基于洋葱路由的双向匿名秘密通信协议
|
摘要
在网络中,通信双方的身份是一项重要的隐私,匿名通信可以隐藏通信者的身份。对于匿名通信的研究,大部分都是关于发送者匿名,而对于接收者匿名以及双向匿名通信的研究比较少。洋葱路由系统使用源路由协议和层层加密的思想构造洋葱路径,消息按照洋葱路径经过有序中转节点进行转发,隐藏了发送者的地址,实现了发送者匿名,能够有效地防止窃听和流量分析。基于洋葱路由,提出了一种新的双向匿名秘密通信协议。发送者构造的洋葱路径包含系统中所有的节点,每到一跳中转节点,都要判断该节点上是否有接收者用户。如果没有,则继续转发消息;如果有,则接收者收到消息,同时终止转发。发送者(接收者)的身份不会被对方或者任意的其他用户获取,而且除了通信双方之外,任意的中转节点和侵入者都不能获取消息,因此该协议很好地实现了双向的匿名秘密通信。该协议不使用组播实现接收者匿名,有效地减少了系统中的流量;且只基于洋葱路由一种匿名系统,实现简单。实验结果表明,随着系统用户的增加,平均响应时间和平均双向通信时间近似呈线性增长,说明该系统在用户数量很多的情况下仍然工作稳定,健壮性较好。
In the network,the identity of communicators is an important privacy.Anonymous communications can hide the sender and the recipient.Most of the research on anonymous communication is about the sender's anonymity.There is less research on the receiver's anonymity and bidirectional anonymity.In onion routing system,onion path is constructed by using source routing protocol and layer by layer encryption.The message is forwarded through orderly transit nodes according to onion path,which hides the sender's address,realizes the sender's anonymity and effectively prevents eavesdropping and traffic analysis.A new bidirectional anonymous secret communication protocol was proposed based on onion routing in this paper.The onion path constructed by the sender contains all the nodes in the system.Every hopping transfer node must judge whether the node is the receiver or not.If not,the message continues to be forwarded,and else,the recipient receives the message and the forwarding terminates.The identity of the sender(receiver) is not captured by the other party or any other user.Besides both sides of the communication,any transit node or intrudercan't get the message.Therefore,the protocol achieves a two-way anonymous secret communication well.The anonymity of the receiver is realized without multicast,which effectively reduces the traffic in the system.The protocol is only based on onion routing anonymity system and is relatively simple.The experimental results show that with the increase of system users,the average response time and the average bidirectional communication time increase almost linearly,which indicates that the system is still stable and robust in the case of a large number of users.
In the network,the identity of communicators is an important privacy.Anonymous communications can hide the sender and the recipient.Most of the research on anonymous communication is about the sender's anonymity.There is less research on the receiver's anonymity and bidirectional anonymity.In onion routing system,onion path is constructed by using source routing protocol and layer by layer encryption.The message is forwarded through orderly transit nodes according to onion path,which hides the sender's address,realizes the sender's anonymity and effectively prevents eavesdropping and traffic analysis.A new bidirectional anonymous secret communication protocol was proposed based on onion routing in this paper.The onion path constructed by the sender contains all the nodes in the system.Every hopping transfer node must judge whether the node is the receiver or not.If not,the message continues to be forwarded,and else,the recipient receives the message and the forwarding terminates.The identity of the sender(receiver) is not captured by the other party or any other user.Besides both sides of the communication,any transit node or intrudercan't get the message.Therefore,the protocol achieves a two-way anonymous secret communication well.The anonymity of the receiver is realized without multicast,which effectively reduces the traffic in the system.The protocol is only based on onion routing anonymity system and is relatively simple.The experimental results show that with the increase of system users,the average response time and the average bidirectional communication time increase almost linearly,which indicates that the system is still stable and robust in the case of a large number of users.
引文
[1] CHAUM D.Untraceable electronic mail,return addresses,and digital pseudonyms[J].Communications of the ACM,1981,24(2):84-88.
[2] REED M G,SYVERSON P F,GOLDSCHLAG D M,et al.Anonymous connections and onion routing[J].IEEE Journal on Selected Areas in Communications,1998,16(4):482-494.
