CN104168265B - A kind of anonymous communication method based on distributed hashtable network - Google Patents
A kind of anonymous communication method based on distributed hashtable network Download PDFInfo
- Publication number
- CN104168265B CN104168265B CN201410340343.2A CN201410340343A CN104168265B CN 104168265 B CN104168265 B CN 104168265B CN 201410340343 A CN201410340343 A CN 201410340343A CN 104168265 B CN104168265 B CN 104168265B
- Authority
- CN
- China
- Prior art keywords
- node
- resource
- mapping
- message
- fid
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention is a kind of anonymous communication method based on distributed hashtable network, for three class basic operations in traditional DHT networks:Resource issue operation, resource searching operation and resource transmission operation, by introducing certain anonymity scheme and security mechanism, realize the anonymous communication problem in DHT networks.Anonymous mapping path is built in the launch phase of resource, determines mapping node, so as to provide anonymous basis for resource issue operation;Probability forwarding strategy is used in the resource searching stage, the search operation of resource is possessed anonymity;Stage, the method for carrying out data transmission using mapping node as via node and being combined with session encrypted data are transmitted in resource downloading, it is ensured that the anonymous transmission of data and safe transmission.Three aspects have been implemented in combination with sender anonymity, recipient's anonymity and the anonymity of correspondence, so as to reach the purpose of privacy of user protection and whole DHT network securitys stable operation.
Description
Technical Field
The invention is suitable for a Distributed Hash Table (DHT) environment, and applies a probability forwarding rerouting mode to a resource query process and a resource release process, thereby realizing anonymous communication service of the DHT network. The technology belongs to the field of computer networks.
Background
Nowadays, various network services emerge, and the interaction among network users reaches an unprecedented period. In particular, P2P network, a file sharing network based on a distributed concept has been a great weight in the use of the internet. And more people are willing to join this open platform to share and retrieve the resources or files they need. DHT networks have become a mainstream implementation of P2P networks, and therefore, privacy protection of users has attracted a great deal of attention. Anonymous communication, an important technique for network privacy protection, is to hide the communication relationship between the sender and the receiver. It is also proven that it can be applied to anonymous communication in P2P networks as well.
Anonymous Communication (Anonymous Communication): the method is characterized in that privacy information such as network addresses of communication entities in the network, communication relations among the entities and the like is hidden through a certain technical method and means, so that an attacker cannot directly eavesdrop and acquire or deduce the communication relations between two parties or the identity information of any party of communication, and the identity information and behavior information of two parties participated in by the network entities are better protected.
Communication entities in the network are classified into senders (senders) and receivers (receivers) according to their communication relationships. The sender is the information initiator of the communication, the receiver is the information responder of the communication, and more people generally study the problems of confidentiality and security of the communication contents, namely the integrity, confidentiality, availability and non-repudiation of the information. The anonymous communication technology is to study the confidentiality of the identity information of the sender and the receiver and the communication relationship between the sender and the receiver, so that the anonymous communication is mainly divided into the following three protection forms according to different anonymous hiding objects: sender Anonymity (Sender Anonymity), recipient Anonymity (Recipient Anonymity), sender and Recipient non-connectability (Unlinkability of Sender and Recipient).
The conventional P2P network does not consider the privacy protection of the user, and the communication between the user nodes is exposed in the internet in a clear text form, which is easily utilized by lawless persons, so that the privacy of the user in the P2P network is threatened, and even the normal operation of the whole P2P network is affected.
Therefore, how to realize anonymous communication among user nodes in the P2P network is an urgent problem to be solved, and the method has a very important meaning for the healthy and effective operation of the P2P network and the privacy protection of the users.
Disclosure of Invention
The technical problem is as follows: the invention provides an anonymous communication method based on a distributed hash table network, aiming at the problem of how to realize anonymous communication among user nodes in a P2P network. A probability forwarding mechanism and a symmetric key encryption mechanism are introduced in the message forwarding process of the P2P node, so that the anonymity of the user nodes in a resource searching stage, a resource publishing stage and a resource transmission stage in the DHT network is realized.
The technical scheme is as follows: the anonymous communication scheme among the user nodes in the P2P network considers the anonymous communication of the whole DHT network from three aspects, namely, the resource publishing phase, the resource searching phase and the resource downloading and transmitting phase of the user. The combination of the three can achieve sender anonymity, recipient anonymity, and anonymity of the communication relationship.
