1 *! 〇, and peripheral devices such as printers and other related devices Η 2 and so on. They are all available in the local area system 1. 〇〇 The Chinese Communist Party is dry. The computer system 104-110 may serve as a commissioner of the server [02], or as a client of other constituent elements connected to the local area network] 00. The constituent elements on the local area network 100 are preferably connected to a cable medium, such as copper or fiber optic cable, and the network topology may serve as a ring topology 114 which symbolizes Φ. Obviously, those skilled in other media, such as wireless media, fiber optics, and broadcast frequency, can also be connected to the components of the local network 100. It is also obvious that other network topologies, such as Ethernet, can also be used in this way. Data can be transmitted in packets between constituent elements on the local network 100, which means that large pieces of data can be individually transmitted on the local network 100. The routers 120 and 22 use the connection between the local network 100 and other computer networks to build an expansion network, such as the Internet, other local networks, or a wide area network WAN. The router contains a traditional processor, memory, and ------------- install ----- Γ --- order --------- line (please read the back first (Notes for filling in this page)

545021 A7 經濟部智慧財產局員工消費合作社印製 五、發明說明()13 連結網路的輸出輪入|/〇介面的硬體設備。因此,擴張網 路上的構成要件能彼此共享資料及服務。為了使實體連結 網路上的構件能互通,所有擴張網路上的構件及與其連結 的路由器’必須適用於一標準的應用協定。連結網際網路 及其他網路的電腦網路基本上是使用Tcp/|p層級式結構 的應用協定。值得注意的是’亦可運用其他網際網路應用 協定。 如第2圖所示,Tcp/丨p層級式結構包含一應用層或 202、一主機傳輸層或2〇4、一網際層或2〇6、一網路介 面層或208,以及一實體層或21〇。應用層應用協定2〇2 界疋每連結至網路的應用程式如何使用網路。主機傳輸 層204界定如何確保端點應用協定之間可靠有效的傳輸。 網際層206界定網路間封包傳送的形式,也界定由一電 腦經由一或多個路由器轉送封包至最終目的地所使用的機 制。網路介面層208界定如何組織資料成為架構,以及 界疋一電腦如何傳輸架構至網路上。而實體層21〇則與 基本網路硬體相對應。因著利用TCP/IP層級式結構的應 用協定,任何連結至網路的構件,都能與其他直接或間接 地連結電腦的構件互通。 一瀏覽器應用程式,如Microsoft Explorer或Netscape Internet Browser,將電腦系統Ί〇4-11〇上的使用者連上 網際網路。大部分的瀏覽器應用程式在電腦螢幕1〇4_门〇 顯示出資料,也允許一使用者利用滑鼠在網上移動。如其 他網路應用程式一般,網頁瀏覽也利用委託伺服器的模545021 A7 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs. 5. Description of the invention () 13 The hardware connected to the output of the Internet access // interface. Therefore, the constituent elements of the expansion network can share information and services with each other. In order for the components on the physical link network to communicate, all the components on the extended network and the routers connected to it must be applied to a standard application protocol. The computer network connecting the Internet and other networks is basically an application protocol using a Tcp / | p hierarchy. It ’s worth noting ’that other Internet application protocols can also be used. As shown in Figure 2, the Tcp / p layer structure includes an application layer or 202, a host transport layer or 204, an internet layer or 206, a network interface layer or 208, and a physical layer Or 21〇. Application layer application protocol 202 defines how each application connected to the network uses the network. The host transport layer 204 defines how to ensure reliable and efficient transmission between endpoint application protocols. The internet layer 206 defines the form of packet transmission between networks and also defines the mechanism used by a computer to forward packets to one final destination via one or more routers. The network interface layer 208 defines how to organize data into a framework and how a computer can transfer the framework to the network. The physical layer 21 corresponds to the basic network hardware. Because of the application protocol using the TCP / IP hierarchical structure, any component connected to the network can communicate with other components directly or indirectly connected to the computer. A browser application, such as Microsoft Explorer or Netscape Internet Browser, connects users on the computer system Ί04-11〇 to the Internet. Most browser applications display data on the computer screen 104_door 0, and also allow a user to use a mouse to move on the Internet. Like other web applications, web browsing also uses the model of a proxy server

----------1·裝 (請先閱讀背面之注意事項再填寫本頁} ----訂-------------- 1 · Installation (Please read the precautions on the back before filling this page) ---- Order ----

I a·· AM· I 華· 經 濟 部 智. 慧 財 產 局 員 X 消 費 合 作 社 印 製 545021 A7 ___________________ 五、發明說明()Η 章巳。在給予文件的共通資訊指標的情況下,瀏覽器應用程 式成為委託人’並與共通資訊指標URL上的伺服器聯絡 索取文件。在收到來自伺服器的文件後,瀏覽器應用程式 便對使用者顯示文件。當瀏覽器應用程式與網頁伺服器應 用程式產生互動時’此二應用程式便遵循超文件傳送協定 HTTP。超文件傳送協定HTTP允許瀏覽器應用程式索取 一特定物件’其後,伺服器應用程式將歸還此一特定物件。 1 為了確保劉覽器應用程式與伺服器應用程式之間能有效地 互動’超文件傳送協定HTTP為了瀏覽器應用程式對伺服 器應用程式要求定義確實的格式,也定義了伺服器應用程 式歸還的回應格式。使用其他應用協定對熟悉該項技術者 是顯而易見的事。 目前’網際網路上的電子商務交易過程中,交易者一 方進入另一交易者的共通資訊指標(JRL,而瀏覽器應用 程式向特定伺服器應用程式索取與共通資訊指標聯用的網 Φ 頁。在顯不此網頁後,交易者可經由顯示的網頁及瀏覽器 應用程式對另一交易者提出交易。例如,網際網路上的賣 方’利用瀏覽器應用程式進入賣方的共通資訊指標URL, 希望購買軟體應用程式。瀏覽器顯示出對應的網頁,而買 方能透過此網頁訂購軟體應用程式。收到玎單之後,賣方 在自己的網頁上傳送此軟體應用程式給買方。然而,在傳 輸過程中他人可能攔截交易,或者在所有交易信息傳送至 買方前,系統就發生故障。 為了滿足每項交易的保全要件,如機密性、完整性、 I-------------------線 (請先閱讀背面之注意事項再填寫本頁)I a ·· AM · I Hua · Ministry of Economics and Intellectual Property. Printed by the Consumer Affairs Bureau X Consumer Affairs Co., Ltd. 545021 A7 ___________________ V. Description of Invention () Η Chapter 巳. In the case where the common information indicator of the document is given, the browser application becomes a client 'and contacts the server on the common information indicator URL to obtain the document. After receiving the document from the server, the browser application displays the document to the user. When a browser application interacts with a web server application, these two applications follow the Hyper Document Transfer Protocol HTTP. Hypertext Transfer Protocol HTTP allows a browser application to request a specific object ', after which the server application will return this specific object. 1 In order to ensure effective interaction between the Liu Lan browser application and the server application, the 'Hyper Document Transfer Protocol HTTP' defines the exact format for the browser application request to the server application, and also defines the server application return. Response format. The use of other application protocols is obvious to those familiar with the technology. At present, in the process of e-commerce transactions on the Internet, a trader enters a common information indicator (JRL) of another trader, and the browser application requests a specific server application for a web page associated with the common information indicator. After displaying this webpage, a trader can make a transaction to another trader through the displayed webpage and browser application. For example, the seller on the Internet 'uses the browser application to enter the seller's common information indicator URL and wishes to purchase Software application. The browser displays the corresponding webpage, and the buyer can order the software application through this webpage. After receiving the order, the seller sends the software application to the buyer on his own webpage. However, others in the transmission process The transaction may be blocked, or the system may fail before all transaction information is transmitted to the buyer. In order to meet the security requirements of each transaction, such as confidentiality, integrity, I -------------- ----- line (please read the notes on the back before filling this page)

