计算机科学

计算机科学 ›› 2022, Vol. 49 ›› Issue (9): 347-354.doi: 10.11896/jsjkx.210800077

• 信息安全 • 上一篇    下一篇

基于随机洋葱路由的LBS移动隐私保护方案

王磊, 李晓宇   

  1. 郑州大学计算机与人工智能学院 郑州 450001
  • 收稿日期:2021-08-10 修回日期:2022-02-23 出版日期:2022-09-15 发布日期:2022-09-09
  • 通讯作者: 李晓宇(iexyli@zzu.edu.cn)
  • 作者简介:(15236406200@163.com)
  • 基金资助:
    国家自然科学基金(61876016)

LBS Mobile Privacy Protection Scheme Based on Random Onion Routing

WANG Lei, LI Xiao-yu   

  1. School of Computer and Artificial Intelligence,Zhengzhou University,Zhengzhou 450001,China
  • Received:2021-08-10 Revised:2022-02-23 Online:2022-09-15 Published:2022-09-09
  • About author:WANG Lei,born in 1994,postgraduate.His main research interests include mobile information security and anonymous communication.
    LI Xiao-yu,born in 1974,Ph.D,asso-ciate professor,is a member of China Computer Federation.His main research interests include mobile computing,quantum computing and quantum information.
  • Supported by:
    National Natural Science Foundation of China(61876016).

PDF (PC)

438

摘要: 为了保障移动节点在使用基于位置的服务时的位置隐私,提出了一种基于随机洋葱路由的LBS移动隐私保护方案。该方案通过使用随机洋葱路由和混合加密方法相结合的方式来确保移动节点位置隐私和查询请求的安全性。移动节点在向LBS服务器发送查询请求之前,随机在网络中选取若干节点构造一条洋葱路径,查询请求则沿着这条路径上的节点依次转发,直到LBS服务器收到消息为止。然后,LBS将查询结果沿洋葱路径反向发送给发送节点。为了实现发送节点匿名,随机构建的洋葱路径上每一层的地址都使用对称加密和非对称加密相结合的方式进行加密,就这样层层加密生成最终的洋葱路径,路径中的每一跳节点都只能获取到其对应的下一跳节点的地址。LBS服务器和任意的中转节点都无法获知谁是发送节点,确保了发送节点的位置隐私。另一方面,为了保证查询请求和查询结果不被任意的第三方获取,发送节点首先使用一个对称密钥对查询请求进行加密,再使用LBS服务器的公有密钥加密该对称密钥,并将加密后的对称密钥密文附在查询请求密文后发送。LBS服务器同样将加密后的查询结果返回。实验结果表明,随着系统中节点数目的增多,该方案的平均响应时间也随之缓慢增加,不会出现平均响应时间随节点数目的增多而急剧增加从而导致系统瘫痪的现象,说明系统具有较好的稳定性和可伸缩性。洋葱路径是随机选择的,不依赖于特定的节点,因此该方案具有较好的健壮性。

关键词: 移动位置隐私, 洋葱路由, 混合加密, 网络安全

Abstract: In order to ensure the location privacy of mobile nodes when using location-based services,a mobile privacy protection scheme for location based service(LBS)based on random onion routing is proposed.This scheme integrates random onion routing and hybrid encryption to ensure the privacy of mobile node location and the security of query requests.The mobile node randomly selects several nodes in the network before sending the query request to the LBS server to build an onion path,and forwards the query request along this path in turn until the LBS server receives the message.Then,the LBS sends the query result to the sen-ding node along the reverse direction of the onion path.In order to realize the anonymity of the sending node,the addresses of each layer on the randomly constructed onion path are encrypted with a combination of symmetric encryption and asymmetric encryption.In this way,layers of encryption are used to generate the final onion path.Each hop node in the path can get only its next-hop node.Neither the LBS server nor any relay node in the onion routing path can know which node is the sending node,so that the location privacy of the sending node can be kept.On the other hand,in order to ensure that no third party can get the query request or query result,the sending node first uses a symmetric key to encrypt the query request.Then it uses the public key of the LBS server to encrypt the symmetric key.Finally it attaches the symmetric key ciphertext to the query request ciphertext and send it to the LBS server.The LBS server will also return the encrypted query result.Experimental results show that the average response time of this scheme increases slowly with the increase of the number of nodes in the system.The average response time will not increases sharply with the increase of the number of nodes,which will lead to system paralysis.So the system has good stability and scalability.The onion path is randomly selected which does not depend on a specific node,so the scheme has better robustness.

