节点文献
分布式环境下匿名通信机制及可控技术研究
Research on Anonymous Communication Mechanism and Control Technology in Distributed Environment
【作者】 段桂华;
【作者基本信息】 中南大学 , 计算机应用技术, 2010, 博士
【摘要】 随着计算机网络的发展,Internet上的安全和隐私越来越受到人们的关注。为了解决网络安全问题以及人们关注的隐私问题,匿名通信关键技术的研究逐渐为人们所重视,成为当前本学科领域国内外研究的热点之一。本文在对当前匿名通信研究情况进行综述的基础上,对匿名通信中的关键技术及其在大规模网络应用中存在的问题展开研究,重点研究了分布式环境下的匿名通信机制、可控性以及匿名性能衡量方法,主要研究工作包括:针对典型的基于密钥基础设施的匿名通信机制存在的需要可信中心为节点事先分配密钥或者密钥参数,而不适用于分布式环境中的问题,基于信息分割机制,综合网络编码和源路由的思想,提出了一种基于多路径网络编码的信息分割传输策略ITNC,并将该策略应用到匿名通信的建路机制中,提出了一种新的匿名通信策略AC-ITNC。AC-ITNC实现了无密钥基础设施下匿名传输路径的建立,采用中间节点参与编码,编码信息片和编码系数分离传送策略,提高了系统的抗合谋攻击能力,优化了匿名性能,为在无密钥基础设施的分布式环境中实现匿名通信提供了新的思路。针对匿名的滥用问题,提出了一种新的可撤销匿名通信模型,采用地址分割技术、签名技术和分组管理机制来保证合法用户匿名性的同时追踪出匿名滥用者的源IP地址;考虑实际网络环境中恶意节点具有按地理区域集中分布的特点,引入基于地理区域的分组机制,提出一种结合地理分区的可撤销匿名通信方案,通过限制匿名路径上同一地理区域内的节点个数来降低恶意节点在路径上出现的次数,从而提高匿名性,理论分析和模拟实验结果表明该方案能有效提高可控匿名系统的抗合谋攻击能力。针对目前的匿名衡量方法不能反映匿名概率集中的概率突出且接近者会影响攻击判定的问题,给出相近匿名集的概念,设计了一种新的基于部分熵值的匿名性能衡量方法。该方法基于相近匿名集的元素个数、概率总和以及概率分布来定义匿名性衡量的指标,在保持熵值衡量概率均匀度特性的同时,能很好地反映攻击者从匿名概率集中找出目标的难易程度,理论分析和计算结果表明该标准能更好地衡量系统的匿名性能。本文提出的无密钥基础设施的匿名通信模型、匿名滥用控制协议以及匿名性能衡量方法从不同的角度出发,有效地解决了匿名通信在实际应用中存在的一些问题,为其在分布式环境下大规模网络中的实际应用提供了良好的理论基础和应用依据。
【Abstract】 With the development of computer network, security and privacy on Internet are drawing more and more people’s attention. In order to resolve the network security and the privacy issues which are concerned by most of the people, key technologies of anonymous communication are gradually gaining in importance as one of the hot domestic and international researches.In this paper, based on the overview of the current research in anonymous communication, we have undertaken a study on the key technologies of anonymous communication and their application problems in large-scale network, focusing on the anonymous communication mechanism, controllability and anonymity measure in distributed environment. The main research work includes:In the typical anonymous communication mechanisms based on key infrastructure, the trusted third party is needed to pre-distribute keys or the key parameters, which can not be applied in complete distributed environment. By using the mechanism of information slicing and the thought of network coding and source routing, a new strategy named ITNC which based on the multi-path network coding is proposed. Then a novel anonymous communication mechanism AC-ITNC without key infrastructure, which uses ITNC to set up the anonymous path, is presented. In the new mechanism, the intermediate nodes involved in coding, the coding coefficients and coded information pieces are delivered separately. It not only improves the security against conspiracy attack but also optimizes the performance of anonymous system. It also provides a new way to achieve anonymous communication in the distributed environment without key infrastructure.Considering the abuse of anonymity, we propose a new revocable anonymous communication model which uses address slicing, signature technology and group management mechanism. It can trace the source IP address of the anonymous abuser while ensuring the anonymity of legitimate users. By introducing group mechanism based on geographic regions, this paper proposes a revocable anonymous communication measure based on location partition, which can improve the anonymity by limiting the nodes within the same geographic region to reduce the number of malicious nodes in the anonymous path. The theoretical analysis and experimental results show that the new measure can effectively improve the anti-collusion attack capability of the system.In this paper some typical anonymity measures are analyzed and limitations of these measures will be highlighted. Then a new anonymity measure based on partial entropy is proposed, in which the anonymity is measured by using the entropy of the probability distribution of some distinct subjects in anonymity set. The new measure can keep the characteristic of entropy measure, and works well on reflecting the degree of difficulty for the attacker to find the targets from the anonymity set. The results of analysis and calculation show that the new measure is preferable for anonymity evaluation.As this paper proposed, the new anonymous communication model, the anonymous abuse control protocol as well as the anonymity measure effectively resolved some of the problems that exist in the practical application of anonymous communication. They also provide the theoretical basis and applied foundation for the application of anonymous communication in distributed environment.
【Key words】 anonymous communication; network coding; revocability; anonymity measure; distributed environment;