545021545021

五、發明說明()15 真實性及授權等,現今的加密科技便因而發展起來。然而, 交易的一方可能會在執行交易後否認交易的發生。例如, 買方可能會在事後否認曾經收到已遞送出去的軟體應用程 式。甚且,如果系統發生故障,軟體應用程式在傳送至買 方的過程也可能因而受到毀壞,而賣方也可能要求買方支 付此項根本未遞送成功的軟體應用程式的費用。因此,買 買雙方都能持有已執行交易的證據以防止任一方事後拒絕 履行是件很重要的事。 本發明利用一私密共享技術以防止來源與接收的不可 否認性。私密共享是一種金餘分配機制,其中數個交易者 77別持有-必要金鑰的某部分,而此數個交易者必須將個 自持有的部分結合在—起恢復成—原始必要錢。私密共 旱技術因此能確保商品的收件者能從寄件者或具公信力第 二者處取得將商品加密之必要金瑜的某部分,使得收件者 能解密此項商品。V. Invention Description (15) Authenticity and authorization, etc., today's encryption technology is developed. However, one party to the transaction may deny that the transaction occurred after the transaction was executed. For example, the buyer may later deny receiving a software application that has already been delivered. In addition, if the system fails, the software application may be destroyed during the transfer to the buyer, and the seller may require the buyer to pay for the software application that was not successfully delivered at all. Therefore, it is important that both the buyer and the buyer have evidence of the executed transaction to prevent either party from refusing to perform later. The present invention utilizes a private sharing technique to prevent non-repudiation of origin and reception. Private sharing is a mechanism for the distribution of surplus funds, in which several traders 77 do n’t hold-a part of the necessary key, and these traders must combine the self-holding part with the original necessary money. . Private co-drought technology can therefore ensure that the recipient of a product can obtain from the sender or the credible second part of the necessary Jin Yu to encrypt the product, so that the recipient can decrypt the product.

Φ裝---------訂------- (請先閱讀背面之注意事項再填寫本頁) 經濟部智慧財產局員工消費合作社印制πΦ Pack --------- Order ------- (Please read the precautions on the back before filling out this page) Printed by the Employee Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs

&quot; 成岢件者能將一對話金 餘分成二個子對話讀。Μ 3 __,寄件者製造 一原始對話錢κ’並利用以下的程切原始對話金鑰Κ 分成子對話切K1搬與子對話麵Κ2 304: r*IDR) mod 264 γ**〇ττρ) mod 264 μ 是—個由寄件者創造的—大隨意數;IDJ是者獨有的公開識別符號;IDTTP則是具公信力獨有的公開識別符號。 K1 = (K K2= (Κ 其中 第三者&quot; The author can divide the balance of one conversation into two sub-conversations. Μ 3 __, the sender creates an original conversation money κ 'and uses the following procedure to cut the original conversation key κ into sub-conversation cuts K1 and moves to the sub-conversation planes K2 304: r * IDR) mod 264 γ ** 〇ττρ) mod 264 μ is a large random number created by the sender; IDJ is a unique public identification symbol; IDTTP is a public identification unique to credibility. K1 = (K K2 = (Κ where the third

