CN105376240B - A kind of anonymous submission system for being not required to trusted third party - Google Patents
A kind of anonymous submission system for being not required to trusted third party Download PDFInfo
- Publication number
- CN105376240B CN105376240B CN201510832711.XA CN201510832711A CN105376240B CN 105376240 B CN105376240 B CN 105376240B CN 201510832711 A CN201510832711 A CN 201510832711A CN 105376240 B CN105376240 B CN 105376240B
- Authority
- CN
- China
- Prior art keywords
- message
- client
- clients
- anonymous
- server end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
Abstract
The invention discloses a kind of anonymous submission systems for being not required to trusted third party, including there are one the clients for being used to send anonymous message for receiving the server end of message with several, several clients surround a circle in logic, and two adjacent clients share a secret random sequence in circle;When any client needs to send anonymous message, one section is taken to carry out XOR operation with the anonymous message for needing to send in the secret random sequence of itself two respectively, the result of exclusive or is finally sent to server end, other clients for not needing to send anonymous message also respectively choose progress XOR operation from itself two secret random sequence, and exclusive or result is sent to server end, the message that server end sends over several clients is carried out after XOR operation to get to the anonymous message of transmission.The present invention client there is any discrepancy flow it is all monitored in the case of be still safe.
Description
Technical field
The present invention relates to anonymous communication and data anonymity technology field, specifically a kind of anonymity for being not required to trusted third party carries
Friendship system.
Background technology
Anonymity submission or issue of anonymity have been a demands since people are consistent.Under actual environment, people pass through biography
It passs small paper slip and Investment Trust enters mailbox(Such as the box for letters of accusation of department)Mode carry out anonymous expression and transmit information.In digital world
In, the more of hardly possible are done in anonymity, because digital communication always has mark that can follow.With the rise of internet, each commercial company and state
This field is also being explored by anti-mechanism.Since the demand to anonymous intensity is different, so being produced under different application scenarios
Different anonymity schemes.
Existing technical solution is generally divided to two classes.One kind is by believable third-party participation, by believable third
Square handover communication content is without the information that discloses the source of information.The service that commercial undertaking used in present general public provides all belongs to
In this kind of.Such as anonymous chat of " secret " app, QQ, everybody treehole.Such application has concealed the identity information of communication people,
Other communication process are constant.In effect, only a kind of non-critical anonymity, because other people can cause client there are many method
Identity information be leaked, the third party of service is such as provided, loophole is utilized by hacker, the network of client is route by hacker
It monitors or even third party actively reveals.Using such method, dependent on to third-party trust, and third party is not in addition to leading
Dynamic leakage information is outer but also to provide the service of certain safety.
Second class is the anonymity in technological means, not against the participation of trusted third party.What input was practical at present has TOR systems
System and I2P systems(The latter is the former upgrading).Be equipped with tor softwares global all clients be connected to become one it is macro
Big Anonymizing networks.Client is connected to any website by tor Anonymizing networks, without the real ip address to stick one's chin out.
The key technology of tor softwares is to access Route Selection, automatically selects routing by client end, each tor nodes only know some
A upper node and next node for data packet, it is not known that the source address and destination address of data packet.So as to accomplish to be not required to trust
Third-party anonymity.On technique effect, a very high and outstanding scheme of safety.The condition of safety is to be equipped with
Each client of tor softwares is not conspiracy attack.Unless some mechanism has grasped many tor clients, could obtain
Source-information.
Invention content
The technical problem to be solved in the present invention is to provide a kind of anonymous submission system for being not required to trusted third party, even if in visitor
Family end there is any discrepancy flow it is all monitored in the case of be still safe, and the present invention can not be too many in number of users
It is applicable under mininet environment.
The technical scheme is that:
A kind of anonymous submission system for being not required to trusted third party, if including there are one for receive the server end of message and
The dry client for being used to send anonymous message, several described clients surround a circle in logic, i.e., any client
There are two adjacent clients at end;Two adjacent clients share a secret random sequence in the circle, i.e., each
Client enjoys that there are two secret random sequences;It is secret at itself two respectively when any client needs to send anonymous message
It takes one section to carry out XOR operation with the anonymous message for needing to send in close random sequence, the result of exclusive or is finally sent to service
Device end, it is different that other clients for not needing to send anonymous message also respectively choose one section of progress from itself two secret random sequence
Or operation, and exclusive or result is sent to server end, the message that server end sends over several clients carries out different
Or to get to the anonymous message of transmission after operation;Wherein, one section that two clients of a secret random sequence are chosen is shared
It is identical.
The secret random sequence is a sufficiently long binary bit sequence, chooses one section of participation of fixed length every time
XOR operation then abandons used one section after use.
