基于ElGamal算法的多级匿名通信系统

发布时间：2018-03-29 09:03

本文选题：Mix-Net　切入点：ElGamal　出处：《西安电子科技大学》2014年硕士论文

【摘要】：随着Internet应用的发展,特别是电子投票、网络银行和电子商务等应用领域的日益广泛,网络通信不再局限于实现传统密码学所考虑的数据完整性、认证性、秘密性和不可否认性等安全特性,而越来越重视对通信实体隐私性的保护。匿名通信技术正是保护Internet用户隐私的一种有效手段,它是一个极具活力的研究领域。其中,最具代表性的包括Chaum提出的Mix-Net和DC-Net,它们已被应用到很多匿名通信系统中。然而,这些匿名通信系统虽然给用户提供了匿名服务,但是绝大多数都不支持多级匿名度。对于普通的匿名通信系统而言,匿名服务级别过高则导致消息延迟过大,而匿名服务级别过低则导致不安全性。显然,两种情况都会降低系统的服务质量。即便是目前已有的支持多级匿名度的方案,也都存在结构复杂、不易分析等缺点。针对以上问题,本文研究如何利用Mix-Net协议,构造更实用的匿名通信系统,使用户能够权衡消息匿名级别和转发延迟,灵活选取合适的匿名级别和延迟参数,并为此设计出两种具体解决方案,这两种方案均以ElGamal算法为基础,进而确保消息安全性,同时对匿名消息进行混洗使第三方无法通过流量分析确定通信双方的对应关系,进而确保消息匿名性。其中,方案一采用单Mix服务器的结构,而方案二采用多个Mix服务器串联的结构。相比之下,方案二更加安全可靠,且通用性强,因为方案一主要存在单点失效的问题。本文着重介绍方案二,该系统本质上充当一个信任代理,能产生所有匿名级别对应的加解密参数。客户端根据不同的匿名级别,先向系统查询相应级别下的公钥,再用ElGamal算法生成密文并发送到系统的输入队列。客户端发送数据包的目的地址是信任代理的地址,而实际接收者的地址被隐藏在密文中。然后该代理每次都从输入队列中取出一个批次的消息,将这它们处理成明文消息(包括若干次的部分解密、混洗和再加密操作),并从明文中提取出实际目标地址,按照目的地址转发给相应接收者。接收者所接收的数据包中,源路由地址已经被替换为信任代理的地址,而实际发送者的地址被隐藏。可以看出,该方案中的数据包的实际源地址和实际目标地址以加密方式隐藏后,只有代理的入口服务器能看到真正源地址,代理的出口服务器能看到真正目标地址,而其它任何中间服务器都无法将实际源地址和目标地址对应起来。通过理论分析和实际测试,正式地证明了系统的安全性和匿名性,比前人的方案更有效。该方案能提供多级匿名通信服务,而且可靠实用,能应用到电子匿名邮件、电子竞拍等多个领域中。
[Abstract]:With the development of Internet applications, especially in the fields of electronic voting, network banking and electronic commerce, network communication is no longer limited to the realization of data integrity and authentication, which are considered in traditional cryptography. Security features such as confidentiality and non-repudiation are paid more and more attention to the protection of privacy of communication entities. Anonymous communication technology is an effective means to protect the privacy of Internet users, and it is a very active research field. The most representative ones include Mix-Net and DC-Net. proposed by Chaum, which have been applied to many anonymous communication systems. However, although these anonymous communication systems provide anonymous services to users, However, most do not support multilevel anonymity. For common anonymous communication systems, too high an anonymous service level leads to excessive message latency, and too low an anonymous service level leads to insecurity. Both of them will reduce the quality of service of the system. Even the existing schemes that support multilevel anonymity also have some disadvantages, such as complex structure and difficult to analyze. In view of the above problems, this paper studies how to use Mix-Net protocol. A more practical anonymous communication system is constructed, which enables users to balance message anonymous level and forwarding delay, flexibly select appropriate anonymous level and delay parameters, and design two concrete solutions for this purpose. These two schemes are based on the ElGamal algorithm to ensure the security of the message. At the same time, the anonymous messages are mashed so that the third party can not determine the correspondence between the two parties through traffic analysis, and then ensure the anonymity of the message. The first scheme adopts the structure of single Mix server, while the second scheme adopts the structure of multiple Mix servers in series. In contrast, scheme two is more secure and reliable, and has strong versatility. This paper focuses on scenario two, which essentially acts as a trust agent, which can generate encryption and decryption parameters corresponding to all anonymous levels. First, the public key at the corresponding level is queried to the system, then the ciphertext is generated by ElGamal algorithm and sent to the input queue of the system. The destination address of the data packet sent by the client is the address of the trust agent. The addresses of the actual recipients are then hidden in the ciphertext. The agent then takes one batch of messages from the input queue at a time, processing them as plaintext messages (including several times of partial decryption), Shuffling and reencrypting operations, and extracting the actual destination address from the plaintext, forwarding it to the corresponding receiver according to the destination address. In the packet received by the receiver, the source routing address has been replaced with the address of the trust agent. But the address of the actual sender is hidden. It can be seen that only the proxy portal server can see the real source address after the actual source address and the actual destination address of the packet in the scheme are encrypted. The proxy's exit server can see the real target address, while no other intermediate server can match the actual source address to the target address. Through theoretical analysis and practical testing, the security and anonymity of the system are formally proved. This scheme can provide multilevel anonymous communication service, and it is reliable and practical, and can be used in many fields, such as email, electronic auction and so on.
【学位授予单位】：西安电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【相似文献】