Abstract: In response on the existing problems of the electronic commerce protocols，e.g.security goal is single，increasing security requires are not been satisfied.The paper proposes a compound security protocol，which has general security properties required by e-commerce protocols.The new protocol includes authentication sub-protocol and payment sub-protocol.The authentication sub-protocol can authenticate identities of important entity in the foremost time，as well as session keys used for transaction are negotiated efficiently.The payment sub-protocol is designed by improving the anonymous e-cash payment protocol.To realize its non-repudiation，certificates are used to prove the identities of the transaction entities.To avoid unfairness arisen by the dishonest transaction entities，the transmission of payment receipt is achieved by the trusted party.The proposed protocol uses FTP to transmit electronic cashes and payment receipts，which ensures achievement of accountability and fairness，and enhances the robustness of the protocol.

Key words: compound security protocol, security property, authentication, non-repudiation, fairness

摘要： 针对典型电子商务安全协议存在的安全目标单一，不能满足日益增加的安全需求等问题，提出了一种能够满足多种安全属性的复合型电子商务安全协议，该协议包含认证子协议和支付子协议两部分。认证子协议基于令牌概念实现了高效认证及协商会话密钥。改进匿名电子现金支付协议，提出了支付子协议，引入电子证书证明交易主体的身份，确保协议非否认性的实现；借助可信方传递付款收据，避免交易主体不诚实所导致的公平性缺失；引入FTP传输方式传送电子货币和付款收据，确保实现可追究性与公平性，进一步增强协议的鲁棒性。

关键词: 复合型安全协议, 安全属性, 认证性, 非否认性, 公平性