Any client two sequences generation the step of be:Several clients are sent out to server end first
TCP connection is played, using server-side as intermediary, key exchange is carried out between adjacent two clients, each client obtains two
Secret number makees seed with the two secret numbers, and corresponding two are generated respectively using the Pseudo-Random Number of cryptography safety
A secret random sequence.
Key exchanges the public key of i.e. several clients of received server-side, and any client receives the phase that server is sent
The public key of two adjacent clients and with the private key of oneself by operation obtain two share with corresponding particular clients it is secret
Close number.
The anonymous message is formed third bit sequence in the form of ASIIC codes, random with two secrets of client
One section of progress XOR operation of sequence, obtains a final binary bit sequence, as the message for being sent to server end.
An incremental sequence number is safeguarded in the beginning for the message that the client is sent, and server end is to identical sequence
Number the message that sends of all clients carry out XOR operation, if the final result-exclusive or this time communicated the result is that 0,
Represent that no client delivers message, it is as a result non-zero then into row decoding, daily record is written, user checks for server end.
The digest value of all message that the server returns gives each client, when client finds that oneself is sent out
The message seen off is not embodied in the abstract of return, then proves not send success due to conflict etc., is waited for random
Time slice interval after send again.
Beneficial effects of the present invention are:
Anonymity in internet can not possibly accomplish it is absolute, be all based on it is certain under conditions of.This programme focuses on
The dependence of condition is reduced as far as possible, emphasizes anonymous reliability and safety.
The condition that existing various anonymous means safeties rely on has following several:(1), believable third party(Trusteeship party is not
The information of client can actively or passively be revealed);(2), service provider is by hacker attack(Even if not exclusively it is relevant such as
Serve log etc can also obtain partial information);(3), client goes out inbound traffics and is not monitored(It is existing nearly all for anonymity
Technology cannot all not depend on this point, and administrator under LAN environment or shot the hacker of home router and held very much
What can not easily be discovered accomplishes this point);(4), software other users be believable(Such as TOR networks and I2P networks,
A part of information can be got using the node of multiple vacations)
The present invention is monitored in the inbound traffics that go out of all clients server-side, and attacker can not be also obtained about disappearing
Cease the useful information in source.In the case where arbitrary multiple client is conspired, the present invention also can guarantee anonymous reliability.Only
In the case that in server-side and certain customer end A, adjacent two clients are conspired in logic, the information of customer end A can just be revealed.
And it is whose that client user, which is " neighbours " for knowing and passing through digital signature authentication oneself, so as to which he can believe this
Two people will not be that sensitive anonymous message is retransmited in the case of spy.
Specific embodiment
The specific embodiment of the present invention that a kind of Perl programmings are realized, is deployed in a server-side and several clients
Mininet in, each client and server-side are present in the form of background process.Flow is broadly divided into two parts, initially
Change process and the course of work.Wherein initialization performs for wakeup process and negotiates the parameter of execution, and the course of work is initial
Start be periodically executed from the background after changing.Whole communication uses the powerful libraries for event-driven programming of Perl on supporting
AnyEvent has very excellent performance so that the present invention is reliable and easy to maintain.
(1), client initialization:
A, several clients initiate TCP connection to server end respectively, by using IO::Socket modules;
B, it performs Diffie-Hellman keys between client to exchange, kind of the obtained secret number as pseudo-random algorithm
Son;
Wherein, the p and g needed for Diffie-Hellman algorithms(Modulus and primitive root)It is publicly-owned in the protocol as parameter, this
Parameter manually generates, using 512bit(Bit)Number;The Crypt of Perl::DH modules generate the client oneself according to parameter
Diffie-Hellman public private key pairs, wherein, private key calls the stochastic source of client operating system oneself to generate at random, and public key is pressed
It is calculated according to algorithm corresponding to private key;
The public key of oneself, behind enclose the DSA digital signature of oneself, be sent to server end, server end returns to
The public key of the two neighboring client of the client, client inspection receive public key signature to avoid server end deception;
Any client receives the public key for adjacent two client that server is sent and passes through with the private key of oneself
Operation as defined in Diffie-Hellman obtains two secret numbers only shared with corresponding particular clients;
C, the Math of Perl::Random::Secure modules use cryptography according to the secret number of this two 512 bits
The Pseudo-Random Number of safety generates two PRBS pseudo-random bit sequences, local is stored in after obtaining enough length respectively
The position of safety.
D, the ready signal at waiting for server end.
(2), server end initialization:
A, TCP socket monitor server end for the certain port number with user client communication, and connection quantity is waited for reach
Scheduled quantity;If being operated under intranet environment while need to check whether source ip is legitimate client;
B, the public key that reading client is sent from each connection carries out the distribution of public key, i.e. handle after all having read
All clients surround a circle in logic in order, and any client sends the public key of its two adjacent client
To it;
C, ready signal is assigned.
(3), client the course of work:
A, communication between upper layer application and this service is established by local Socket forms, monitors local a port,
The port is used for receiving the message of upper layer application transmission.The IO Watcher in an AnyEvent library are registered for the Socket,
Once this connection is readable, then the message read is assigned to a global variable, following Timer is passed to this
Watcher processing;
B, pass through a Timer Watcher(Timer in AnyEvent)It is spaced at a fixed time, from two puppets
One section is read in random sequence backward(It is set as 128B ~ 1024B to be preferred), two big integer types are converted into, and should upper strata
It is stitched together after being encoded with the character string for passing over anonymous message by ASIIC, forms another big integer, three's exclusive or hair
It is sent in the Socket being connect with server end;That big integer that character string is formed(Optionally)A random value is moved to left,
To reduce the generation of conflict;C, the confirmatory message that server end returns is received, if receiving for being returned under certain sequence number is interior
There is no the message oneself sent in the abstract of appearance, then prove not send success due to conflict etc., be moved back using index
The time interval kept away is retransmitted.
(4), server end the course of work:
Array is written in the content received by IO Watcher readings, by Timer Watcher, reads current sequence number
The message that each client is sent down is carried out exclusive or in the form of integer, then result is decoded, with a byte(8
Bit)For unit, 0 discarding is read, if reading non-zero byte, it is meant that this is the beginning of a character string, a byte one
A byte reads character, is stored in a string variable, until reading 0, it is meant that end of string;Continue to read backward possible
Another client character string;Last content is write in LOG, and returns to the abstract of each character string to all clients
(It is not returned then if it is sky);Due to the presence of previous random shift left operation, so when two clients are all in some sequence number
In when having sent substantial message, two character strings of script may avoid position and come so as to all decode.This measure
Reduce collision probability.In the design background of this programme, since client submits anonymous message can't be frequent, so conflict will not
Seriously.
Claims (6)
1. a kind of anonymous submission system for being not required to trusted third party, including there are one for receiving the server end of message and several
A client for being used to send anonymous message, it is characterised in that:Several described clients surround a circle in logic, i.e.,
There are two adjacent clients for any client;Two adjacent clients share a secret stochastic ordering in the circle
Row, i.e., each client enjoy that there are two secret random sequences;When any client needs to send anonymous message, respectively at itself
Two secret random sequences in take one section to carry out XOR operation with the anonymous message for needing to send, finally by the result of exclusive or hair
Server end is given, other clients for not needing to send anonymous message also respectively choose one from itself two secret random sequence
Duan Jinhang XOR operation, and exclusive or result is sent to server end, server end disappears what several clients sended over
Breath is carried out after XOR operation to get to the anonymous message of transmission;Wherein, two clients choosing of a secret random sequence is shared
One section taken is identical.
2. a kind of anonymous submission system for being not required to trusted third party according to claim 1, it is characterised in that:Described is secret
Close random sequence is a binary bit sequence, chooses one section of participation XOR operation of fixed length every time, use is then abandoned after use
One section crossed.
3. a kind of anonymous submission system for being not required to trusted third party according to claim 1, it is characterised in that:Described appoints
One client two sequences generation the step of be:Several clients initiate TCP connection to server end first, with service
It holds as intermediary, key exchange is carried out between adjacent two clients, each client obtains two secret numbers, secret with the two
Close number makees seed, and corresponding two secret random sequences are generated respectively using the Pseudo-Random Number of cryptography safety.
4. a kind of anonymous submission system for being not required to trusted third party according to claim 1, it is characterised in that:Described hides
Name message is formed third bit sequence in the form of ASIIC codes, different with one section of progress of two secret random sequences of client
Or operation, a final binary bit sequence is obtained, as the message for being sent to server end.
5. a kind of anonymous submission system for being not required to trusted third party according to claim 4, it is characterised in that:The visitor
An incremental sequence number is safeguarded in the beginning for the message that family end is sent, and server end sends out all clients of same sequence number
The message that send carries out XOR operation, if the final result-exclusive or this time communicated the result is that 0, represents that no client passes
Message has been passed, it is as a result non-zero then into row decoding, daily record is written, user checks for server end.