本紙張尺錢 (210 x 297 公釐) 經濟部智慧財產局員工消費合作社印製 545021 &quot;· Α7 ___Β7 '五、發明說明( )16 第4圖顯示了將二對話金鑰分割成二個子對話金鑰的 另一實施例。在私密共享技術中,利用二個對話金鑰可使 保全架構更堅固,因為他人必須取得同時二個對話金鑰才 能解密所欲商品。如第4圖所顯示,寄件者製造二個原 始對話金鑰(κ與η,並利用以下的程式將二個原始對話 金鑰(Κ與Κ')分割成子對話金鑰Κ1 402與子對話金鑰Κ2 404 : ΚΙ = (K + K,*IDR) mod 264 Κ2= (Κ + K,*IDTTP) mod 264 其中,當收件者從寄件者處取得κι及從具公信力第 三者處取得Κ2時,Κ與Κ'能被重新創造。 第5圖顯示本不可否認性之應用協定500的較佳實施 例,其中具公信力第三者僅對不可否認性之問題發表意 見,因而使僱用具公信力第三者所產生的費用降至最低。 在應用協定500中,寄件者502寄發包含以對話金鑰加 密的商品的一加密信息508至收件者。信息508也包含 了寄件者502的數位簽章以及用收件者504公開金鑰所 加密的第一子對話金鑰302/402。收件者504可以自己的 私密金鑰解密第一子對話金鑰302/402。然而,收件者504 必需取得第二子對話金鑰304/404,以解密信息508並檢 索加密商品。為了要取得第二子對話金鑰304/404,收件 者504必須向寄件者502確收信息508。如果收件者504 因系統的故障未收到加密信息508,收件者504便不會 索取子對話金鑰304/404,寄件者502便會因此收到收件 -19- 本紙張尺度適用中國國家標準(CNS)A4規格(210 x 297公釐) ------------------:----^---------^ (請先閱讀背面之注意事項再填寫本頁) 經濟部智慧財產局員工消費合作社印製 545021 A7 B7 五、号务明說明()17 者504未索取子對話金鑰304/404的警訊。寄件者502 可以隨後詢問收件者504為何不以索取第二子對話金鑰, 並在系統恢復正常時,重新寄送加密信息508。 接收者504可以加密信息508作為不可否認性之來源 證據。收件者504可在信息510中向收件者502要求第 二子對話金鑰304/404。信息510包含了收件者504的 數位簽章,而寄件者302可使用信息510作為不可否認 之接收證據。在收到信息510時,寄件者502以具公信 力第三者的公開金鑰加密第二子對話金鑰304/404,並將 加密子對話金鑰304/404納入信息512。寄件者502隨 後傳送信息512至負責解決寄件者502與收件者504拒 絕履行的爭議之具公信力第三人506處。 收到信息512後,具公信力第三人506以自己的私密 金鑰解密,以取得第二子對話金鑰304/404。具公信力第 三人506以收件者504的公開金鑰重新加密第二子對話 金鑰304/404。具公信力第三人506將重新加密的第二子 對話金鑰304/404納入信息514,並在自己公開金鑰資料 庫中公告信息51 4。其後只有收件者504可以其私密金 鑰解密信息514。收件者504與寄件者502必須主動從 公信力第三人的網站,利用持續性的應用協定,例如超文 件傳送協定(HTTP)或檔案傳輸協定(FTP),來檢索信息 514。收件者504隨後合併第一子對話金鑰302/402與第 二子對話金鑰304/404,以回復原始對話金鑰並解密信息 508中的商品。 -20- 本紙張尺度適用中國國家標準(CNS)A4規格(210 x 297公釐) 裝-----=----訂--------- ^9— (請先閱讀背面之注意事項再填寫本頁) ^ 經濟部知曰慧財產局員工消費合作社印製 545021 '. A7 B7 、發明說明()18 在此應用協定中,具公信力第三者506必須負責照料 金鑰資料庫518及公告第二子對話金鑰304/404。藉由追 蹤具公信力第三者網站的動作,具公信力第三者506可 決定何時收件者504檢索第二子對話金鑰304/404。如果 收件者504稍後否認曾檢索過此第二對話金鑰304/404, 具公信力第三者506便可向有關當局證明此金鑰確實曾 被公告及檢索。此外,如果寄件者502與收件者504對 是否確實傳送產品產生爭議,寄件者502可用第一子對 話金鑰302/402傳送第五信息與所爭議之加密商品給具 公信力第三者506。具公信力第三者506可決定寄件者 與收件者間的傳送是否正確合宜。由於具公信力第三者 506往往是無利害關係及具名聲的一方,解決爭端及拒絕 履行交易的課題對具公信力第三者是較容易的。 第6圖顯示本發明的應用協定實施的步驟。在應用協 定500的步驟610中,寄件者502傳送以寄件者302的 數位簽章加密之信息508、加密商品及第一子對話金鑰至 收件者。在步驟620中,收件者504可以加密信息508 作為不可否認性之來源證據。在步驟630中,收件者504 在有自己數位簽章的信息510中,向寄件者502索取第 二子對話金鑰304/404。寄件者502之後可以信息510 作為不可否認性之接收證據。在步驟640中,收到信息510 後,寄件者502寄發一以第二子對話金鑰加密之第三信 息512至具公信力第三者。在步驟650中,具公信力第 三者506解密第三信息512、以收件者的公開金鑰重新 -21- 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐) ------------------^ — 1— 訂—II------&quot;5^ (請先閱讀背面之注意事項再填寫本頁) 經濟部智慧財產局員工消費合作社印製 Λ7 -----— R7__ 發明說明()19 &quot; '- 加密第二子對話切,並在第四信息514中儲存重新加 密第二子對話金餘。具公信力第三者5〇6在自己網站上 的a開金输身料庫中,公告第四信息、514。在步驟6⑽ 中,收件者要負責從金输資料庫中檢索第四信息514,而 寄件者5〇2與收件者5〇4可以信息川作為事後拒絕履 行爭端的證據。 第7圖顯示一保全架構7〇〇,本發明的應用協定可在 八中貝行。在此保全架構7〇〇的最底層是一保全硬體 702匕使他人難以操控或竊取軟體封包中的機密資料。 一私密金鑰密碼術系統7〇4及公開金鑰密碼術系統7〇6 是建立在保全硬體7〇2上,用以提供更進一步的保全。 密碼術演算法708建立在密碼系統7〇4及706上。本發 明的不可否認性協定7Ί0與密碼應用協定712則建立在 密碼術演算法708上。保障機密性、完整性、真實性及 不可否認性的密碼術演算法暨應用協定714a_714d則是 建立在密碼應用協定7Ί2與不可否認性的應用協定710 上。包含了為防火牆與代理伺服器存取控制的金鑰管理與 授權之保全管理系統716,則建立在演算法暨應用協定 714a-714d上。超文件傳送協定(HTTP)718與S/MIME格 式720,是在網路上電子資料交換中最被廣泛使用的二種 應用協定,它們也是建立在演算法暨應用協定714a-714d 上。運用一金鑰分配機制以在憑證管理中心724中分配 公開金鑰的一目錄服務722,憑證管理中心724建立在 保全管理系統716及演算法暨應用協定71 4a-714d上。 -22- 本紙張尺度述用中國國家標準(CNS)A4規格(210 X 297公釐) 裝----------1T---------- S— (請先閱讀背面之注意事項再填寫本頁) 545021 A7 B7 五、發明說明()20 目錄服務的實施例包含Microsoft Exchange目錄、Lotus Notes目錄、及Novell Netware目錄服務上。下一層包 含了公開金鑰基礎建設PKI 724,它是一個有關企業全體 應用程式的綜合保全基礎建設。公開鑰匙基礎建設PKI 724 將電子憑證、公開金鑰密碼術、私密金鑰密碼術、憑證管 理中心、目錄服務等結合成一體,使企業的保全決策變得 容易些。電子資料交換(EDI INT) 726是一種標準的製造 1 組織,也和公開金鑰體系(PKI) 724在同一層。最後一層 則包含了非電子資料交換應用程式728及電子資料交換 應用程式730。 以上所述為本發明之具體實施例之說明。然而,顯 而易見的是,針對該揭露之實施例作其他的變動及改良仍 可達成所有及部分的優點。因此,在不脫離本發明之精神 及範圍下,本發明的申請專利範圍包含這些變動及改良。 〇 (請先閱讀背面之注意事項再填寫本頁) 經濟部知曰慧財產局員工消費合作社印製 參 3 2 - 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐) 545021 A7 B7 五、發明說明()21 元件標號對照表 經濟部智慧財產局員工消費合作社印制衣 100 區域網路 K2 第二子對話金鑰 102 伺服器 500 不可否認性之應用協定 104 工作站 502 寄件者 106 IBM相容個人電腦 504 收件者 108 筆記型電腦 506 具公信力第三者 110 麥金塔電腦 508 包含寄件者之數位簽 傳真機 章、加密商品、加密第 電腦繪圖機 一子對話金鑰的第一信 掃描器 息 IBM雷射印表機 510 包含收件者數位簽章的 雷射印表機 第二信息 數據機 512 包含加密第二子對話金 114 象徵環 鑰的第三信息 120 路由器 514 包含以收件者公開金錄 122 路由器 加密的第二子對話金錄 202 應用層或第5層 的第四信息 204 主機傳輸層或第4層 518 金鑰資料庫 206 網際層或第3層 600 不可否認性之應用協定 208 網路介面層或第2層 610 寄件者傳送包含自己數 210 實體層或第1層 位簽章、加密商品、加 K 原始對話金鑰 密第一子對話金鑰的第 K' 原始對話金鑰 一信息之步驟 K1 第一子對話金鑰 620 收件者可用第一信息作 -24- ---------:--裝-----^----訂--------- (請先閱讀背面之注意事項再填寫本頁) 本紙張尺度適用中國國家標準(CNS)A4規格(210 x 297公釐) 545021 A7 B7 五、發明說明()22 經濟部知曰慧財產局員工消費合作社印製 為不可否認性之來源證 710 不可否認性之應用協定 據之步驟 712 密碼術應用協定 630 故件者寄發一信息索取 714a 隱密性 第二子對話金餘之步驟 714b 完整性 640 寄件者傳送有加密第二 714c 真實性 子對話金鑰的第三信息 714d 不可否認性 至具公信力第三者之步 716 保全管理系統 驟 718 超文件傳送協定 650 具公信力第三者從第二 720 S/MIME格式 子對話金餘撰寫第四信 722 目錄服務 息並在網站上公告第四 724 公開金鑰基礎建設 信息之步驟 726 電子資料交換 660 寄件者與收件者可用第 728 非電子資料交換應用程 四信息作為事後拒絕履 式 行爭端的證據之步驟 730 電子資料交換應用程式 700 保全架構 702 保全硬體 704 私您松碼系統 706 公開加密系統 708 密4¾術演算法 -25- --------------裝--- (請先閱讀背面之注意事項再填寫本頁) -線· 本紙張尺度適用中國國豕標準(CNS)A4規格 (210 X 297 公釐)Paper rule (210 x 297 mm) Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 545021 &quot; Α7 ___ Β7 'Fifth, the description of the invention () 16 Figure 4 shows the division of the two conversation keys into two sub-conversations Another embodiment of the key. In the private sharing technology, the use of two dialog keys can make the security structure stronger, because others must obtain two simultaneous conversation keys to decrypt the desired product. As shown in Figure 4, the sender creates two original conversation keys (κ and η) and uses the following procedure to split the two original conversation keys (K and KK ') into sub-session keys K1 402 and sub-sessions Key Κ2 404: ΚΙ = (K + K, * IDR) mod 264 KK2 = (Κ + K, * IDTTP) mod 264 Wherein, when the recipient obtains κ from the sender and from a trusted third party When K2 is obtained, K and K 'can be re-created. Figure 5 shows a preferred embodiment of this non-repudiation application agreement 500, in which a credible third party only issues opinions on non-repudiation issues, thus hiring The costs incurred by a trusted third party are minimized. In the application agreement 500, the sender 502 sends an encrypted message 508 containing the product encrypted with the conversation key to the recipient. The message 508 also includes the sending The digital signature of the person 502 and