匿名通信系统若干理论及应用研究

【作者】 周彦伟；

【导师】 吴振强；

【作者基本信息】 陕西师范大学 ， 计算机系统结构， 2011， 硕士

【摘要】 近年来,作为通信与信息传播的途径媒介,Internet技术迅速发展并被广泛应用。根据国内外调查机构的民意测验表明：用户在使用Internet时感到的最大障碍是担心自身隐私遭泄露,而且在一些特殊的应用领域内(如电子医疗、电子现金、电子商务和电子投票等),用户身份隐私的保护程度是评估整个系统安全性能的重要因素之一,为此提出保护用户隐私的匿名技术。但匿名技术在广泛研究和应用的同时,暴漏出：对匿名用户的操作缺乏监督、控制及出现问题(如非法用户的匿名访问,合法用户出现恶意匿名行为等)时没有相应的解决措施及应对策略的缺点与不足,同时匿名通信系统(如洋葱路由系统)缺乏对接入用户的安全性检测机制。由此可见匿名通信系统具有可控差、安全性弱的缺点与不足；相关网络环境(如移动互联网、无线局域网、普适计算等)下匿名通信模型的研究已成为当前研究的热点。本文在匿名通信技术理论、匿名通信模型实现、可控可信匿名通信方案和移动互联网下可信匿名通信模型等方面进行了相关研究,具体研究内容为：(1)随着可信计算(Trusted Computing, TC)的深入研究,PC机和计算机网络的安全性均有大幅度提高,但是匿名技术与可信计算的融合度却比较低,缺乏基于可信计算的匿名通信方案的研究。针对匿名通信系统可控性差、安全性弱的缺点与不足,提出可控可信的匿名通信方案,为用户提供可撤销的匿名服务,该方案引入身份认证管理中心完成用户基于群签名技术的身份注册；链路嵌套加密机制确保通信过程的匿名性；目标主机与身份认证管理中心间的追踪机制实现对用户恶意匿名行为的控制；节点服务器保存管理整个系统的所有可信节点,并实时更新,同时将不再可信的节点移出系统；基于可信平台模块的完整性度量机制、信任链传递、远程证明和匿名认证等技术确保了可控可信匿名通信方案的可信性、安全性和可靠性,为接入该通信系统的用户提供可控匿名服务的同时,使用户得到更安全的保护。通过对方案的安全性、可信性、匿名性、效率等方面的分析与仿真,表明可控可信的匿名通信方案具有较好的安全性、可控性与可信性,可满足未来互联网环境下大规模部署可控匿名通信系统的需要。(2)可信计算组织(Trusted Computing Group, TCG)移动可信模块(Moblie Trusted Model, MTM)相关规范的发布,确保了移动终端自身的安全性,但MTM芯片的推广导致移动终端通信方式的改变,为满足用卢对移动终端匿名通信过程的需求,提出了移动互联网下可信移动平台(Trusted Mobile Platform, TMP)可信匿名通信模型,该模型包含TMP可信匿名接入机制和TMP可信匿名通信机制。可信匿名接入机制在服务域中引入策略决策者管理本域的TMP及Internet服务提供商,定义了TMP的两种接入模式——本域服务和跨域接入,并详细介绍各模式的具体工作流程,其中将跨域接入模式定义为漫游服务和资源请求两种场景。可信匿名接入机制安全实现了移动互联网下TMP的可信接入,同时具有实用、高效的特点；可信匿名通信机制实现通信双方间的匿名通信,且中间节点可根据前驱节点的签密及签名信息验证转发数据的完整性,可根据路由鉴别信息验证转发路由的真实性。分析表明通信机制在实现通信匿名的同时具有安全性与可信性,满足移动互联网下TMP匿名通信过程的安全需求。(3)针对Linux环境下用户访问网络时的隐私保护问题,设计实现了匿名浏览软件,软件基于Tor匿名通信技术来保护用户隐私信息的安全,软件的集成化使匿名服务相对简单,方便普通用户的使用。该软件启动后,终端发送的数据包是经过封装的加密数据,测试结果表明该软件对用户的网络地址等隐私信息进行了隐藏,即该软件能对用户的隐私信息提供有效的保护。(4)基于可信平台模块(Trusted Platform Model, TPM)的相关模拟软件TPM-Emulator设计开发了完整性验证模型来实现可信平台接入过程的完整性验证。该模型为今后基于TPM-Emulator进行模型证实可信匿名接入认证协议提供了一定的研究基础。更多还原

【Abstract】 Internet is developing rapidly and accepted widely as an important means of communication and information dissemination. Meanwhile the issues of security and privacy of Internet become increasingly critical. According to domestic and international investigation, users’significant concern is their privacies while surfing on the Internet. Furthermore, in some special application fields (such as E-health, E-cash, E-commerce or E-voting), the protection degree of private information is one of the most important criteria to evaluate the overall system security. In order to solve these problems, anonymity technology was proposed to protect user’s privacy. However, while there are extensive researches and applications of anonymity, the shortcomings and deficiencies of anonymity, such as the lack of supervision, control and solving measures, have already emerged. Accordingly, the anonymous communication system has an obvious disadvantage of controlability and security. In addition, the anonymous communication model in related network environment (such as e Internet, Wireless Local Area Network, Ubiquitous Computing, etc.) has focus on the maturation and development of network environment. In conclusion, this paper not only focuses on theory and application of anonymous communication model, moreover, but probes into the controllable and trusted anonymous communication scheme and the trusted of anonymous communication model for mobile Internet.The research content is as follow:(1) With the deep research on trusted computing, the security of PC and network has been improved greatly. Nevertheless the integration of anonymous technology and trusted computing is not so well and lacks the research on anonymous communication scheme based on trusted computing. Therefore, a controllable and trusted anonymous communication scheme is proposed in this paper, providing revocable anonymous service for the users. The scheme introduces Authentication Management Center to complete the users’identity registration based on the group signature, the encryption mechanism of layer upon layer to guarantee the anonymity of communication, the feedback mechanism between the target host and the AMC to control the user vicious anonymous behaviors, the node server to preserve and manage all the trusted nodes by renewing at times and removing the untrusted nodes, and the technologies of integrity measurement mechanism, transitive trusted chain, remote authentication and Direct Anonymous Attestation to assure the credibility, security and dependability of the communication system, the model of which provides the controllable anonymous services and advanced security protection for the users.(2) The publication of TCG MTM standard ensures the safety of mobile terminals, but its promotion results in the changes of communication on mobile terminals. So this thesis proposes an access mechanism to trusted mobile platform (mobile terminals with MTM chips, TMP) on mobile Internet. This mechanism introduces TMP and Internet ISP of strategy decider management field, defines an extended service set as a service field, and defines two visit mode of TMP on mobile Internet-self field service and cross field access. The progress of each mode is described in details. Cross field access mode is defined as roaming service and resource request. The trusted evaluation system of TMP access mechanism is specifically described. Universal combinational safe mode is used to analyze the safety of the two TMP access. The analysis shows that this mechanism brings about trusted TMP access on mobile Internet and is safe, practical and high efficient.(3) The integrated anonymous browser based on Linux and Tor is designed to protect the privacy of users’information, the broswer of which could offer privacy protection under Linux circumstance.The integration of software makes the anonymous service simple and convenient for users. The test shows that data packets sent through Tor by browser have been encrypted and the users’identity information has been concealed. It protects users’privacy effectively.(4) The trusted anonymous access authentication protocol was proved in this article based on TPM-Emulator which is simulation software of security chip Trusted Platform Model. This provement provides a basis for further model provement research更多还原