计算机科学

计算机科学 ›› 2019, Vol. 46 ›› Issue (4): 164-171.doi: 10.11896/j.issn.1002-137X.2019.04.026

• 信息安全 • 上一篇    下一篇

基于洋葱路由的双向匿名秘密通信协议

赵梦瑶, 李晓宇   

  1. 郑州大学信息工程学院 郑州450001
  • 收稿日期:2018-02-09 出版日期:2019-04-15 发布日期:2019-04-23
  • 通讯作者: 李晓宇(1974-),男,博士,副教授,CCF会员,主要研究方向为量子计算与量子信息、移动计算,E-mail:iexyli@zzu.edu.cn(通信作者)。
  • 作者简介:赵梦瑶(1994-),女,硕士,主要研究方向为移动信息安全、匿名通信
  • 基金资助:
    本文受国家自然科学基金项目(61472412),河南省教育厅自然科学基金项目(14A520012)资助。

Bidirectional Anonymous Secret Communication Protocol Based on Onion Routing

ZHAO Meng-yao, LI Xiao-yu   

  1. School of Information Engineering,Zhengzhou University,Zhengzhou 450001,China
  • Received:2018-02-09 Online:2019-04-15 Published:2019-04-23

PDF (PC)

1481

摘要: 在网络中,通信双方的身份是一项重要的隐私,匿名通信可以隐藏通信者的身份。对于匿名通信的研究,大部分都是关于发送者匿名,而对于接收者匿名以及双向匿名通信的研究比较少。洋葱路由系统使用源路由协议和层层加密的思想构造洋葱路径,消息按照洋葱路径经过有序中转节点进行转发,隐藏了发送者的地址,实现了发送者匿名,能够有效地防止窃听和流量分析。基于洋葱路由,提出了一种新的双向匿名秘密通信协议。发送者构造的洋葱路径包含系统中所有的节点,每到一跳中转节点,都要判断该节点上是否有接收者用户。如果没有,则继续转发消息;如果有,则接收者收到消息,同时终止转发。发送者(接收者)的身份不会被对方或者任意的其他用户获取,而且除了通信双方之外,任意的中转节点和侵入者都不能获取消息,因此该协议很好地实现了双向的匿名秘密通信。该协议不使用组播实现接收者匿名,有效地减少了系统中的流量;且只基于洋葱路由一种匿名系统,实现简单。实验结果表明,随着系统用户的增加,平均响应时间和平均双向通信时间近似呈线性增长,说明该系统在用户数量很多的情况下仍然工作稳定,健壮性较好。

关键词: RSA公钥系统, 双向匿名秘密通信, 网络安全, 洋葱路由

Abstract: In the network,the identity of communicators is an important privacy.Anonymous communications can hide the sender and the recipient.Most of the research on anonymous communication is about the sender’s anonymity.There is less research on the receiver’s anonymity and bidirectional anonymity.In onion routing system,onion path is constructed by using source routing protocol and layer by layer encryption.The message is forwarded through orderly transit nodes according to onion path,which hides the sender’s address,realizes the sender’s anonymity and effectively prevents eavesdropping and traffic analysis.A new bidirectional anonymous secret communication protocol was proposed based on onion routing in this paper.The onion path constructed by the sender contains all the nodes in the system.Every hopping transfer node must judge whether the node is the receiver or not.If not,the message continues to be forwarded,and else,the recipient receives the message and the forwarding terminates.The identity of the sender(receiver) is not captured by the other party or any other user.Besides both sides of the communication,any transit node or intrudercan’t get the message.Therefore,the protocol achieves a two-way anonymous secret communication well.The anonymity of the receiver is realized without multicast,which effectively reduces the traffic in the system.The protocol is only based on onion routing anonymity system and is relatively simple.The experimental results show that with the increase of system users,the average response time and the average bidirectional communication time increase almost linearly,which indicates that the system is still stable and robust in the case of a large number of users.

Key words: Bidirectional anonymity secret communication, Network security, Onion routing, RSA public key system

中图分类号: 