the first sub-session key 302/402 encrypted with the public key of the recipient 504. The recipient 504 can decrypt the first sub-session key 302/402 with his own private key. However The recipient 504 must obtain the second sub-session key 304/404 to decrypt the information 508 Retrieve encrypted products. In order to obtain the second sub-session key 304/404, the recipient 504 must confirm the information 508 with the sender 502. If the recipient 504 does not receive the encrypted information 508 due to a system failure, the recipient The person 504 will not ask for the sub-conversation key 304/404, and the sender 502 will receive the receipt -19- This paper size applies the Chinese National Standard (CNS) A4 specification (210 x 297 mm) --- ---------------: ---- ^ --------- ^ (Please read the notes on the back before filling out this page) Employees of Intellectual Property Bureau, Ministry of Economic Affairs Printed by the Consumer Cooperative 545021 A7 B7 V. Number Description (17) 504 did not request the sub-conversation key 304/404 alert. The sender 502 can then ask the recipient 504 why not to request the second sub-conversation Key, and resend the encrypted message 508 when the system returns to normal. The receiver 504 can encrypt the message 508 as evidence of non-repudiation. The receiver 504 can ask the receiver 502 for the second child in the message 510 Session key 304/404. Message 510 contains the digital signature of the recipient 504, and the sender 302 can use the message 510 as an undeniable receiver Evidence. When receiving the message 510, the sender 502 encrypts the second sub-session key 304/404 with the public key of a trusted third party, and incorporates the encrypted sub-session key 304/404 into the message 512. Send The person 502 then sends a message 512 to a credible third party 506 who is responsible for resolving the dispute that the sender 502 and the recipient 504 refused to perform. After receiving the message 512, the credible third person 506 decrypts it with his private key to obtain the second sub-session key 304/404. The credible third person 506 re-encrypts the second sub-session key 304/404 with the public key of the recipient 504. A credible third person 506 incorporates the re-encrypted second sub-session key 304/404 into the information 514, and announces the information 51 4 in its own public key database. Thereafter only the recipient 504 can decrypt the information 514 with his private key. The recipient 504 and the sender 502 must actively retrieve the information 514 from the website of a third party using a continuous application protocol, such as a Hyper File Transfer Protocol (HTTP) or a File Transfer Protocol (FTP). Recipient 504 then merges the first sub-session key 302/402 and the second sub-session key 304/404 to reply to the original session key and decrypt the item in message 508. -20- This paper size is applicable to China National Standard (CNS) A4 (210 x 297 mm) Packing ----- = ---- Order --------- ^ 9— (Please read first Note on the back, please fill out this page again) ^ Printed by the Ministry of Economic Affairs and the Intellectual Property Bureau's Employee Cooperatives 545021 '. A7 B7, Invention Description () 18 In this application agreement, a credible third party 506 must take care of the key Database 518 and announcement second sub-dialogue key 304/404. By tracking the actions of the trusted third party website, the trusted third party 506 can decide when the recipient 504 retrieves the second sub-session key 304/404. If the recipient 504 later denies that this second conversation key 304/404 has been retrieved, a credible third party 506 can prove to the relevant authorities that this key has indeed been announced and retrieved. In addition, if the sender 502 and the recipient 504 have a dispute over whether the product is actually delivered, the sender 502 can use the first sub-session key 302/402 to transmit the fifth information and the encrypted product in dispute to a trusted third party 506. A trusted third party 506 can determine whether the transmission between the sender and the recipient is correct. Since credible third parties 506 are often uninterested and reputable parties, issues of dispute settlement and refusal to perform transactions are easier for credible third parties. Fig. 6 shows the steps for implementing the application agreement of the present invention. In step 610 of the application agreement 500, the sender 502 transmits the information 508 encrypted with the digital signature of the sender 302, the encrypted product, and the first sub-session key to the recipient. In step 620, the recipient 504 may encrypt the information 508 as a source of non-repudiation evidence. In step 630, the recipient 504 obtains the second sub-conversation key 304/404 from the sender 502 in the information 510 having its own digital signature. The sender 502 can then use the information 510 as evidence of non-repudiation of receipt. In step 640, after receiving the message 510, the sender 502 sends a third message 512 encrypted with the second sub-session key to a trusted third party. In step 650, the trusted third party 506 decrypts the third information 512 and re--21 with the recipient's public key. This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm)- ---------------- ^ — 1— Order —II ------ &quot; 5 ^ (Please read the notes on the back before filling this page) Intellectual Property of the Ministry of Economic Affairs Printed by the Consumer Cooperative of the Bureau Λ7 ------ R7__ Description of the invention () 19 &quot; '-The second sub-session is encrypted, and the remaining amount of the second sub-session is stored in the fourth message 514. A third party with credibility 506 announced the fourth information, 514, in the A Kaijin loser library on his website. In step 6⑽, the recipient is responsible for retrieving the fourth information 514 from the gold loss database, and the sender 502 and the recipient 504 can use the information as evidence to refuse to perform the dispute afterwards. Fig. 7 shows a security architecture of 700, and the application