| With the development of Internet application, especially the growing popularity of E-voting, E-banking and E-commerce, the network communication is no longer restricted to security features such as data integrity, secrecy, authentication and non-repudiation, but it spans to the area of protecting entity privacy against the attacker.Anonymous communication technology is an active research field which aims to protect the privacy of Internet users. Among them are the two typical anonymous communication protocols, Mix-Net and DC-Net, which are presented by Chaum and have been widely applied to many real anonymous communication systems. Most of these systems realize message anonymity, however, they do not offer optional anonymity. For common anonymous communication systems, high anonymity level will cause high latency, while low anonymity level will cause insecurity. Obviously, both situations will weaken the Qo S(Quality of Service) of the system. Even the existing systems, aiming to achieve optional anonymity, have the disadvantage of complex structure and are hard to analyze.This paper studies on how to use Mix-Net protocol to construct a more practical anonymous communication system, which allows the user to control over the anonymity/performance tradeoff of its message and to flexibly choose his preferred anonymity/performance parameters. To guarantee better anonymity service, we finally come up with two specific solutions. They both use El Gamal Public Key System for better system security and apply batch-mixing strategy to provide strong traffic analysis resistance. The first solution is based on single Mix server, while the second is based on the connection of multiple Mix servers. By comparison, the latter one is safer and more reliable, while the former one encounters the main issue of single-point failure.We focus on the second scheme, where the system plays a role as a trustworthy forward proxy, and provides encryption parameters for all anonymity levels. The client firstly asks the system for the encryption parameters according to its anonymity requirement, and then runs El Gamal algorithm to encrypt its message with the specific public keyparameter, and lastly sends the cipher text into the input queue of the system. The destination address of the packet sent to the server is set to the server IP, while the real receiver IP is concealed in the packet. The server fetches a batch of cipher texts from the input queue, and treats them into plain texts via several times of partial decryption, mixing, and re-encryption. The server can extract the receiver IP from the plain texts, and finally forward the packets to the corresponding receivers. The source address of the packets sent by the server is changed into the server IP, while the real sender IP is concealed in it. Apparently, the real sender IP and receiver IP of the packets will be hidden after encryption. Except the entry Mix knows the exact source IP and that the exit Mix knows the exact destination, no Mix server in the system knows any information about the map between the sender address and the receiver address. Through theoretical analysis and system test, the proposed anonymous communication scheme with optional anonymity is proved to be secure and practical, and can be applied into many fields, such as anonymous email and electronic auction. |
PDF Full Text Request