An anonymous mapping path construction method is adopted in the resource release stage of a user, construction of the anonymous mapping path is realized through a next hop path selection strategy based on a probability forwarding mechanism, and finally a mapping node is established; in the searching stage of the user for the resource, a method of forwarding a request packet backwards or forwarding a response packet forwards based on probability is adopted; and in the resource downloading and transmitting stage, a method of transmitting data by using the mapping node as a relay node and combining the data with the encrypted data of the session key is adopted.
1. Architecture
The invention realizes anonymous communication among user nodes in a Distributed Hash Table (DHT) network, wherein each node in the DHT network is a peer node and belongs to a fully distributed P2P network without a central server.
The basic operation of each user node in the DHT network is of three types: 1. a resource issuing operation, wherein a user issues resources owned by the node to the DHT network for other nodes to search and download; 2. searching resources, namely searching required resources from other nodes in the network by a user according to the self requirement; 3. and the user downloads and transmits a specific resource or some resources according to the searched resource information list.
Starting from the three types of basic operations, in the resource publishing stage, the resource searching stage and the resource downloading and transmitting stage, the related anonymity mechanism and the related security mechanism are respectively introduced to realize the anonymous communication among the user nodes, namely, the anonymity of the three types of basic operations is realized, so that the protection of the user privacy is realized.
2. Method flow
In the DHT network, the node performs an anonymous issuing operation of the resource, an anonymous searching operation of the resource, and an anonymous transmitting operation of the resource in sequence, and the following describes in detail different operation modules.
1. Anonymous release phase of resources
In the conventional resource distribution in the DHT network, a distribution node distributes a message packet containing resource information and local node information (IP, port) to other nodes for storage, so that the node information of a distributor is exposed in the whole network and is easily utilized by a malicious node, and the normal operation of the DHT network is affected. The anonymous issuing operation of the introduced resource can hide the issuing node information to the maximum extent to realize the anonymous issuing of the resource, and the specific steps are as follows:
step 1, in the DHT network, the user node P carries out hash operation on the resource File to be issued:
Hash(File)=FID
the ID of the resource is set to FID. The node P selects a neighbor node I with the longest survival time from the routing table 1 The resource mapping message M _ REQ (Map Request) containing the FID is sent to the node I 1 ,I 1 After receiving the M _ REQ message, the probability P is selected f1 ∈[0,1]Continue forwarding backwards, or with probability (1-P) f1 ) The terminating forwarding becomes the mapping node E of the node P, so that a mapping path L is formed between the publishing node P and the mapping node E. Wherein for any node I on the path i The following binary functional relationship is satisfied:
wherein P is f1 Is set by the network publisher, P (I) i ) Is node I i A value between 0 and 1 is randomly generated after receiving the M _ REQ message whenThen continue to the subsequent node I i+1 Forwarding, otherwise node I i It is the mapping node E of P. Each node I on the mapping path i A mapping table is also needed to be created for storing the resource ID and the message triplets of the previous node and the subsequent node<FID,I i-1 ,I i+1 &And (d) drying the steel. And after the mapping node E is established, returning a mapping Response message M _ RES (Map Response) to the resource publishing node P according to the mapping table. The M _ RES message contains the IP and Port information of node E.
The mapping table is used for forwarding the resources in the anonymous transmission process of the resources, the mapping path is established by adopting a random probability strategy, namely a next hop path selection strategy, so that the mapping has anonymity, and other nodes on the path except the publishing node P do not know whether the relay node is a publisher of the resources.
And 2, when the mapping path is constructed, the node P starts to release the resource information. The node P forms a five-tuple from the FID, the information related to the resource (such as file name, type, size, etc.), the session key SecK, and the IP and Port information of the mapping node E:
<FID,Info,SecK,IP E ,Port E >
since the hash algorithm for generating the node ID and the resource ID in the DHT network is consistent, the node P can select the neighbor node Neig which is closer to the FID in the routing table P ={N 1 ,N 2 ,N 3 ,…,N n And transmitting a resource issuing message P _ REQ (Publish Request). The neighbor node receiving the P _ REQ message first transmits the quintuple information<FID,Info,SecK,IP E ,Port E >, stored, then continuously searching its routing table to find out the routing table closer to FIDAnd the neighbor nodes continue to iteratively send the P _ REQ message, and if the neighbor nodes closer to the FID are not found, the P _ REQ message is stopped being issued.