agreement of the present invention can be implemented in China. At the lowest level of the security architecture 700 is security hardware 702, making it difficult for others to manipulate or steal confidential information in software packages. A private key cryptosystem 704 and a public key cryptosystem 704 are built on the security hardware 702 to provide further security. Cryptographic algorithms 708 are built on the cryptosystems 704 and 706. The non-repudiation agreement 7Ί0 and the cryptographic application agreement 712 of the present invention are based on a cryptographic algorithm 708. The cryptographic algorithms and application protocols 714a-714d that guarantee confidentiality, integrity, authenticity, and non-repudiation are based on the cryptographic application agreement 7Ί2 and the non-repudiation application agreement 710. The security management system 716, which includes key management and authorization for firewall and proxy server access control, is based on algorithms and application protocols 714a-714d. Hyper File Transfer Protocol (HTTP) 718 and S / MIME format 720 are two of the most widely used application protocols in electronic data exchange on the Internet. They are also based on algorithms and application protocols 714a-714d. Using a key distribution mechanism to distribute a directory service 722 of public keys in the certificate management center 724, the certificate management center 724 is built on the security management system 716 and the algorithm and application agreement 71 4a-714d. -22- This paper uses the Chinese National Standard (CNS) A4 specification (210 X 297 mm). --------- 1T ---------- S— (please first Read the notes on the back and fill in this page) 545021 A7 B7 V. Description of the invention () 20 Examples of directory services include Microsoft Exchange directory, Lotus Notes directory, and Novell Netware directory service. The next layer contains the public key infrastructure PKI 724, which is a comprehensive security infrastructure for all enterprise applications. The public key infrastructure PKI 724 combines electronic credentials, public key cryptography, private key cryptography, credential management centers, directory services, etc., making it easier for companies to make security decisions. Electronic Data Interchange (EDI INT) 726 is a standard manufacturing 1 organization and is also on the same level as the Public Key System (PKI) 724. The last layer contains non-EDI applications 728 and ED applications 730. The above is a description of a specific embodiment of the present invention. However, it is obvious that other changes and improvements to the disclosed embodiment can still achieve all and part of the advantages. Therefore, without departing from the spirit and scope of the present invention, the scope of patent application of the present invention includes these changes and improvements. 〇 (Please read the notes on the back before filling in this page) Printed by the Consumers' Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs 3 2-This paper size applies to China National Standard (CNS) A4 (210 X 297 mm) 545021 A7 B7 V. Description of the invention (21) Component label comparison table Employees of the Intellectual Property Bureau of the Ministry of Economic Affairs Consumption printed by the cooperative 100 Local network K2 Second dialogue key 102 Server 500 Non-repudiation application agreement 104 Workstation 502 Shipment Person 106 IBM Compatible Personal Computer 504 Recipient 108 Notebook Computer 506 Trustworthy Third Party 110 Macintosh Computer 508 Contains sender's digitally signed fax machine seal, encrypted merchandise, encrypted computer graphics plotter The first letter scanner of the key is the IBM laser printer 510. The laser printer contains the recipient ’s digital signature. The second information modem 512 contains the encrypted second sub-session 114. The third information symbolizing the ring key 120 Router 514 contains the recipient's public record 122, the router's encrypted second sub-session record 202, the fourth information at the application layer 5, or the fourth layer 204 Host transport layer or layer 4 518 key database 206 Internet layer or layer 3 600 non-repudiation application protocol 208 network interface layer or layer 2 610 sender send contains its own number 210 entity layer or layer 1 Bit-signature, encrypted product, K's original conversation key, first sub-conversation key, K 'original conversation key, information step K1 First sub-conversation key 620 Recipient can use first information as -24 ----------:-Install ----- ^ ---- Order --------- (Please read the precautions on the back before filling this page) This paper size Applicable to China National Standard (CNS) A4 specification (210 x 297 mm) 545021 A7 B7 V. Description of invention (22) The Ministry of Economic Affairs knows that the Consumer Property Cooperative of the Hui Property Bureau has printed the certificate of undeniable source 710 The undeniable The application agreement is based on step 712. Cryptography application agreement 630. The sender sends a message to request 714a. The confidentiality of the second sub-conversation. Step 714b. Integrity 640. Third Information 714d Undeniable Step to a Trustworthy Third Party 716 Security Management System Step 718 Super File Transfer Protocol 650 Credibility Third party from the second 720 S / MIME format sub-conversation Jin Yu composes the fourth letter 722 directory service information and announces the fourth 724 public key infrastructure information on the website Step 726 Electronic data exchange 660 The sender and recipient can use the 728th non-electronic data exchange application IV information as evidence of subsequent refusal to perform a dispute 730 electronic data exchange application 700 security architecture 702 security hardware 704 private Your loose code system 706 public encryption system 708 secret 4¾ algorithm -25- -------------- install --- (Please read the precautions on the back before filling this page) -line · This paper size applies to China National Standard (CNS) A4 (210 X 297 mm)

