Research On Onion Routing And Controllable Access Technology In Anonymous Communication System

The development of related network industries and technologies derived from the Internet enables users to break down barriers of time and space,and to enjoy the convenience brought by the network.However,in the process of using the network to communicate and deliver messages,users are prone to leak sensitive data and their identity,and the privacy protection of users is at risk seriously.For example,some illegal users pretend to be a legitimate user to communicate with other users.In the process,illegal users get sensitive information that may be leaked for illegal transactions.The phenomenon not only seeks improper benefits but also harms the privacy of users.Therefore,in order to protect the identity privacy of users and to authenticate the indentity of users in communication,this dissertation improves the existing short signature schemes,and proposes a direct anonymous attestation scheme based on the short signature mechanism,which implements the authentication process before the user joins the anonymous system;at the same time,this dissertation designs the certificateless encryption scheme and the group signature mechanism under the certificateless framework to complete the communication process after the user joins the anonymous network.Finally,this dissertation combines controllable access technology with communication technology to improve functions of an anonymous communication system.This dissertation not only realizes the legal verification of user identity,but also realizes the anonymity of user identity and the security of communication process.The main work of this dissertation is:(1)Design of a controllable anonymous access scheme based on short signatureBased on the Boneh–Boyen short signature and the Hierarchical group signature,this dissertation proposes a short signature mechanism suitable for the anonymous authentication phase by improving the signature generation phase.This mechanism has the advantages of the above two signature schemes,and reduces computational complexity.This dissertation designs a direct anonymous attestation scheme based on the improved short signature scheme to realize the anonymous authentication function of user identity and controllable access.This scheme reduces the complexity of member joining and signing process,and improves the problems of low efficiency and poor security of existing schemes.Under the security assumptions of qSDH difficult problem and DDH difficult problem,this dissertation proves that the scheme has the security that fits the TPM specification,and realizes the anonymity and unforgeability of user-controlled.(2)Proposal of an anonymous communication protocol based on certificateless encapsulation mechanismBased on the research of the current certificateless framework,this dissertation designs a new certificateless encapsulation mechanism.The mechanism includes a certificateless encryption scheme and a group signature scheme,which respectively implement the functions of encrypting,decrypting and signing the transmitted data.The certificateless encapsulation mechanism has less cost to operate and improves the efficiency of the process from encryption and decryption.Based on the new certificateless encapsulation mechanism,this dissertation designs a package format for communication,and creates an anonymous communication link by means of the key distribution process in the certificateless mechanism,thus proposes an onion routing protocol for anonymous communication.The protocol uses different session keys in different communication phases,and uses a different package format from the traditional one,which not only ensures communication security,but also improves the forwarding efficiency of anonymous messages.(3)Build of an anonymous communication system with controllable access technologyCombining a controllable anonymous access scheme based on short signature with the anonymous communication protocol based on certificateless encapsulation mechanism,this dissertation constructs an anonymous communication system framework with controllable access technology to improve the function of system.On the one hand,the system has the function of controllable authentication for users;on the other hand,it can realize anonymous communication of users belonging to the system and enhance the security of the anonymous communication system.