  • TP319
[1]CHAUM D.Untraceable electronic mail,return addresses,and digital pseudonyms[J].Communications of the ACM,1981,24(2):84-88.
[2]REED M G,SYVERSON P F,GOLDSCHLAG D M,et al. Anonymous connections and onion routing[J].IEEE Journal on Selected Areas in Communications,1998,16(4):482-494.
[3]DINGLEDINE R,MATHEWSON N,SYVERSON P.Tor:The second-generation onion router[C]∥Proceedings of the 13th USENIX Security Symposium.San Diego,USA,2004.
[4]WU Q Z,XIE S X,JIA Y L.An improved Tor anonymous communication system[J].Science and Technology Information,2012(19):125-126.(in Chinese) 吴庆震,谢圣献,贾仰理.Tor系统的改进方案[J].科技信息,2012(19):125-126.
[5]HUO C Y,WU Z Q.Study and design of bidirectional anonymi- ty communication protocol[J].Computer Engineering,2008,34(19):174-178.(in Chinese) 霍成义,吴振强.双向匿名通信协议的研究与设计[J].计算机工程,2008,34(19):174-178.
[6]ZHENG G,XUE Z.A mixed anonymous system based on Tor[J].Information Security and Communications Privacy,2011(12):76-80.(in Chinese) 郑光,薛质.基于Tor的混合匿名转发系统[J].信息安全与通信保密,2011(12):76-80.
[7]ZHU Y,FU X W,GRAHAM B,et al.On flow correlation attacks and Countermeasures in mix networks[C]∥Proceedings of the 4th Privacy Enhancing Technology Workshop.Toronto,CANADA,2005:207-225.
[8]ZHAO F X,WANG Y M,WANG C J.An authenticated scheme of onion routing[J].Chinese Journal of Computers,2001,24(5):463-467.(in Chinese) 赵福祥,王育民,王常杰.可靠洋葱路由方案的设计与实现[J].计算机学报,2001,24(5):463-467.
[9]HE G F,YANG M,LUO J Z,et al.Modeling and analysis of time characteristics used in onion routing traceback techniques[J].Chinese Journal of Computers,2014,37(2):356-372.(in Chinese) 何高峰,杨明,罗军舟,等.洋葱路由追踪技术中时间特征的建模与分析[J].计算机学报,2014,37(2):356-372.
[1] 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠.
基于战术关联的网络安全风险评估框架
Network Security Risk Assessment Framework Based on Tactical Correlation
计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171
[2] 王磊, 李晓宇.
基于随机洋葱路由的LBS移动隐私保护方案
LBS Mobile Privacy Protection Scheme Based on Random Onion Routing
计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077
[3] 赵冬梅, 吴亚星, 张红斌.
基于IPSO-BiLSTM的网络安全态势预测
Network Security Situation Prediction Based on IPSO-BiLSTM
计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103
[4] 陶礼靖, 邱菡, 朱俊虎, 李航天.
面向网络安全训练评估的受训者行为描述模型
Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment
计算机科学, 2022, 49(6A): 480-484. https://doi.org/10.11896/jsjkx.210800048
[5] 杜鸿毅, 杨华, 刘艳红, 杨鸿鹏.
基于网络媒体的非线性动力学信息传播模型
Nonlinear Dynamics Information Dissemination Model Based on Network Media
计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043
[6] 吕鹏鹏, 王少影, 周文芳, 连阳阳, 高丽芳.
基于进化神经网络的电力信息网安全态势量化方法
Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network
计算机科学, 2022, 49(6A): 588-593. https://doi.org/10.11896/jsjkx.210200151
[7] 邓凯, 杨频, 李益洲, 杨星, 曾凡瑞, 张振毓.
一种可快速迁移的领域知识图谱构建方法
Fast and Transmissible Domain Knowledge Graph Construction Method
计算机科学, 2022, 49(6A): 100-108. https://doi.org/10.11896/jsjkx.210900018
[8] 张师鹏, 李永忠.
基于降噪自编码器和三支决策的入侵检测方法
Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions
计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059
[9] 周仕承, 刘京菊, 钟晓峰, 卢灿举.
基于深度强化学习的智能化渗透测试路径发现
Intelligent Penetration Testing Path Discovery Based on Deep Reinforcement Learning
计算机科学, 2021, 48(7): 40-46. https://doi.org/10.11896/jsjkx.210400057
[10] 李贝贝, 宋佳芮, 杜卿芸, 何俊江.
DRL-IDS:基于深度强化学习的工业物联网入侵检测系统
DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things
计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021
[11] 陈海彪, 黄声勇, 蔡洁锐.
一个基于智能电网的跨层路由的信任评估协议
Trust Evaluation Protocol for Cross-layer Routing Based on Smart Grid
计算机科学, 2021, 48(6A): 491-497. https://doi.org/10.11896/jsjkx.201000169
[12] 王金恒, 单志龙, 谭汉松, 王煜林.
基于遗传优化PNN神经网络的网络安全态势评估
Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network
计算机科学, 2021, 48(6): 338-342. https://doi.org/10.11896/jsjkx.201200239
[13] 张凯, 刘京菊.
基于吸收Markov链的网络入侵路径分析方法
Attack Path Analysis Method Based on Absorbing Markov Chain
计算机科学, 2021, 48(5): 294-300. https://doi.org/10.11896/jsjkx.200700108
[14] 陈明豪, 祝跃飞, 芦斌, 翟懿, 李玎.
基于Attention-CNN的加密流量应用类型识别
Classification of Application Type of Encrypted Traffic Based on Attention-CNN
计算机科学, 2021, 48(4): 325-332. https://doi.org/10.11896/jsjkx.200900155
[15] 刘全明, 李尹楠, 郭婷, 李岩纬.
基于Borderline-SMOTE和双Attention的入侵检测方法
Intrusion Detection Method Based on Borderline-SMOTE and Double Attention
计算机科学, 2021, 48(3): 327-332. https://doi.org/10.11896/jsjkx.200600025
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发