Claims (1)

02 ^ 影 ®' 5 ¾02 ^ Shadow ® '5 ¾ A B c D 申請專利範圍 ~ — 一=二T二:=編 方法,交易雙方任用具公_Λ ϋ Α乜力第二人解決拒絕履行戶 f 產生的爭端,其包括以下步驟: 製造的㈣,„件者製造1話錢,將其分成數 個子對話金鑰’包括第—與第二子對話金餘; 寄送的步驟,即寄件者寄送第—加密信息至收件者, 第一加密信息包括以對話金鑰加密的商品、寄件者的 數位簽章與第一子對話金鑰; 收到第-加密信息後索取的步驟,即收件者向寄件者 索取第二信息中的第二子對話金鑰,此第二信息包括 了收件者的數位簽章; 收到第二信息後傳送的步驟,即寄件者寄送至具公信 力第—者一以第二子對話金鑰加密的第三加密信自, 此第—子對話錢乃以具公信力第三者公開金㊃ 密; 2得的步驟,即具公信力第三者自第三加密信息中取 得第二子對話金鑰,並製造第四加密信息; 公告的步驟,即具公信力第三者在自己的網站上公告 第四加密信息; 檢索的步驟,即收件者從具公信力第三者的網站上檢 索第四加密信息;以及 合併的步驟,即收件者將事先已決定數量的數個子對 話金鑰併入一必要對話金鑰,以從第一加密信息中檢 索加密商品。 26 _ ;义張適用不家桴準---- lCNS) A4規格(210X297公笼)AB c D Scope of patent application ~ — One = two, two, two: = method, the two parties to the transaction _Λ ϋ Α 乜 force the second person to resolve the dispute arising from the refusal to perform the household f, which includes the following steps: „The sender makes 1 call and divides it into several sub-dialogue keys' including the first-and-second sub-dialogue balance; the sending step is that the sender sends the first-encrypted message to the recipient, the first The encrypted information includes the product encrypted with the conversation key, the sender's digital signature and the first sub-conversation key; the step of requesting after receiving the first-encrypted information, that is, the recipient requests the second information from the sender. Key of the second sub-conversation, this second information includes the digital signature of the recipient; the step of transmitting after receiving the second information, that is, the sender sends the first sub-conversation to the credible first person The third encrypted message encrypted by the key is from the third sub-conversation. The public key is disclosed by a trusted third party. The second step is to obtain the second sub-conversation from the third encrypted information by the trusted third party. Key, and produce the fourth encrypted information; Step, that is, a third party with credibility announces the fourth encrypted information on its own website; the step of retrieval, that is, the recipient retrieves the fourth encrypted information from the website of a third party that has credibility; The developer merges a number of sub-conversation keys that have been determined in advance into a necessary conversation key to retrieve encrypted commodities from the first encrypted information. 26 _; Yizhang applies home standards —— lCNS) A4 specification ( 210X297 male cage) 申清專利範圍Claim the scope of patents 2.如申請專利範圍第1 餘作為對話麵的步驟 其另包括使用數個金 I = = Γ第2項W,在合併事先已_ 要對活金鑰,以便從第 -加心息的檢索加密商品的步驟。 4. 專㈣圍第3項之方法,在取得的步驟中,另 包括以下的步驟·· ^密的_ ’具公信力第三者在第三加密信息中以自 ▲的私进金鑰解密第二子對話金鑰,以取得第二子對 話金鑰;以及 息 重新加密的步驟,具公信力第三者以收件者的公開加 被金餘重新加密第二子縣錢,並在第四加密信 中納八重新加密的第二子對話金鑰。 另 料 5·如申請專利範圍第4項之方法,在公告的步驟中, 線 包括由具公信力第三者在自己網站上的公開金鑰資 庫中儲存第四加密信息的步驟。 6·如申請專利範圍第5項之方法,其另包括寄件者以收 件者公開金鑰加密第一信息中的第-子對話金鑰的步 驟。 7·如申請專利範圍第6項之方法,其另包括收件者以自 己的私密公開金鑰解密第一信息中的第一子對話金鑰 的步驟。 8·如申請專利範圍第7項之方法,其另包括索取在事先 -27. 國 )Α4規格(2 10X297公釐) 六 A B c D 已決定數量的數個子金錄以便自第一加密信息中檢索 資料的步驟。 9·如申請專利範圍第8項之方法,其另包括索取第一及 第子對活金鑰以便自第一加密信息中檢索資料的步 驟。 士申明專利範圍第9項之方法其另包括收件者利用 第加岔信息作為不可否認性之來源證據的步驟。 11·如申請專·圍第1Q項之方法,其另包括寄件者利用 第二加密信息作為不可否認性之接收證據的步驟。 12·如中請專鄉圍第U項之枝,其另包括寄件者與收 件者從具公信力第三者的網站上利用一持續性的應用 協定來檢索第四加密信息的步驟。 13.如申請專利範圍第12項之方法,其另包括具公信力第 —者稽查自己的網站,以便確定收件者何時檢索第四 加密信息的步驟。 如申明專利範圍第13項之方法,其另包括具公信力第 三者透過稽查的步驟,證明收件者收到第四加密信息 的步驟。 15·如申請專利範圍帛14項之方法,其另包括使用第四加 密信息作為不可否認性之來源與接收的證據。 16·如申請專利範圍帛15項之方法,其另包括寄件者寄送 第五加达k息至具公信力第三者,以便解決寄件者與 收件者雙方拒絕履行交易之爭端的步驟。 17·如申請專利範㈣16項之方法,其另包括寄件者將加 I I2. If the scope of the patent application is the first step as a dialogue surface, it also includes the use of several gold I = = Γ item 2 W, before the merger has been _ to the live key, in order to retrieve from the-plus heart rate Steps to encrypt the product. 4. The method specifically covering item 3 includes the following steps in the obtained step ... ^ Secret _ 'The third party with the credibility uses the private key from ▲ to decrypt the first encrypted key in the third encrypted message. The second sub-session key to obtain the second sub-session key; and the step of re-encrypting, a credible third party re-encrypts the second sub-county's money with the recipient's public plus the surplus, and encrypts it in the fourth In the letter, Naba re-encrypted the second sub-session key. In addition, as in the method of applying for item 4 of the patent scope, in the step of announcement, the line includes the step of storing the fourth encrypted information by a trusted third party in the public key database on its own website. 6. The method according to item 5 of the patent application, further comprising the step of the sender encrypting the first sub-session key in the first message with the recipient's public key. 7. The method according to item 6 of the patent application, further comprising the step of decrypting the first sub-session key in the first message by the recipient with his private public key. 8 · If the method of applying for item 7 of the patent scope, it also includes obtaining in advance -27. China) A4 specification (2 10X297 mm) 6 AB c D has determined a number of sub-gold records in order to be included in the first encrypted information Steps to retrieve information. 9. The method according to item 8 of the patent application, further comprising the step of obtaining the first and second pair of live keys to retrieve information from the first encrypted information. The method of claiming item 9 of the patent also includes a step for the recipient to use the additional information as evidence of the source of non-repudiation. 11. If applying for the method of item 1Q, it further includes the step of the sender using the second encrypted information as evidence of non-repudiation. 12. If you ask for the branch of item U in Zhuanxiang Village, it also includes the steps for the sender and recipient to retrieve the fourth encrypted information from a trusted third party's website using a continuous application agreement. 13. The method of claim 12 in the scope of patent application, further comprising the step of checking the website of the credible person to determine when the recipient retrieves the fourth encrypted information. For example, if the method of claim 13 is declared, it also includes the step of verifying that the recipient has received the fourth encrypted information through an auditing step. 15. The method for applying scope of item 14 of the patent, which additionally includes the use of the fourth encrypted information as the source of non-repudiation and evidence of receipt. 16. If the method of applying for a scope of 15 patents, it also includes the steps of the sender sending a fifth Kanda K interest to a credible third party in order to resolve the dispute between the sender and the recipient of the refusal to perform the transaction . 17. · If you apply for the method of item 16 of the patent, it also includes the sender will add I I -28- 範圍 密第一子對話金鑰與加密商品納入第五加密信息的步 驟。 3·如申請專利範圍第17項之方法,其另包括具公信力第 三者以第五加密信息確認自寄件者傳送至收件者的加 选第一子對話金鑰與加密商品的過程是否正確,以解 決寄件者與收件者雙方拒絕履行交易之爭端的步驟。 如申請專利範圍第18項之方法,其另包括使用散列法 來撰寫第-、第二及、第三、第四及第五加密信息的 步驟。 »•如申請專利範圍帛18項之方法,其另包括使用加密術 來撰寫第-、第二及、第三、第四及第五加密信息的 步驟。 .如申請專鄉圍第則之方法,其純括使用編碼來 撰寫第一、第二及、第三、第四及第五加密信息的步 驟。 •-種用以確保涉及已執行之電子交易的交易者無法否 認的系統,該等交易者任用具公信力第三者以解決拒 絕履行交易的爭端,該系統包括: 眾逯的裝置,即寄件者製造 對話金鑰,將其分成 個包括第-與第二子對話錢的子對話金输; 寄送的裝置,即寄件者料第至收件者 第加在^息包括以對話金鑰加密的商品、寄件者 數位簽章與第一子對話金鑰; 即收件者向寄件者 收到第一加密信息後索取的裝置, 、申請專利範圍 索取第二信息中的第二子對話金餘,此第二信息包括 了收件者的數位簽章; 收到第二信息後寄送的裝置,即寄件者寄送至具公信 力第二者,一以第二子對話金鑰加密的第三加密信 息,此第二子對話金输係以具公信力第三者公開金餘 加密; 2得的裝置,即具公信力第三者自第三加密信息中取 得第二子對話金鑰,並製造第四加密信息; 公告的裳置,即具公信力第三者在自己的網站上公告 第四加密信息; 檢索的裝置,即收件者從具公信力第三者的網站上檢 索第四加密信息;以及 “并的裝置’即收件者將事先已決定數量的數個子對 活金鑰併入-必要對話金鍮,以從第一加密信息中檢 索加密商品。 23.如申請專利範圍第22項之系統其另包括使用數個金 输作為對話金餘的裝置。 子 士申》月專利範圍第23項之系統,其另包括合併第 以 對話金鑰與第二子對話金鑰成為一必要對話金鑰 便從第一加密信息的檢索加密商品的裝置。 士申吻專利範圍第24項之系統,其另包括以下的裝 置: 解选的裝置,具公信力第三者在第三加密信息中以自 己的私密金鑰解密第二子對話金鑰,以取得第二子對 30· 本纸〕長尺度適用中國國取標準(CNS ) &quot;( 210X297^^ )-28- Scope The step of integrating the first sub-session key and encrypted commodity into the fifth encrypted message. 