Key words: Mobile location privacy, Onion routing, Hybrid encryption, Cyber security

中图分类号: 

  • TP393
[1]ZHANG X J,GUI X L,WU Z D.Privacy preservation for location base services:A survey[J].Journal of Software,2015,26(9):2373-2395.
[2]DAMIANI M L.Location privacy models in mobile applications:Conceptual view and research directions[J].GeoInformatica,2014,18(4):819-842.
[3]REED M G,SYVERSON P F,GOLDSCHLAG D M,et al.Anonymous connections and onion routing[J].IEEE Journal on Selected Areas in Communications,1998,16(4):482-494.
[4]DINGLEDINE R,MATHEWSON N,SYVERSON P.Tor:The second-generation onion router[C]//Proceedings of the 13th USENIX Security Symposium.San Diego,USA,2004.
[5]WU Q Z,XIE S X,JIA Y L.An Improved Tor AnonymousCommunication System[J].Science & Technology Information,2012(19):125-126.
[6]ZHENG G,XUE Z.A Mixed Anonymous System based on Tor[J].Information Security and Communications Privacy,2011(12):76-77,80.
[7]LAI H B,XU L,ZENG Y L,et al.Elliptic curve El Gamal encryption based location privacy-preserving scheme [J].Chinese Journal of Network and Information Security,2020,6(3):30-38.
[8]YANG Y,WANG R C.Double Anonymity Location PrivacyProtection Based on LBS in Augment[J].Journal of Nanjing Normal University(Natural Science Edition),2018,41(3):42-46.
[9]ZHOU C L,CHEN Y H,TIAN H,et al.Location Privacy and Query Privacy Preserving Method for K-nearest Neighbor Query in Road Networks[J].Journal of Software,2020,31(2):471-492.
[10]HU D M,LIAO Z J.Differential Privacy of Location PrivacyProtection Method for Irregular Segment Tree[J].Journal of Chinese Computer Systems,2020,41(2):333-337.
[11]ZHOU Y H,LI G H,YANG Y G,et al.Location Privacy Preserving Nearest Neighbor Querying Based on GeoHash[J].Computer Science,2019,46(8):212-216.
[12]LIU H,LI X H,LUO B,et al.Distributed K-Anonymity Location Privacy Protection Scheme Based on Blockchain[J].Chinese Journal of Computers,2019,42(5):942-960.
[13]LI Y X,ZHOU F C,XU Z F.Privacy-Preserving K-Nearest-Neighbor Search over Mobile Social Network[J].Chinese Journal of Computers,2021,44(7):1481-1500.
[14]JIA L,FAN C L,TIAN X Y,et al.Optimization of AES and RSA algorithm and its mixed encryption system [J].Application Research of Computers,2014,31(4):393-403.
[15]ZHUO Z L,ZHANG X S,LI R X,et al.Anonymous circuit control method for the onion router based on node failure[J].Journal of Computer Applications,2015,35(10):2843-2847.
[16]REITER M K,RUBIN A D.Crowds:Anonymity for WebTransactions[J].ACM Transactions on Information and System Security,1998,1(1):66-92.
[17]XIONG W Z,LI X Y.Mobile Location Privacy Protection Based on Anonymous Routin [J].Computer Science,2018,45(10):149-156.
[18]CHEN Y W,LI X Y.Protecting mobile location privacy based on public-key cryptographic algorithm [J].Computer Enginee-ring and Design,2016,37(2):331-337,383.
