一种标识符动态协商的匿名通信模型

doi:10.19665/j.issn1001-2400.2023.04.010

摘要/Abstract

摘要：

过去的十几年是通信技术、计算范式快速发展的大数据时代。在大数据应用大量增加的背景下,数字信息传递已成为人类交流的一种重要形式。但是,数字信息传递过程中存在很多的安全隐患,如信息传递中存在数据泄漏频繁发生的安全问题。匿名通信作为通信过程中隐私保护的关键手段之一,受到广泛关注。然而,现有的匿名通信模型不能在保证通信效率的同时,有效地应对诸如重放攻击、中间人攻击、统计攻击等攻击手段,因而提出一种标识符动态协商的匿名通信模型。在预处理阶段,采用椭圆曲线迪菲-赫尔曼密钥交换改进的标识符协商方法,该方法让网络中每两个成员协商出通信标识符和加密消息的对称密钥,提高预处理阶段的协商效率;在匿名通信阶段,标识符可以随每次通信的进行而动态变化,有效抵抗重放攻击和统计攻击。方案同时设置专门的追查机构,将去除匿名的权利给追查机构,防止恶意用户拒绝去除匿名。安全性分析证明了该方案的鲁棒性,性能实验证明了该方案在保证安全性的同时,有更高的通信效率。

关键词: 匿名通信, 隐私保护技术, 身份追踪, 身份识别

Abstract:

The past decade has been a big data era of rapid development in communication technology and computing paradigms.With the increasing application of big data,digital information transmission has become an important form of human communication.However,there are many hidden security risks in the process of digital information transmission.Data leakage often occurs in the process of information transmission.As one of the key means of privacy protection in the communication process,anonymous communication has been widely concerned.However,the existing anonymous communication models cannot effectively cope with attacks such as replay attack,man-in-the-middle attack,and statistical attack while ensuring the communication efficiency.This paper proposes an anonymous communication model based on identifier dynamic negotiation.In the preprocessing stage,an improved identifier negotiation method based on ECDH key exchange is adopted,which allows every two members in the network to negotiate the communication identifier and the symmetric key for encrypting messages,and improves the negotiation efficiency in the preprocessing stage.In the anonymous communication stage,identifiers can be dynamically changed with each communication,which effectively resists replay attacks and statistical attacks.The scheme also sets up a special investigation agency for giving the right to remove anonymity to the investigation agency,preventing malicious users from refusing to remove anonymity.Security analysis proves the robustness of the scheme.Performance experiments show that the scheme has a higher communication efficiency while ensuring security.

Key words: anonymous communication, privacy-preserving techniques, identity Tracking, identification

中图分类号:

杨晓晖,庄海晶. 一种标识符动态协商的匿名通信模型[J]. 西安电子科技大学学报, 2023, 50(4): 100-110.

YANG Xiaohui,ZHUANG Haijing. Anonymous communication model with dynamic negotiation of identifiers[J]. Journal of Xidian University, 2023, 50(4): 100-110.