3. If the method of the 17th scope of the patent application, it also includes a credible third party using the fifth encryption information to confirm whether the process of selecting the first sub-session key and the encrypted commodity transmitted from the sender to the recipient is Correct steps to resolve a dispute between the sender and the recipient of a refusal to perform the transaction. If the method of claim 18 is applied, it further includes the step of writing the-, second, and third, fourth, and fifth encrypted information using a hash method. »• If the method of applying patent scope is 18 items, it also includes the steps of using encryption to compose the first, second, third, fourth, and fifth encrypted information. The method of applying for the special rule of the township only includes the steps of writing the first, second and third, fourth and fifth encrypted information using coding. • A system used to ensure that traders involved in electronic transactions that have been performed cannot be denied. These traders use credible third parties to resolve disputes that refuse to perform transactions. The system includes: The sender creates a conversation key, and divides it into a sub-talk loss including the first-and-second dialogue money; the sending device, that is, the sender's data to the recipient's information, including the conversation key Encrypted merchandise, the sender's digital signature and the first sub-conversation key; that is, the device that the recipient requests after receiving the first encrypted information from the sender; Conversation money, this second message includes the digital signature of the recipient; the device sent after receiving the second message, that is, the sender sends it to a credible second person, a second sub-conversation key Encrypted third encrypted information. This second sub-conversation gold loss is encrypted by a third party with public credibility. The second device is a third party with credibility and obtains the second sub-conversation key from the third encrypted information. And make a fourth encryption Announcement, that is, a third party with credibility announces the fourth encrypted information on its own website; a retrieval device, that is, the recipient retrieves the fourth encrypted information from the third party's website with credibility; and "and The device 'is the recipient incorporates a number of sub-pair live keys that have been determined in advance-the necessary dialogue key to retrieve the encrypted product from the first encrypted information. 23. A system as claimed in item 22 of the patent scope It also includes a device that uses several gold losers as the balance of the conversation. The system of Zheshen's monthly patent scope item 23 also includes a combination of the first dialogue key and the second dialogue key into a necessary dialogue key. A device for retrieving encrypted commodities from the first encrypted information. The system of item 24 of the Shi Shen kiss patent scope further includes the following devices: Unselected device, a credible third party uses his own privacy in the third encrypted information The key is used to decrypt the second sub-talk key to obtain the second sub-pair. 30. This paper] Long-term application of China National Standard (CNS) &quot; (210X297 ^^) 話金鑰;以及 重新加密的装置,具公信力第三者以收件者的公開加 密金鑰重新加密第二子對話金鑰,並在第四加密信息 中納入重新加密的第二子對話金鑰。Key; and re-encryption device, a trusted third party re-encrypts the second sub-session key with the recipient ’s public encryption key, and includes the re-encrypted second sub-session key in the fourth encryption information . 26. 如申請專利範圍第25項之系統,在公告的步驟中,另 包括具公信力第三者在自己網站上的公開金鑰資料庫 中儲存第四加密信息的裝置。 27. 如申請專利範圍第26項之系統,其另包括寄件者以收 件者公開金鑰加密第一信息中的第一子對話金鑰的裝 置。 ’ 28_如申請專利範圍第27項之系統,其另包括收件者以自 己的私密公開金鑰解密第一信息中的第一子對話金鑰 的裝置。26. If the system for applying for the scope of the patent No. 25, in the announcement step, it also includes a means for a third party with credibility to store the fourth encrypted information in the public key database on its own website. 27. If the system of claim 26 is applied, it further includes means for the sender to encrypt the first sub-session key in the first message with the recipient's public key. '28_ The system according to item 27 of the patent application, further comprising a device for the recipient to decrypt the first sub-conversation key in the first message with his own private public key. 29·如申請專利範圍第28項之系統,其另包括索取在事先 已決定數量的數個子金鑰以便自第一加密信息中檢索 資料的裝置。 3〇.如申請專利範圍第29項之系統,其另包括索取第一及 第二子對話金鑰以便自第一加密信息中檢索資料的襞 置。 ’ 31·如申請專利範圍第30項之系統,其另包括收件者利用 第一加密信息作為不可否認性之來源證據的裝置。 32.如申晴專利範圍第3〇項之系統,其另包括寄件者利用 第二加密信息作為不可否認性之接收證據的裝置。 33·如申請專利範圍第32項之系統,其另包括寄件者與收29. The system according to item 28 of the scope of patent application, further comprising means for requesting a number of sub-keys in a predetermined number in order to retrieve data from the first encrypted information. 30. The system according to item 29 of the patent application, further comprising a device for requesting the first and second sub-dialogue keys for retrieving data from the first encrypted information. 31. If the system of claim 30 is applied, it further includes a device for the recipient to use the first encrypted information as evidence of the source of non-repudiation. 32. The system of item 30 of Shen Qing's patent scope, which further includes a device for the sender to use the second encrypted information as evidence of non-repudiation. 33. If the system of the scope of patent application No. 32, it also includes the sender and receiver )A4規格(210X297公釐)) A4 size (210X297 mm) 仵肴攸具公信力第三者的網站上利用一持續性的應月 協定來檢索第四加密信息的裝置。 如申請專利範圍帛33項之系統,其另包括具公信力筹 三者稽查自己的網站,以便確定收件者何時檢索第迅 加密信息的裝置。 35·如申請專利範圍第34項之系統,其另包括具公信力第 三者透過稽查的步驟,證明收件者收到第四加密信幸 的裝置。 ° ^ 36·”請專利範圍第35項之系統’其另包括使用第四加 费信息作為不可否認性之來源與接收的證據之襞置。 37·如申請專利範圍帛36項之系統,其另包括由寄件者傳 送第五加密信息至具公信力第三者,以便解決寄件者 與收件者雙方拒絕履行交易之爭端的裝置。 38·如申請專利範圍帛37項之系、统,其另包括由寄件者將 加密第-子對話金餘與加密商品納入第五加密信息的 裝置。 〜 39.如申請專利範圍第38項之系統,其另包括由具公信力 第三者以第五加密信息確認自寄件者傳送至收件者的 力毪第一子對話金鑰與加密商品的過程是否正確,以 解決寄件者與收件者雙方拒絕履行交易&lt;爭端的裝 置。 ’ 40·如申請專利範圍帛39j員之系統,其另包括使用散列法 來撰寫第一、第二及、第三、第四及第五加密信息的 裝置。 545021 A B c D 申請專利範圍 41.如申請專利範圍第39項之系統,其另包括使用加密術 來撰寫第一、第二及、第三、第四及第五加密信息的 裝置。 42 ·如申請專利範圍第39項之系統,其另包括使用編碼 來撰寫第一、第二及、第三、第四及第五加密信息的 裝置。 Φ 33- 本纸張尺度適用中國國家標準(CNS) A4規格(2】0X297公釐) 裝 訂 線The website of the trusted third party uses a continuous monthly agreement to retrieve fourth encrypted information. For a system with a scope of 33 patent applications, it also includes a device with credibility to check its own website to determine when the recipient retrieves the encrypted information of Xunxun. 35. If the system in the scope of application for item 34 of the patent application, it also includes a third-party device with credibility that proves that the recipient has received the fourth encrypted letter. ° ^ 36 · "Please refer to the system of item 35 of the patent scope ', which also includes the use of the fourth fee increase information as a source of non-repudiation and the establishment of evidence received. 37. If the system of the patent scope of 36 items, Also included is a device that sends the fifth encrypted message to a credible third party from the sender in order to resolve the dispute between the sender and the recipient of the refusal to perform the transaction. It also includes a means for the sender to include the encrypted first-sub conversation surplus and encrypted goods into the fifth encrypted information. ~ 39. If the system of the 38th scope of the patent application is applied, it also includes a third-party 5. The encrypted information confirms whether the process of the first sub-conversation key and encrypted commodity transmitted from the sender to the recipient is correct, in order to resolve the device where the sender and the recipient refuse to perform the transaction &lt; dispute. 40. If the scope of the patent application is 39, the system also includes a device that uses the hash method to write the first, second, third, fourth, and fifth encrypted information. 545021 AB c D 41. The system according to item 39 of the patent application, which further includes a device for writing first, second, third, fourth, and fifth encrypted information using encryption. 42. The device according to item 39 of the patent application The system also includes a device for writing the first, second and third, fourth and fifth encrypted information using codes. Φ 33- This paper standard applies to China National Standard (CNS) A4 specification (2) 0X297 Centimeters) gutter
TW89120395A 1999-10-01 2000-11-27 A method for prohibiting transacting parties from subsequently repudiating an executed transaction with trusted third party TW545021B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US41100499A 1999-10-01 1999-10-01