[3] DINGLEDINE R,MATHEWSON N,SYVERSON P.Tor:The second-generation onion router[C]//Proceedings of the 13th USENIX Security Symposium.San Diego,USA,2004.
[4] WU Q Z,XIE S X,JIA Y L.An improved Tor anonymous communication system[J].Science and Technology Information,2012(19):125-126.(in Chinese)吴庆震,谢圣献,贾仰理.Tor系统的改进方案[J].科技信息,2012(19):125-126.
[5] HUO C Y,WU Z Q.Study and design of bidirectional anonymi- ty communication protocol[J].Computer Engineering,2008,34(19):174-178.(in Chinese)霍成义,吴振强.双向匿名通信协议的研究与设计[J].计算机工程,2008,34(19):174-178.
[6] ZHENG G,XUE Z.A mixed anonymous system based on Tor[J].Information Security and Communications Privacy,2011(12):76-80.(in Chinese)郑光,薛质.基于Tor的混合匿名转发系统[J].信息安全与通信保密,2011(12):76-80.
[7] ZHU Y,FU X W,GRAHAM B,et al.On flow correlation attacks and Countermeasures in mix networks[C]//Proceedings of the 4th Privacy Enhancing Technology Workshop.Toronto,CANADA,2005:207-225.
[8] ZHAO F X,WANG Y M,WANG C J.An authenticated scheme of onion routing[J].Chinese Journal of Computers,2001,24(5):463-467.(in Chinese)赵福祥,王育民,王常杰.可靠洋葱路由方案的设计与实现[J].计算机学报,2001,24(5):463-467.
[9] HE G F,YANG M,LUO J Z,et al.Modeling and analysis of time characteristics used in onion routing traceback techniques[J].Chinese Journal of Computers,2014,37(2):356-372.(in Chinese)何高峰,杨明,罗军舟,等.洋葱路由追踪技术中时间特征的建模与分析[J].计算机学报,2014,37(2):356-372.
[2] REED M G,SYVERSON P F,GOLDSCHLAG D M,et al.Anonymous connections and onion routing[J].IEEE Journal on Selected Areas in Communications,1998,16(4):482-494.
[3] DINGLEDINE R,MATHEWSON N,SYVERSON P.Tor:The second-generation onion router[C]//Proceedings of the 13th USENIX Security Symposium.San Diego,USA,2004.
[4] WU Q Z,XIE S X,JIA Y L.An improved Tor anonymous communication system[J].Science and Technology Information,2012(19):125-126.(in Chinese)吴庆震,谢圣献,贾仰理.Tor系统的改进方案[J].科技信息,2012(19):125-126.
[5] HUO C Y,WU Z Q.Study and design of bidirectional anonymi- ty communication protocol[J].Computer Engineering,2008,34(19):174-178.(in Chinese)霍成义,吴振强.双向匿名通信协议的研究与设计[J].计算机工程,2008,34(19):174-178.
[6] ZHENG G,XUE Z.A mixed anonymous system based on Tor[J].Information Security and Communications Privacy,2011(12):76-80.(in Chinese)郑光,薛质.基于Tor的混合匿名转发系统[J].信息安全与通信保密,2011(12):76-80.
[7] ZHU Y,FU X W,GRAHAM B,et al.On flow correlation attacks and Countermeasures in mix networks[C]//Proceedings of the 4th Privacy Enhancing Technology Workshop.Toronto,CANADA,2005:207-225.
[8] ZHAO F X,WANG Y M,WANG C J.An authenticated scheme of onion routing[J].Chinese Journal of Computers,2001,24(5):463-467.(in Chinese)赵福祥,王育民,王常杰.可靠洋葱路由方案的设计与实现[J].计算机学报,2001,24(5):463-467.
[9] HE G F,YANG M,LUO J Z,et al.Modeling and analysis of time characteristics used in onion routing traceback techniques[J].Chinese Journal of Computers,2014,37(2):356-372.(in Chinese)何高峰,杨明,罗军舟,等.洋葱路由追踪技术中时间特征的建模与分析[J].计算机学报,2014,37(2):356-372.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |