Design And Implementation Of A New Anonymous Communication System And Its Proxy Entity

With the development of the Internet, an increasing number of online business services need anonymity protection. At the same time, on the Internet many privacy disclosure events strengthen users' privacy protection consciousness greatly. Anonymous communication technology is one of the important technologies to protect users' privacy. At present,public anonymous communication services, represented by Tor, are widely used on the Internet. However, Tor has some shortcomings, such of user abuse, malicious nodes to steal information, low-cost traffic analysis and low resource routing attacks. Therefore we need to design and implement a new anonymous communication system.In this paper, the author focusses on the security and performance problems of Tor, analyzes the operation principle of Tor and identifies Tor's defects in system architecture, circuit building, authenticity of node information and anonymous service abuse. In the aspect of architecture,this paper proposes a hierarchical anonymous communication architecture which consists of control layer (composed of control entities) and forwarding layer (composed of proxy entities). The introduction of control layer enhances the control capability of the system. As a result, the system can resist the low-cost traffic analysis attack effectively. In the aspect of circuit establishment, this paper proposes a new circuit establishment algorithm. This algorithm considers the complexity of the network environment between proxy entities and ensures that the newly established circuits have lower latency. In the aspect of node information authenticity,this paper introduces a mechanism in which the proxy entitis collect the state information of themselves and report the information to the control layer. This mechanism improves the authenticity and timeliness of the information of proxy entities and enhance the resistance of the system against the low resource routing attack. In the aspect of anonymous service abuse, this paper introduces blacklist mechanism. This mechanism enhances the system's ability to restrict the abuse. In this paper, the corresponding anonymous communication system and its proxy entities are implemented and their validity is tested.