Publications (1)

Publication Number Publication Date
TW545021B true TW545021B (en) 2003-08-01

Family

ID=23627160

Family Applications (1)

Application Number Title Priority Date Filing Date
TW89120395A TW545021B (en) 1999-10-01 2000-11-27 A method for prohibiting transacting parties from subsequently repudiating an executed transaction with trusted third party

Country Status (4)

Country Link
AU (1) AU7745100A (en)
CA (1) CA2386502A1 (en)
TW (1) TW545021B (en)
WO (1) WO2001030016A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI473482B (en) * 2007-04-06 2015-02-11 Crypt Lab N Transceiver systems, sending devices, receiving devices and methods and programs implemented by such devices

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2001250824A1 (en) * 2000-03-10 2001-09-24 Absolutefuture, Inc. Method and system for coordinating secure transmission of information
AUPS169002A0 (en) 2002-04-11 2002-05-16 Tune, Andrew Dominic An information storage system
AU2003238996A1 (en) * 2002-06-12 2003-12-31 Telefonaktiebolaget Lm Ericsson (Publ) Non-repudiation of service agreements
US7568106B2 (en) * 2005-12-16 2009-07-28 International Business Machines Corporation Cooperative non-repudiated message exchange in a network environment
US8726009B1 (en) * 2010-01-26 2014-05-13 David P. Cook Secure messaging using a trusted third party
KR101393159B1 (en) 2013-04-10 2014-05-30 숭실대학교산학협력단 Method and apparatus for controlling access based on key in social network service
CN104463451B (en) * 2014-11-28 2018-05-18 中国建设银行股份有限公司 A kind of sales slip management system and correlation technique
US9654294B2 (en) 2015-02-26 2017-05-16 Red Hat, Inc. Non-repudiable atomic commit
US9886573B2 (en) 2015-08-06 2018-02-06 Red Hat, Inc. Non-repudiation of broadcast messaging
US10228967B2 (en) 2016-06-01 2019-03-12 Red Hat, Inc. Non-repudiable transaction protocol

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI473482B (en) * 2007-04-06 2015-02-11 Crypt Lab N Transceiver systems, sending devices, receiving devices and methods and programs implemented by such devices

Also Published As

Publication number Publication date
AU7745100A (en) 2001-04-30
CA2386502A1 (en) 2001-04-26
WO2001030016A2 (en) 2001-04-26
WO2001030016A3 (en) 2001-12-13

Similar Documents

Publication Publication Date Title
JP3251917B2 (en) Electronic bidding system and electronic bidding method
Garfinkel et al. How to make secure email easier to use
US8370444B2 (en) Generating PKI email accounts on a web-based email system
Kohl et al. Safeguarding digital library contents and users
US8145707B2 (en) Sending digitally signed emails via a web-based email system
US20020044662A1 (en) Service message management system and method
Yasin et al. Cryptography based e-commerce security: a review
JP2008529136A (en) Method and system for performing data exchange on financial transactions over public networks
Oo Design and implementation of electronic payment gateway for secure online payment system
US8352742B2 (en) Receiving encrypted emails via a web-based email system
Bhiogade Secure socket layer
TW545021B (en) A method for prohibiting transacting parties from subsequently repudiating an executed transaction with trusted third party
US11973881B2 (en) Method for signing contracts
CA2386522A1 (en) A method for preventing repudiation of an executed transaction without a trusted third party
Yang et al. A non-repudiation message transfer protocol for e-commerce
Robinson Understanding digital certificates and secure sockets layer (SSL)
Alishirvani A Framework to Create a Certificate for e-Commerce Secure Transaction Protocol
Tyagi et al. Nullifying the Impacts of Security Threats on e-Business using Cryptography with e-BSP
Schadow et al. Secure HL7 Transactions using Internet Mail
Boughaci et al. A secure e-transaction model for e-commerce
Clark et al. United States Patent and Trademark Office
KR20040077816A (en) System and method of on-line acknowledgement of a legally valid receipt for electronic document
Razali et al. A Framework for Electronic Bill Presentment and Off-Line Message Viewing
Li Research on E-Commerce Secure Technology
Havugimana Online transaction security