图/表 12

表1

图1

表2

图2

图3

图4

表3

图5

图6

图7

图8

表4

参考文献 23

[1]	MAYER J, MUTCHLER P, MITCHELL J C. Evaluating the Privacy Properties of Telephone Metadata[J]. Proceedings of the National Academy of Sciences, 2016, 113(20):5536-5541. doi: 10.1073/pnas.1508081113
[2]	DE MONTJOYE Y A. Computational Privacy:Towards Privacy-Conscientious Uses of Metadata[D]. Cambridge City: Massachusetts Institute of Technology, 2015.
[3]	JIANG L, LI T, LI X, et al. Anonymous Communication via Anonymous Identity-Based Encryption and its Application in IoT[J]. Wireless Communications and Mobile Computing, 2018, 2018:1-8.
[4]	CHAUM D, DAS D, JAVANI F, et al. cMix:Mixing with Minimal Real-Time Asymmetric Cryptographic Operations[C]// International Conference on Applied Cryptography and Network Security.Heidelberg:Springer, 2017:557-578.
[5]	徐花, 田有亮. 差分隐私下的权重社交网络隐私保护[J]. 西安电子科技大学学报, 2022, 49(1):17-25.
	XU Hua, TIAN Youliang. Protection of Privacy of the Weighted Social Network under Differential Privacy[J]. Journal of Xidian University, 2022, 49(1):17-25.
[6]	JAYARAMAN I, STANISLAUS PANNEERSELVAM A. A Novel Privacy Preserving Digital Forensic Readiness Provable Data Possession Technique for Health Care Data in Cloud[J]. Journal of Ambient Intelligence and Humanized Computing, 2021, 12(5):4911-4924. doi: 10.1007/s12652-020-01931-1
[7]	SILVA P, CASALEIRO R, SIMÖES P, et al. Risk Management and Privacy Violation Detection in the PoSeID-on Data Privacy Platform[J]. SN Computer Science, 2020, 1(4):1-10. doi: 10.1007/s42979-019-0007-y
[8]	WANG X, XU Z, CAI Z, et al. Novel Temporal Perturbation-Based Privacy-Preserving Mechanism for Smart Meters[J]. Mobile Networks and Applications, 2020, 25(4):1548-1562. doi: 10.1007/s11036-019-01359-8
[9]	左开中, 刘蕊, 赵俊, 等. 融合语义信息的时空关联位置隐私保护方法[J]. 西安电子科技大学学报, 2022, 49(1):67-77.
	ZUO Kaizhong, LIU Rui, ZHAO Jun, et al. Method for the Protection of Spatiotemporal Correlation Location Privacy with Semantic Information[J]. Journal of Xidian University, 2022, 49(1):67-77.
[10]	LI F, LIU Z, WANG Y, et al. Aitac:An Identity-Based Traceable Anonymous Communication Model[J]. Journal of Ambient Intelligence and Humanized Computing, 2022, 13:1353-1362. doi: 10.1007/s12652-020-02604-9
[11]	LI Y, WANG G, NIE L, et al. Distance Metric Optimization Driven Convolutional Neural Network for Age Invariant Face Recognition[J]. Pattern Recognition, 2018, 75:51-62. doi: 10.1016/j.patcog.2017.10.015
[12]	LI J, ZHANG Y, CHEN X, et al. Secure Attribute-Based Data Sharing for Resource-Limited Users in Cloud Computing[J]. Computers & Security, 2018, 72:1-12. doi: 10.1016/j.cose.2017.08.007
[13]	CORRIGAN-GIBBS H, WOLINSKY D I, FORD B. Proactively Accountable Anonymous Messaging in Verdict[C]// 22nd USENIX Security Symposium (USENIX Security 13). New York: ACM, 2013:147-162.
[14]	SUN Q, LIN K, SI C, et al. A Secure and Anonymous Communicate Scheme over the Internet of Things[J]. ACM Transactions on Sensor Networks (TOSN), 2022, 18(3):1-21.
[15]	DIAB T, GILG M, LORENZ P, et al. Using I2P (Invisible Internet Protocol) Encrypted Virtual Tunnels for a Secure and Anonymous Communication in VANets:I2P Vehicular Protocol(IVP)[J]. Wireless Personal Communications, 2022, 127:2625-2644. doi: 10.1007/s11277-022-09888-4
[16]	MARIA A, RAJASEKARAN A S, AL-TURJMAN F, et al. Baiv:An Efficient Blockchain-Based Anonymous Authentication and Integrity Preservation Scheme for Secure Communication in VANETs[J]. Electronics, 2022, 11(3):488. doi: 10.3390/electronics11030488
[17]	BUCCAFURRI F, DE ANGELIS V, IDONE M F, et al. A Protocol for Anonymous Short Communications in Social Networks and its Application to Proximity-Based Services[J]. Online Social Networks and Media, 2022, 31:100221. doi: 10.1016/j.osnem.2022.100221
[18]	CHAUM D L. Untraceable Electronic Mail,Return Addresses,and Digital Pseudonyms[J]. Communications of the ACM, 1981, 24(2):84-90. doi: 10.1145/358549.358563
[19]	CHAUM D. The Dining Cryptographers Problem:Unconditional Sender and Recipient Untraceability[J]. Journal of Cryptology, 1988, 1(1):65-75. doi: 10.1007/BF00206326
[20]	DINGLEDINE R, MATHEWSON N, SYVERSON P. Tor:The Second-Generation Onion Router[R]. Washington DC: Naval Research Lab, 2004.
[21]	HILLER J, PENNEKAMP J, DAHLMANNS M, et al. Tailoring Onion Routing to the Internet of Things:Security and Privacy in Untrusted Environments[C]// 2019 IEEE 27th International Conference on Network Protocols (ICNP).Piscataway:IEEE, 2019:1-12.
[22]	XIA Y, CHEN R, SU J, et al. Balancing Anonymity and Resilience in Anonymous Communication Networks[J]. Computers & Security, 2021, 101:102106. doi: 10.1016/j.cose.2020.102106
[23]	BAUER K, MCCOY D, GRUNWALD D, et al. Low-Resource Routing Attacks Against Tor[C]// Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. New York: ACM, 2007:11-20.

符号	意义
N	匿名组中的成员数量
M	消息数量
U_i	表示匿名组中一个成员(i=1,2,…,N)
n_ij	用户U_i给用户U_j设置的标识符
m	要传输的消息(明文)
c	要传输的密文
K	用户U_i和用户U_j协商的对称密钥
PK_i,SK_i	U_i的公钥和私钥
PK', SK'	追查机构的公钥和私钥

	发送标识符	接收标识符
U₁	n_i₁	n₁_i
U₂	n_i₂	n₂_i
?	?	?
U_j	n_ij	n_ji

	DC-net	Acibe	Aitac	提出的模型
消息安全性	√	√	√	√
发送者匿名性	√	√	√	√
接收者匿名性	√	√	√	√
可追踪	×	×	√	√
抗重放攻击	×	×	×	√
抗统计攻击	√	√	×	√

	Acibe	Aitac	提出的模型
加密的时间消耗	O(M)	O(M)	O(M)
上传的时间消耗	O(M)	O(M)	O(M)
下载的时间消耗	O(NM)	O(M)	O(M)
解密的时间消耗	O(NM)	O(M)	O(M)