6. a kind of anonymous submission system for being not required to trusted third party according to claim 5, it is characterised in that:The clothes
The digest value of all message that business device returns is to each client, when the message that client finds oneself to send does not have
It is embodied in the abstract of return, then proves not send success due to conflict etc., wait for behind random time slice interval again
Secondary transmission.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510832711.XA CN105376240B (en) | 2015-11-26 | 2015-11-26 | A kind of anonymous submission system for being not required to trusted third party |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510832711.XA CN105376240B (en) | 2015-11-26 | 2015-11-26 | A kind of anonymous submission system for being not required to trusted third party |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105376240A CN105376240A (en) | 2016-03-02 |
CN105376240B true CN105376240B (en) | 2018-07-06 |
Family
ID=55378045
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510832711.XA Active CN105376240B (en) | 2015-11-26 | 2015-11-26 | A kind of anonymous submission system for being not required to trusted third party |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105376240B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110825922B (en) * | 2018-08-14 | 2020-08-04 | 阿里巴巴集团控股有限公司 | Data statistical method and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102006165A (en) * | 2010-11-11 | 2011-04-06 | 西安理工大学 | Ring signature method for anonymizing information based on multivariate public key cryptography |
CN102291396A (en) * | 2011-08-01 | 2011-12-21 | 杭州信雅达数码科技有限公司 | Anonymous authentication algorithm for remote authentication between credible platforms |
CN102891856A (en) * | 2012-10-18 | 2013-01-23 | 中国科学院信息工程研究所 | Safe access method between plural entity and plural entity identity relaying party |
CN103593899A (en) * | 2013-11-01 | 2014-02-19 | 华侨大学 | Anonymous group voting method based on bluetooth |
CN104917615A (en) * | 2015-04-24 | 2015-09-16 | 广东电网有限责任公司信息中心 | Trusted computing platform attribute verification method based on ring signature |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130232198A1 (en) * | 2009-12-21 | 2013-09-05 | Arbitron Inc. | System and Method for Peer-to-Peer Distribution of Media Exposure Data |
-
2015
- 2015-11-26 CN CN201510832711.XA patent/CN105376240B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102006165A (en) * | 2010-11-11 | 2011-04-06 | 西安理工大学 | Ring signature method for anonymizing information based on multivariate public key cryptography |
CN102291396A (en) * | 2011-08-01 | 2011-12-21 | 杭州信雅达数码科技有限公司 | Anonymous authentication algorithm for remote authentication between credible platforms |
CN102891856A (en) * | 2012-10-18 | 2013-01-23 | 中国科学院信息工程研究所 | Safe access method between plural entity and plural entity identity relaying party |
CN103593899A (en) * | 2013-11-01 | 2014-02-19 | 华侨大学 | Anonymous group voting method based on bluetooth |
CN104917615A (en) * | 2015-04-24 | 2015-09-16 | 广东电网有限责任公司信息中心 | Trusted computing platform attribute verification method based on ring signature |
Also Published As
Publication number | Publication date |
---|---|
CN105376240A (en) | 2016-03-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Chen et al. | TARANET: Traffic-analysis resistant anonymity at the network layer | |
US10536269B2 (en) | Method and system for authentication and preserving the integrity of communication, secured by secret sharing | |
Freedman et al. | Tarzan: A peer-to-peer anonymizing network layer | |
US8144874B2 (en) | Method for obtaining key for use in secure communications over a network and apparatus for providing same | |
CN112425136B (en) | Internet of things security with multiparty computing (MPC) | |
Katabi | Information slicing: Anonymity using unreliable overlays | |
CN112106322A (en) | Password-based threshold token generation | |
JP2001508627A (en) | Improved network security device | |
Lazar et al. | Yodel: strong metadata security for voice calls | |
JPH088895A (en) | Method for key control of internet procedure and its device | |
Ristić | Bulletproof SSL and TLS | |
Zhao et al. | Security analysis of a password-based authentication protocol proposed to IEEE 1363 | |
CN105376240B (en) | A kind of anonymous submission system for being not required to trusted third party | |
Iovane | Computational quantum key distribution (CQKD) on decentralized ledger and blockchain | |
CN113973007B (en) | Time-controlled encryption anonymous query method and system based on broadcast encryption and onion routing | |
CN111970245B (en) | Heterogeneous layered anonymous communication network construction method and device | |
Mödinger et al. | 3P3: strong flexible privacy for broadcasts | |
Xu et al. | Self-updating one-time password mutual authentication protocol for ad hoc network | |
Nipane et al. | " Mix-in-Place" anonymous networking using secure function evaluation | |
Bansal et al. | Cracking the anonymous iot routing networks: A deep learning approach | |
Soltani et al. | Mid-defense: Mitigating protocol-level attacks in TOR using indistinguishability obfuscation | |
Jing et al. | Recipient anonymity: an improved crowds protocol based on key sharing | |
JP6787874B2 (en) | Communication system, communication method and communication program | |
Chen | Infrastructure-based anonymous communication protocols in future internet architectures | |
JP4911504B2 (en) | Anonymous authentication system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information |
Inventor after: Tian Hui Inventor after: Guo Yugang Inventor after: Liu Wenzhao Inventor before: Yu Nenghai Inventor before: Zhang Weiming Inventor before: Tian Hui Inventor before: Guo Yugang Inventor before: Liu Wenzhao |
|
COR | Change of bibliographic data | ||
GR01 | Patent grant | ||
GR01 | Patent grant |