利用雙線性函數搭配橢圓曲線密碼系統為目前之安全系統趨勢。相較於傳統的密碼學系統，在相同的位元長度下，橢圓曲線密碼系統將擁有較高的安全度。在此，我們提出兩個不同在通訊系統安全中之應用。
第一個是關於秘密分享。一些秘密將藉由分散給所有之使用者來保護其安全，只有合法之使用者才能將那些秘密還原回來。在我們的設計中，秘密可隨著時間作更替，而系統也會定期更新一些相關資訊，提升系統的安全性。而使用者之間所傳遞之訊息也可以被驗證，且使用者們只要固定持有一個私密資訊，再藉由系統所提供之訊息，使用者們也可以更新自己所持有的訊息。由於訊息是持續更新的，舊有的訊息將無助於解開秘密。
第二個是階層式金鑰管理系統。由於網路系統裡，金鑰的管理是很重要之一環，又目前許多網路中，金鑰管理並沒考慮階層的概念;而在現實生活中，階層卻是隨處可見的。因此，我們利用橢圓曲線密碼系統提出一個階層式金鑰管理。其系統特性是，階級高的使用者，可以推導出階層低的使用者之加密金鑰，藉此獲知相關訊息。
第三個是關於秘密分享的一個應用，模糊傳輸。我們將原本的一對一模糊傳輸拓展成為一對多，為一多接收端的系統。在我們所提出的方法中，我們不僅達成原本模糊傳輸的基本要求，也由於系統為多接收，因此接收端們也都無法得知其他接收端之取得訊息。我們最後更將該應用，使用在CDMA之通訊系統以及電子商務之中。

The bilinear mapping function used in the elliptic curve cryptography has been a new trend of cryptosystem. Because the cryptosystem bases on the elliptic curve cryptography will achieve higher level of security comparing with the original discrete logarithm problem in the same bits length. We propose two different kinds of application in communication and cryptography.
First one is about the secret sharing. Some secrets are protected by distributing them among many participants, whereby only an authorized group of participants can reconstruct the secrets. In our scheme, the secret will change periodically and the dealer will periodically publish some of the information, in addition, the participants can verify the information which they have received. Each participant holds only one permanent, private secret, and some of them use it during different time periods to reconstruct the corresponding shared secrets without revealing their own private information. Because some public information is renewed in our scheme, the old information has nothing to do with the next secret.
The second one is about the hierarchical key derivation. When constructing the network, the key management is the most important problem that each system has to solve. There are many key agreement protocols which are non-hierarchical. We have achieved a verifiable hierarchical key derivation scheme using the elliptic curve cryptography and the bilinear mapping function. The character of this scheme is that the user who has higher rank can derive the keys kept by the users who are in lower rank.
The third one, final part, is to propose a secret sharing application to the varied oblivious transfer. We extend the 1-on-1 oblivious transfer to be 1-on-n where n is larger than or equal to 1. Our proposed scheme is subject to the scenario of multi-receiver. Following up the requests, we design the protocols which not only achieve the basic requirements of oblivious transfer but also make the intended recipients can only retrieve the individual information with them. It is next applied to two real cases to fit in with security concerns at the communications of CDMA (Code Division Multiple Access) and electronic commerce transaction systems.

[1] A. Shamir, “How to share a secret,” Communications of the ACM 22, 1979, pp. 612-613.
[2] A. Menezes, T. Okamoto, and S. Vanstone, “Reducing elliptic curve logarithms to logarithms in a finite field,” IEEE Transaction on Information Theory, 1993, pp. 1639-1646.
[3] A. Joux, "The Weil and Tate pairings as building blocks for public key cryptosystems," in Proceedings of Fifth Algorithmic Number Theory Symposium, Lecture Notes in Computer Science, 2002, Springer-Verlag.
[4] A. Joux and K. Nguyen, "Separating decision Diffie–Hellman from computational Diffie–Hellman in cryptographic groups," Journal of Cryptology, Volume 16, Number 4, 2003, pp. 239-247.
[5] An introduction to spread-spectrum communications.
“http://www.maxim-ic.com/appnotes.cfm/appnote_number/1890”. June 2009.
[6] B. Aiello, Y. Ishai and O. Reingold, “Priced Oblivious Transfer: How to Sell Digital Goods,” Advances in Cryptology: EUROCRYPT 2001, Springer-Verlag, Germany, Volume 2045, 2001, pp. 119-135.
[7] C. C. Yang, T. Y. Chang, and M. S. Hwang, “A (t,n) multi-secret sharing scheme,” Applied Mathematics and Computation, Volume 151, Number 2, 2004, pp. 483-490.
[8] D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing,” Advances in Cryptology- Crypto’2001, Lecture Notes on Computer Science 2139, Springer-Verlag, 2001, pp. 213-229.
[9] G. Blakley, “Safeguarding cryptographic keys,” in: Proc. AFIPS (1979) Natl. Conference, New York, 1979, pp. 313-317.
[10] J. He and E. Dawson, “Multistages secret sharing based on one-way function,” Electronics Letters Volume 31, Number 2, 1995, pp. 1591-1592.
[11] J. N. Cao, L. Liao, and G.J. Wang, "Scalable key management for secure multicast communication in the mobile environment," Pervasive and Mobile Computing, Volume 2, Issue 2, April 2006, pp. 187-203.
[12] J. S. Hwu, R. J. Chen, and Y. B. Lin, “An efficient identity-based cryptosystem for end-to-end mobile security,” IEEE Transactions on Wireless Communications, Volume 5, Issue 9, September 2006, pp. 2586-2593.
[13] M. O. Rabin, “How to Exchange Secrets by Oblivious Transfer,” Technical Report TR-81, Harvard Aiken Computation Laboratory, 1981.
[14] M. Naor and B. Pinkas, “Efficient Oblivious Transfer Protocols,” Proceedings of SIAM 12th Annual Symposium on Discrete Algorithms 2001, Washington, USA, 2001, pp. 448-457.
[15] N. Koblitz, “Introduction to elliptic curves and modular forms,” Springer-Verlag, 1984.
[16] N. Koblitz, A. Menezes, and S.A. Vanstone, “The state of elliptic curve cryptography,” Designs, Codes and Cryptography, Volume 19, Numbers 2-3, 2000, pp. 173–193.
[17] O. Wakaha and S. Ryota, “k out of n Oblivious Transfer without Random Oracle,” IEICE Transaction on Fundamentals of Electronics, Communication and Computer Sciences, Volume E87-A, No. 1, January 2004, pp. 147-151.
[18] R. H. Shi, H. Zhong, and L. S. Huang, “A (t,n)-threshold verified multi-secret sharing scheme based on ECDLP,” Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, 2007, pp. 9-13.
[19] S. Eskeland and V. Oleshchuk, “Hierarchical multi-party key agreement for wireless networks,” Third International Symposium on Information Assurance and Security, 29-31 August 2007, pp. 39 - 43.
[20] T. Y. Chang, M. S. Hwang, and W. P. Yang, “A new multi-stage secret sharing scheme using one-way function,” Association for computing Machinery, SIGOPS Operating Systems Review, New York, Volume 39, 2005, pp. 48-55.
[21] W. A. Jackson, K. M. Martin, and C. M. O’keefe, “On sharing many secrets,” Asiacrypt’94, 1994, pp. 42-54.
[22] W. Chen, X. Long, Y. B. Bai, and X. P. Gao, “A new dynamic threshold secret sharing scheme from bilinear maps,” International Conference on Parallel Processing Workshops, 2007, pp. 19.
[23] W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, Volume 22, 1976, pp. 644–654.
[24] W. G. Tzeng, “A secure system for data access based on anonymous authentication and time-dependent hierarchical keys,” In Proceedings of the 2006 ACM Symposium on information, Computer and Communications Security, March 2006, pp. 223-230.
[25] W. G. Tzeng, “Efficient 1-out-of-n Oblivious Transfer Protocols with Universally Usable Parameter,” IEEE Transaction on Computers, Volume 53, Number 2, February 2004, pp. 232-240.
[26] Y. J. Geng, X. H. Fan, and F. Hong, “A new multi-secret sharing scheme with multi-policy,” International Conference on Advanced Communication Technology, 2007, pp. 1515-1517.
[27] Y. Sun and K.J.R. Liu, "Hierarchical group access control for secure multicast communications," IEEE/ACM Transactions on Networking, Volume 15, Issue 6, December 2007, pp. 1514-1526.
[28] Y. F. Chang, “Non-Interactive t-out-of-n Oblivious Transfer Based on the RSA Cryptosystem,” Proceedings of IEEE Third International Conference on Intelligent Information Hiding and Multimedia Signal Processing, Volume 2, November 2007, pp. 45-50.
[29] Y. Mu, J. Zhang, V. Varadharajan and Y. X. Lin, “Robust Non-interactive Oblivious Transfer,” IEEE Communication Letters, Volume 7, Number 4, April 2003, pp. 153-156.