| With the requirement of personal privacy and information security in network applications increasing, anonymity and privacy protection has gradually become a very important research aspect in the field of information security. As for providing entities privacy and defensive protection, anonymous communication techenologies have very important theoretical significance and application value.Architectures of some anonymous communication system are analyzed firstly. Then some key techenologies and the general architechture in anonymous communication system are researched. The main original works include:Firstly, two new anonymous communication mechanisms have been proposed, which names are DDACM (Delay Demand-based Anonymous Communication Mechanism) and DDSACS (Delay Demand-Satisfied Anonymous Communication Strategy). In DDACM and DDSACS, rerouting path can be setup according to the initiator's delay-demand for guaranteeing the initiator's anonymity. Hops between two peers are used as the metric of choosing rerouting node. Peers can find hops to neighbors through broadcasting TTL packets and record the neighbors with n hops as its n-hops group. Initiator's delay demand is described as DelayD being carried in the rerouting request. In DDACM, every node receiving the request will randomly choose a neighbor from its 0 to DelayD-hops groups and forward the request with probability Pf. While in DDSACS, the parameter DelayD is total delay value of the forwarding route. The value of DelayD will be decreased while rerouting, the last forwarder will ending the forwarding process when DelayD is equal to zero. Mathematic analysis and simulation results indicate that DDACM and DDSACS can decrease the transmit delay obviously while keep almost the same anonymity with Crowds.Then as for anonymous requirements on Ad-hoc network, the thesis proposes a new anonymous multicast protocol EPAMP after analyzing some typical anonymous mechanism on Ad-hoc. The new protocol EPAMP adopts pseudonym and encryption/decryption mechanism to thwart eavesdropping attack and intrusion attack; it can ensure the anonymity of senders, receivers and communication of neighbor nodes. Performance analysis and simulation results show that EPAMP can resist the "surrounding" attack and predecessor attack effeciently.At last, after analyzing structures of current anonymous systems, function requirements for general structure of anonymous system are distilled. Due to redundant functions and poor reusability in current anonymous systems, the thesis presents general architecture for forward-based anonymity system using the mechanisms of layering, which named GFAS. There are three layers in GFAS, such as anonymous connection layer, anonymous service layer and security service layer. Management of forwarding route and data transmission are realized in anonymous connection layer, and management of anonymous method is realized in anonymous service layer. In security service layer the user's demands are translated into the format in anonymous system. The key components are designed in detail and the reusability is analyzed.Three anonymous mechanisms and the general anonymous communication architecture proposed in this thesis can help to improve efficiency and performance of anonymous communication system.
|
PDF Full Text Request