2. Anonymous search phase of resources
In the traditional resource search in the DHT network, keyword hash search is adopted, the keyword is hashed and then subjected to search operation, the whole search process is iterative search, namely, each operation is initiated by a search node, and node information (IP, port) of the search node is necessarily exposed in the network in the search process, so that anonymity and safety are avoided. The method for realizing the anonymous search of the resources comprises the following specific steps:
step 1, a user node S firstly hashes keywords to be searched:
Hash(Keyword)=KID
thus, the hash value KID of the key is obtained, and then S selects ALPHA nodes neighbor with the nearest distance to KID from the routing table S ={N 1 ,N 2 ,…,N ALPHA And sending a resource Search Request S _ REQ (Search Request), wherein ALPHA is the dimension of synchronous Search, and the value of ALPHA is set by the user node.
Step 2. Neighbor node N i After receiving the S _ REQ message from the node S, the probability P is selected f2 ∈[0,1]Forward backward, i.e. find out the node closer to KID from its routing table, and then continue to send S _ REQ message to it, or with probability (1-P) f2 ) And returning a Response message S _ RES (Search Response) of the Search request to the previous node. Path = { J } for a certain search Path 1 ,J 2 ,J 3 ,…,J n On any node J i The following binary functional relationship is satisfied:
wherein P (J) i ) Is node J i A value between 0 and 1 randomly generated after receiving the resource mapping message whenWhen, J i Finding out the node J more adjacent to KID from its routing table i+1 Then to J i+1 Continue sending S _ REQ message, otherwise J i Will comprise J i+1 Node J is relayed to the S _ RES message of the node information i-1 And returning until the iteration returns to the resource search initiator S. And then starting the resource searching process of the next round by S until the searching is finished.
3. Anonymous transfer phase of resources
The resource transfer operation in a conventional DHT network is a point-to-point transfer, such that both parties of the transfer are exposed to each other, and neither the sender nor the receiver is anonymous. The anonymous transmission of the resources well solves the problem and realizes the anonymous transmission of the resources, and the method comprises the following specific steps:
step 1. Node S prepares to download a certain resource FID, S will get the information already obtained<FID,Info,SecK,IP E ,Port E &And the mapping node E contained in the step (b) sends a resource downloading Request message D _ REQ (Download Request):
when E receives the D _ REQ message from S, it will inquire its mapping table T according to FID in the message, and then forward the message to its previous node until the node P.
And 2, after receiving the forwarded D _ REQ message, the node P encrypts a resource File corresponding to the FID:
SK(File)=Efile
and then P puts the profile into a resource downloading Response message D _ RES (Download Response), sends the Response message to a mapping node E through a mapping path L, and sends the Response message to a node S through the mapping path E. S, decrypting the resources according to the session key SecK obtained in the anonymous searching process of the resources to obtain the original resources.
The method comprises the following specific steps:
the anonymous communication method based on the distributed hash table network constructs a mapping path in a resource publishing stage to generate a mapping node, so that the information of the anonymous communication method is effectively hidden when the resource is published; in the resource searching stage, a strategy based on a probability forwarding mechanism is adopted, so that the nodes on the searching path can not clearly determine who the initial inquirer is; in the resource transmission stage, the mapping node is used as a relay and encrypts data to realize the anonymity of both communication sides and the safety of the data, and the method specifically comprises the following steps:
step 1, at an initial moment, in a DHT (distributed hash table) network, a user node P has a certain resource File and hashes the resource File to obtain an identity ID of the resource, wherein the identity ID is set as a File identity FID;
step 2, the node P selects a neighbor node I with the longest survival time from the routing table 1 Sending the resource mapping message M _ REQ containing the FID to the node I 1 Node I 1 After receiving the M _ REQ message, the probability P is selected f1 ∈[0,1]Continue forwarding backwards, f 1 Forwarding events in the process of constructing the mapping path; or with probability (1-P) f1 ) Terminating forwarding to form a mapping node E of the node P, so that a mapping path L is formed between the issuing node P and the mapping node E; wherein for any node I on the path i The following binary functional relationship is satisfied:
each node I on the mapping path i A mapping table is also needed to be created for storing the resource ID and the message triplets of the previous node and the subsequent node<FID,I i-1 ,I i+1 &When a mapping node E is established, a mapping response message M _ RES is returned to a resource publishing node P according to a mapping table, wherein the M _ RES message comprises a network layer address IP and Port information of the node E;
step 3, when mapping the route structureAfter the building is completed, the node P starts to release the resource information; the node P forms a quintuple by the FID, the related information of the resource, the session key SecK and the IP and Port information of the mapping node E:<FID,Info,SecK,IP E ,Port E >;N 1 ,N 2 ,…,N n all P neighbor nodes from their neighbor node set Neig P ={N 1 ,N 2 ,N 3 ,…,N n Selecting a neighbor node closer to the FID to send a resource release message P _ REQ, storing the quintuple by the neighbor node receiving the P _ REQ message, then continuously searching a routing table of the neighbor node, finding out the neighbor node closer to the FID, continuously and iteratively sending the P _ REQ message, and stopping releasing the message if the neighbor node closer to the FID is not found;
step 4, when the user node S is ready to search resources by keywords, S firstly hashes the keywords input by the user to obtain a keyword hash value KID, and then S selects ALPHA nodes neighbor with the closest distance to KID from the routing table S ={N 1 ,N 2 ,…,N ALPHA Sending a resource search request S _ REQ, wherein ALPHA is the dimension of synchronous search;
step 5, after the neighbor node Ni receives the S _ REQ message sent by the node S, the probability P is used f2 ∈[0,1](f 2 For a forwarding event in the resource anonymous search process), i.e. find out the node closer to KID from its routing table and then continue to send S _ REQ message to it, or with probability (1-P) f2 ) And returning a response message S _ RES of the search request to the previous node. Path = { J) for a certain search Path 1 ,J 2 ,J 3 ,…,J n Any one of the nodes J on the i The following binary functional relationship is satisfied:
after a certain node returns the S _ RES message, the round of search is finished, and after the S _ RES message returns to the node S, the S starts the next round of search according to the content in the S _ RES message until the required resource information is searched, and the whole search process is finished;
step 6. The node S prepares to download a certain resource FID, S sends the obtained information<FID,Info,SecK,IP E ,Port E &The mapping node E contained in the node B sends a resource downloading request D _ REQ, when the D _ REQ message from the S is received by the node B, the mapping table T of the D _ REQ message is inquired according to the FID in the message, and then the message is forwarded to the previous node of the D _ REQ message until the node P;
and 7, after receiving the forwarded D _ REQ message, the node P encrypts a resource File corresponding to the FID to obtain an Profile, then the P puts the Profile into a resource download response message D _ RES, sends the profile to a mapping node E through a mapping path L, and sends the profile to the node S through the node E, and the S decrypts the resource according to a session key SecK obtained in the anonymous resource searching process to obtain original data.
Has the advantages that: the invention provides an anonymous communication method based on a distributed hash table network, which is mainly used for solving the problem of how to realize anonymous communication among user nodes in a DHT network environment, thereby achieving the purposes of user privacy protection and even normal operation of the whole network.
In general, due to the fact that the P2P network is designed without considering the hiding of node information and the hiding of communication relationships between nodes, the node information and traffic in the network are often tampered by malicious nodes, so that the privacy of a user is revealed, and even the normal operation of the whole network is threatened. On the basis of in-depth research and discussion of the problems, the invention provides an anonymous communication method based on a distributed hash table network, which is used for protecting the anonymity of communication among users from three operation layers of a DHT (distributed hash table) network, so that the utilization of malicious nodes on node information and flow in the network can be avoided, and the privacy protection of the users and the safe and stable operation of the network are realized.
Drawings
Fig. 1 is an overall framework diagram of an anonymous communication scheme based on a Distributed Hash Table (DHT) network.
FIG. 2 is a framework diagram of an anonymous release process of a resource.
FIG. 3 is a framework diagram of an anonymous search process for a resource.
FIG. 4 is a framework diagram of an anonymous transfer process of a resource.
Detailed Description
An overall block diagram of an anonymous communication scheme based on a Distributed Hash Table (DHT) network is shown in fig. 1, and the scheme includes an anonymous publishing process of resources, an anonymous searching process of resources and an anonymous transmission process of resources. Specifically, the anonymous publishing process of the resource is shown in fig. 2, and the specific steps are as follows:
step 1, at an initial moment, in a DHT network, a user node P owns a certain resource File and hashes the resource File:
Hash(File)=FID
the ID of the resource is set to FID. The node P selects a neighbor node I with the longest survival time from the routing table 1 Sending the resource mapping message M _ REQ (Map Request) to the node I 1 ,I 1 After receiving the M _ REQ message, the M _ REQ message is selected with a probability P f1 ∈[0,1]Forward on, or with probability (1-P) f1 ) The terminating forwarding becomes the mapping node E of the node P, so that a mapping path L is formed between the publishing node P and the mapping node E. Wherein for any node I on the path i The following binary functional relationship is satisfied:
wherein P is f1 Is set by the network publisher, P (I) i ) Is node I i A value between 0 and 1 is randomly generated after receiving the M _ REQ message whenThen continue to the subsequent node I i+1 Forward, noThen node I i It is the mapping node E of P. Each node I on the mapping path i A mapping table T is also required to be created for storing the message triplets of the resource ID and the previous nodes and the subsequent nodes thereof<FID,I i-1 ,I i+1 >:
| Resource ID | Information of a relay node | Successor node information |
| FID 1 | <IP i-1 ,Port i-1 > | <IP i+1 ,Port i+1 > |
| FID 2 | <IP k-1 ,Port k-1 > | <IP k+1 ,Port k+1 > |
| … | … | … |
| FID n | <IP n-1 ,Port n-1 > | <IP n-1 ,Port n-1 > |
When the mapping node E is established, a mapping Response message M _ RES (Map Response) is returned to the resource publishing node P according to the mapping table. The M _ RES message contains the IP and Port information of node E.
The mapping table is used for forwarding the resources in the anonymous transmission process of the resources, the mapping path is established by adopting a random probability strategy, namely a next hop path selection strategy, so that the mapping has anonymity, and other nodes except the publishing node P on the path do not know whether the previous node is a publisher of the resources.
Length expectation value of mapping path LWill follow P f1 Changes in the value of (a), which satisfies the following formula:
as can be seen from the above derived equations, the mapping path length expectationOnly with probability P f1 Related to, control P f1 The value can be controlled to a certain extentTo achieve a balance between efficiency and anonymity in DHT networks.
Step 2, the release process of the resources: when the anonymous mapping process of the resource is completed, the resource publishing node P starts to publish the resource information. The node P forms a five-tuple from the FID, the information related to the resource (such as file name, type, size, etc.), the session key SecK, and the IP and Port information of the mapping node E:
<FID,Info,SecK,IP E ,Port E >
due to the fact thatThe hash algorithm for generating the node ID and the resource ID in the DHT network is consistent, so the node P can select the neighbor node neighbor closer to the FID in the routing table P ={N 1 ,N 2 ,N 3 ,…,N n And transmitting a resource release message P _ REQ (Publish Request). The neighbor node receiving the resource release message will first send the five-tuple information<FID,Info,SecK,IP E ,Port E &And gt, storing, then continuously searching the routing table, finding out the neighbor node closer to the FID, continuously and iteratively transmitting the P _ REQ message, and stopping issuing the P _ REQ message if the neighbor node closer to the FID is not found.
The anonymous search process of resources is shown in fig. 3, and the specific steps are as follows:
step 3, when the user node S prepares to search resources by using the keywords, the S firstly hashes the keywords input by the user:
Hash(Keyword)=KID
thus, hash value KID of the key is obtained, and then S selects ALPHA nodes Neigh nearest to KID from the routing table S ={N 1 ,N 2 ,…,N ALPHA The Search Request for synchronization, that is, the resource Search Request S _ REQ (Search Request) is sent, where ALPHA is the dimension of the synchronization Search, and the balance between the Search efficiency and the control of network congestion can be achieved by setting the value of ALPHA.
Step 4. Neighbor node N i After receiving the S _ REQ message from the node S, the probability P is given f2 ∈[0,1]Forward backwards, i.e. finding a node closer to KID from its routing table, and then continue to send S _ REQ messages to it, or with probability (1-P) f2 ) And returning a Response message S _ RES (Search Response) of the Search request to the previous node. Path = { J) for a certain search Path 1 ,J 2 ,J 3 ,…,J n On any node J i The following binary functional relationship is satisfied:
wherein P (J) i ) Is node J i A value between 0 and 1 is randomly generated after receiving the resource mapping message, when P (J) i )∈[0,P f2 ]When, J i Finding out the node J more adjacent to KID from its routing table i+1 Then to J i+1 Continue to send S _ REQ message, otherwise J i Will comprise J i+1 Node J is relayed to the S _ RES message of the node information i-1 And returning until the iteration returns to the resource search initiator S. And starting the next round of resource searching process by S, wherein the searching takes the node information in the returned S _ RES message as a starting node.
Through the method, the node P which has the resources required by the source node S is finally searched n The work on this search path is thus completed. P is n A response message S _ RES _ F (SearchResponseFinal) eventually owning the resource information required by the source node S is returned to its predecessor nodes in the same manner. The information contained in the S _ RES _ F message is<FID,Info,SecK,IP E ,Port E &And gt, resource information issued in the anonymous issuing process of the resources.
The anonymous transmission process of the resource is shown in fig. 4, and the specific steps are as follows:
step 5, the node S obtains the result after the keyword search after the anonymous search process of the resource, if the S prepares to download a certain resource FID, the S will obtain the obtained information<FID,Info,SecK,IP E ,Port E >, sending a resource downloading Request message D _ REQ (Download Request) by the mapping node E contained in the step (b):
when E receives the resource D _ REQ message from S, the mapping table T is inquired according to the FID in the D _ REQ message, and then the D _ REQ message is forwarded to the previous node until the node P.
And 6, after receiving the forwarded D _ REQ message, the node P encrypts a resource File corresponding to the FID:
SK(File)=Efile
and then P puts the profile into a resource downloading Response message D _ RES (Download Response), sends the Response message to a mapping node E through a mapping path L, and sends the Response message to a node S through the mapping path E. S, decrypting the resources according to the session key SecK obtained in the anonymous searching process of the resources to obtain the original resources.
Claims (1)
1. An anonymous communication method based on a distributed hash table network is characterized in that: a mapping path is constructed in a resource publishing stage, and a mapping node is generated, so that self information is effectively hidden when the resource is published; in the resource searching stage, a strategy based on a probability forwarding mechanism is adopted, so that the nodes on the searching path can not clearly determine who the initial inquirer is; in the resource transmission stage, the mapping node is used for relaying and encrypting data, so that the anonymity of both sides communication and the safety of the data are realized, and the method specifically comprises the following steps:
step 1, at an initial moment, in a DHT (distributed hash table) network, a user node P has a certain resource File and hashes the resource File to obtain an identity ID of the resource, which is set as a File identity FID;
step 2, the node P selects a neighbor node I with the longest survival time from the routing table 1 Sending the resource mapping message M _ REQ containing the FID to the node I 1 Node I 1 After receiving the M _ REQ message, the probability P is selected f1 ∈[0,1]Continue forwarding backwards, f 1 Forwarding events in the process of constructing the mapping path; or with probability (1-P) f1 ) Terminating forwarding to form a mapping node E of the node P, so that a mapping path L is formed between the issuing node P and the mapping node E; wherein for any node I on the path i The following binary functional relationship is satisfied:
P(I i ) Is node I i A value between 0 and 1 is randomly generated after receiving the M _ REQ message, when P (I) i )∈[0,P f1 ]Then continue to the subsequent node I i+1 Forwarding, otherwise node I i For the mapping node E of P, each node I on the mapping path i A mapping table is also needed to be created for storing the resource ID and the message triplets of the previous node and the subsequent node<FID,I i-1 ,I i+1 &When a mapping node E is established, a mapping response message M _ RES is returned to a resource publishing node P according to a mapping table, wherein the M _ RES message comprises a network layer address IP and Port information of the node E;
step 3, after the mapping path is constructed, the node P starts to release the resource information; the node P forms a quintuple by the FID, the related information of the resource, the session key SecK and the IP and Port information of the mapping node E:<FID,Info,SecK,IP E ,Port E >;N 1 ,N 2 ,…,N n neighbor nodes that are P, from which the node is from its neighbor node set Neig P ={N 1 ,N 2 ,N 3 ,…,N n Selecting a neighbor node closer to the FID to send a resource publishing message P _ REQ, storing the quintuple by the neighbor node receiving the P _ REQ message, then continuously searching a routing table of the neighbor node, finding out the neighbor node closer to the FID, continuously and iteratively sending the P _ REQ message, and stopping publishing the message if the neighbor node closer to the FID is not found;
step 4, when the user node S is ready to search resources by keywords, S firstly hashes the keywords input by the user to obtain a keyword hash value KID, and then S selects ALPHA nodes neighbor with the closest distance to KID from the routing table S ={N 1 ,N 2 ,…,N ALPHA Sending a resource search request S _ REQ, wherein ALPHA is the dimension of synchronous search;
step 5, neighbor node N i After receiving the S _ REQ message sent by the node S, the probability P is used f2 ∈[0,1]Backward turningHair, f 2 For forwarding events in the anonymous search process of the resource, i.e. finding out the nodes closer to KID from its routing table, and then continuing to send S _ REQ messages to it, or with probability (1-P) f2 ) A response message S _ RES of the search request is returned to the previous node, and for a certain search Path Path = { J = 1 ,J 2 ,J 3 ,…,J n On any node J i The following binary functional relationship is satisfied:
P(J i ) Is node J i A value between 0 and 1 is randomly generated after receiving the resource mapping message, when P (J) i )∈[0,P f2 ]When, J i Finding out the node J more adjacent to KID from its routing table i+1 Then to J i+1 Continue sending S _ REQ message, otherwise J i Will comprise J i+1 Node J is relayed to the S _ RES message of the node information i-1 Returning until iteration returns to the resource search initiator S; after a certain node returns the S _ RES message, the round of search is finished, and after the S _ RES message returns to the node S, the S starts the next round of search according to the content in the S _ RES message until the required resource information is searched, and the whole search process is finished;
step 6. The node S prepares to download a certain resource FID, S sends the obtained information<FID,Info,SecK,IP E ,Port E &A mapping node E contained in the node B sends a resource downloading request D _ REQ, when the D _ REQ message from the S is received by the node B, a mapping table T of the D _ REQ message is inquired according to the FID in the message, and then the message is forwarded to a relay node of the D _ REQ message until the node P;
and 7, after receiving the forwarded D _ REQ message, the node P encrypts a resource File corresponding to the FID to obtain an Profile, then the P puts the Profile into a resource download response message D _ RES, sends the profile to a mapping node E through a mapping path L, and sends the profile to the node S through the node E, and the S decrypts the resource according to a session key SecK obtained in the anonymous resource searching process to obtain original data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410340343.2A CN104168265B (en) | 2014-07-16 | 2014-07-16 | A kind of anonymous communication method based on distributed hashtable network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410340343.2A CN104168265B (en) | 2014-07-16 | 2014-07-16 | A kind of anonymous communication method based on distributed hashtable network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104168265A CN104168265A (en) | 2014-11-26 |
| CN104168265B true CN104168265B (en) | 2018-01-05 |
Family
ID=51911889
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410340343.2A Active CN104168265B (en) | 2014-07-16 | 2014-07-16 | A kind of anonymous communication method based on distributed hashtable network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104168265B (en) |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105721627B (en) * | 2016-02-25 | 2018-12-11 | 中国科学院信息工程研究所 | A kind of online de-identification method of IP network flow data |
| CN107248994B (en) * | 2017-06-26 | 2020-08-14 | 联动优势科技有限公司 | Information sending method, processing method and device |
| EP3503595B1 (en) * | 2017-12-19 | 2020-11-11 | Nokia Technologies Oy | Provision of location-specific user information |
| CN110022222B (en) * | 2018-01-10 | 2022-02-25 | 中兴通讯股份有限公司 | Management method, network node, management node and system of DHT network |
| GB201802347D0 (en) * | 2018-02-13 | 2018-03-28 | Nchain Holdings Ltd | Computer-implemented system and method |
| CN109413187A (en) * | 2018-11-01 | 2019-03-01 | 中国科学院计算机网络信息中心 | A kind of general diagram data online interaction formula browsing analysis method |
| CN109996229B (en) * | 2019-02-28 | 2022-06-24 | 达闼机器人股份有限公司 | Data transmission method and device based on DHT network, electronic equipment and storage medium |
| CN111970243B (en) * | 2020-07-20 | 2022-06-03 | 北京邮电大学 | Message forwarding method of multi-stage routing in anonymous communication network |
| CN111970245B (en) * | 2020-07-20 | 2021-07-20 | 北京邮电大学 | Heterogeneous layered anonymous communication network construction method and device |
| CN112256638A (en) * | 2020-11-02 | 2021-01-22 | 大连理工大学 | Method for searching limited decentralized distributed hash table resources in CNFS protocol |
| CN112866369B (en) * | 2021-01-12 | 2023-07-25 | 北京工业大学 | Anonymous P2P network anonymity degree assessment method based on hidden Markov model |
| CN114051236B (en) * | 2022-01-12 | 2022-04-12 | 华东交通大学 | Anonymous communication method, system, medium and electronic device based on rerouting mechanism |
| CN114567492B (en) * | 2022-03-04 | 2023-12-01 | 云南电网有限责任公司 | Controller hiding method, device and system based on DHT network and storage medium |
| CN114844670B (en) * | 2022-03-22 | 2023-03-10 | 电子科技大学 | IP address hiding method based on named network |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1731742A (en) * | 2005-08-26 | 2006-02-08 | 南京邮电大学 | Distributed hash table in opposite account |
| CN101064649A (en) * | 2007-02-02 | 2007-10-31 | 华为技术有限公司 | Method, apparatus and system for selecting super node, searching network node or resource |
| CN102547471A (en) * | 2010-12-08 | 2012-07-04 | 中国科学院声学研究所 | Method and system for obtaining candidate cooperation node in P2P streaming media system |
| WO2012146508A1 (en) * | 2011-04-25 | 2012-11-01 | Alcatel Lucent | Privacy protection in recommendation services |
-
2014
- 2014-07-16 CN CN201410340343.2A patent/CN104168265B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1731742A (en) * | 2005-08-26 | 2006-02-08 | 南京邮电大学 | Distributed hash table in opposite account |
| CN101064649A (en) * | 2007-02-02 | 2007-10-31 | 华为技术有限公司 | Method, apparatus and system for selecting super node, searching network node or resource |
| CN102547471A (en) * | 2010-12-08 | 2012-07-04 | 中国科学院声学研究所 | Method and system for obtaining candidate cooperation node in P2P streaming media system |
| WO2012146508A1 (en) * | 2011-04-25 | 2012-11-01 | Alcatel Lucent | Privacy protection in recommendation services |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104168265A (en) | 2014-11-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104168265B (en) | A kind of anonymous communication method based on distributed hashtable network | |
| CN104852801B (en) | A kind of public key encryption method that can search for | |
| El-Khatib et al. | Secure dynamic distributed routing algorithm for ad hoc wireless networks | |
| Bilal et al. | A secure key agreement protocol for dynamic group | |
| Zhang et al. | PIF: A personalized fine-grained spam filtering scheme with privacy preservation in mobile social networks | |
| Naghizadeh et al. | Structural‐based tunneling: preserving mutual anonymity for circular P2P networks | |
| Jaatun et al. | The design of a redundant array of independent net-storages for improved confidentiality in cloud computing | |
| Kaaniche et al. | Privacy preserving cooperative computation for personalized web search applications | |
| Saboori et al. | Anonymous communication in peer-to-peer networks for providing more privacy and security | |
| Zhang et al. | Collusion-resistant query anonymization for location-based services | |
| Ramezanian et al. | Lightweight privacy-preserving ride-sharing protocols for autonomous cars | |
| Guo et al. | Privacy-preserving revocable content sharing in geosocial networks | |
| Chuah et al. | Secure descriptive message dissemination in dtns | |
| Joy et al. | DiscoverFriends: secure social network communication in mobile ad hoc networks | |
| Luo et al. | NMHP: A privacy preserving profile matching protocol in multi-hop proximity mobile social networks | |
| Ren et al. | Anonymous communication in overlay networks | |
| Riahla et al. | A protocol for file sharing, anonymous and confidential, adapted to p2p networks | |
| Arnedo-Moreno et al. | Anonymously accessing JXTA community services through split message forwarding | |
| Rani et al. | End-to-end security in delay tolerant mobile social network | |
| Wang et al. | Content-based encryption | |
| Dhankani et al. | Anonymous communication system based on onion routing | |
| Mhapasekar | Accomplishing anonymity in peer to peer network | |
| Zeilemaker et al. | 4P: Performant private peer-to-peer file sharing | |
| Taher et al. | Age-based anonymity: a randomized routing approach to communication unobservability | |
| Nandan et al. | GhostShare-reliable and anonymous P2P video distribution |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20141126 Assignee: NUPT INSTITUTE OF BIG DATA RESEARCH AT YANCHENG CO., LTD. Assignor: Nanjing Post & Telecommunication Univ. Contract record no.: X2019980001249 Denomination of invention: Distributed hash table network-based anonymous communication method Granted publication date: 20180105 License type: Common License Record date: 20191224 Application publication date: 20141126 Assignee: Nanjing Nanyou Information Industry Technology Research Institute Co. Ltd. Assignor: Nanjing Post & Telecommunication Univ. Contract record no.: X2019980001257 Denomination of invention: Distributed hash table network-based anonymous communication method Granted publication date: 20180105 License type: Common License Record date: 20191224 |
|
| EC01 | Cancellation of recordation of patent licensing contract | ||
| EC01 | Cancellation of recordation of patent licensing contract |
Assignee: NANJING NANYOU INSTITUTE OF INFORMATION TECHNOVATION Co.,Ltd. Assignor: NANJING University OF POSTS AND TELECOMMUNICATIONS Contract record no.: X2019980001257 Date of cancellation: 20220304 |