[1] 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠.
基于战术关联的网络安全风险评估框架
Network Security Risk Assessment Framework Based on Tactical Correlation
计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171
[2] 赵冬梅, 吴亚星, 张红斌.
基于IPSO-BiLSTM的网络安全态势预测
Network Security Situation Prediction Based on IPSO-BiLSTM
计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103
[3] 杜鸿毅, 杨华, 刘艳红, 杨鸿鹏.
基于网络媒体的非线性动力学信息传播模型
Nonlinear Dynamics Information Dissemination Model Based on Network Media
计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043
[4] 邓凯, 杨频, 李益洲, 杨星, 曾凡瑞, 张振毓.
一种可快速迁移的领域知识图谱构建方法
Fast and Transmissible Domain Knowledge Graph Construction Method
计算机科学, 2022, 49(6A): 100-108. https://doi.org/10.11896/jsjkx.210900018
[5] 吕鹏鹏, 王少影, 周文芳, 连阳阳, 高丽芳.
基于进化神经网络的电力信息网安全态势量化方法
Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network
计算机科学, 2022, 49(6A): 588-593. https://doi.org/10.11896/jsjkx.210200151
[6] 陶礼靖, 邱菡, 朱俊虎, 李航天.
面向网络安全训练评估的受训者行为描述模型
Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment
计算机科学, 2022, 49(6A): 480-484. https://doi.org/10.11896/jsjkx.210800048
[7] 张师鹏, 李永忠.
基于降噪自编码器和三支决策的入侵检测方法
Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions
计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059
[8] 周仕承, 刘京菊, 钟晓峰, 卢灿举.
基于深度强化学习的智能化渗透测试路径发现
Intelligent Penetration Testing Path Discovery Based on Deep Reinforcement Learning
计算机科学, 2021, 48(7): 40-46. https://doi.org/10.11896/jsjkx.210400057
[9] 李贝贝, 宋佳芮, 杜卿芸, 何俊江.
DRL-IDS:基于深度强化学习的工业物联网入侵检测系统
DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things
计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021
[10] 陈海彪, 黄声勇, 蔡洁锐.
一个基于智能电网的跨层路由的信任评估协议
Trust Evaluation Protocol for Cross-layer Routing Based on Smart Grid
计算机科学, 2021, 48(6A): 491-497. https://doi.org/10.11896/jsjkx.201000169
[11] 王金恒, 单志龙, 谭汉松, 王煜林.
基于遗传优化PNN神经网络的网络安全态势评估
Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network
计算机科学, 2021, 48(6): 338-342. https://doi.org/10.11896/jsjkx.201200239
[12] 张凯, 刘京菊.
基于吸收Markov链的网络入侵路径分析方法
Attack Path Analysis Method Based on Absorbing Markov Chain
计算机科学, 2021, 48(5): 294-300. https://doi.org/10.11896/jsjkx.200700108
[13] 陈明豪, 祝跃飞, 芦斌, 翟懿, 李玎.
基于Attention-CNN的加密流量应用类型识别
Classification of Application Type of Encrypted Traffic Based on Attention-CNN
计算机科学, 2021, 48(4): 325-332. https://doi.org/10.11896/jsjkx.200900155
[14] 刘全明, 李尹楠, 郭婷, 李岩纬.
基于Borderline-SMOTE和双Attention的入侵检测方法
Intrusion Detection Method Based on Borderline-SMOTE and Double Attention
计算机科学, 2021, 48(3): 327-332. https://doi.org/10.11896/jsjkx.200600025
[15] 蒋建峰, 孙金霞, 尤澜涛.
基于粒子群优化算法的无线传感网络安全分簇策略
Security Clustering Strategy Based on Particle Swarm Optimization Algorithm in Wireless Sensor Network
计算机科学, 2021, 48(11A): 452-455. https://doi.org/10.11896/jsjkx.210900131
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发