CN108055194B - Privacy protection method supporting multi-label and user updating in microblog system - Google Patents

Privacy protection method supporting multi-label and user updating in microblog system Download PDF

Info

Publication number
CN108055194B
CN108055194B CN201711335877.6A CN201711335877A CN108055194B CN 108055194 B CN108055194 B CN 108055194B CN 201711335877 A CN201711335877 A CN 201711335877A CN 108055194 B CN108055194 B CN 108055194B
Authority
CN
China
Prior art keywords
blogger
service platform
microblog service
key
vermicelli
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711335877.6A
Other languages
Chinese (zh)
Other versions
CN108055194A (en
Inventor
谢满德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Gongshang University
Original Assignee
Zhejiang Gongshang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Gongshang University filed Critical Zhejiang Gongshang University
Priority to CN201711335877.6A priority Critical patent/CN108055194B/en
Publication of CN108055194A publication Critical patent/CN108055194A/en
Application granted granted Critical
Publication of CN108055194B publication Critical patent/CN108055194B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/52User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail for supporting social networking services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves

Abstract

The invention discloses a privacy protection method supporting multi-label and user updating in a microblog system, which comprises a blogger, fans and a microblog service platform in communication connection with the blogger and the fans, wherein the blogger and the fans are respectively registered in the microblog service platform, and the method further comprises the following steps: the blogger and the fan establish the attention relationship between the blogger and the fan by using an elliptic curve key exchange algorithm; based on the concern relationship, after the microblog service platform is successfully audited, the fan obtains the information issued by the blogger; and the microblog service platform reestablishes the attention relationship between the bloggers and the fans by utilizing an elliptic curve key exchange algorithm based on the new signature sent by the bloggers. The method protects the privacy of the fans under the condition that the platform is ensured to operate correctly according to the established model.

Description

Privacy protection method supporting multi-label and user updating in microblog system
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a privacy protection method for supporting multi-label and user updating in a microblog system.
Background
The microblog system is taken as a typical social network application, and the user privacy protection problem is always a concern in academic circles. Social network data is largely different from traditional data in terms of unstructured and graphical features, so that some traditional privacy protection technologies cannot meet the privacy protection requirement of the social network.
Emiliano De Cristofaro et al provides a privacy protection scheme named Hummingbird for privacy problems faced by Twitter, a micro-blog type social network, and the scheme realizes all confidential culture functions of all information in the transmission and storage processes on the basis of RSA blind signature, thereby preventing threats brought by server internal attacks to user privacy. Zhou et al propose to utilize k-anonymity methods to solve the problem of proximity attacks against social networks for structural features of social networks, and the solution does not affect aggregated queries against social networks. Leucio AntonioCutillo et al propose a privacy protection scheme for decentralized social networks called Safebook, which provides effective trust relationship management and improves the cooperative characteristics between legal nodes.
There are also many scholars who have suggested some improvements to the privacy preservation status of the social platform currently in commercial operation. Pang et al propose an improved privacy protection scheme for Facebook-like social platforms that improves the access control model of existing social platforms and allows users more autonomous control over privacy. For the current situation, Fang and the like propose a privacy wizard (privacy wizard) model which integrates a K-proximity clustering algorithm and a decision tree algorithm into a privacy policy control process and automatically completes privacy policy setting according to user behaviors.
With the popularity of mobile computing devices, such as smartphones, many social networking services are beginning to migrate to the mobile side as well. In such a case, the traditional social network privacy protection policy will be limited by the computing performance and power consumption of the mobile end. He provides a privacy protection strategy aiming at the requirement of low power consumption of a mobile computing platform, and the strategy provides that a CP-ABE ciphertext is converted into an El-Gamel ciphertext by a cloud end, so that the mobile equipment can perform decryption operation at lower power consumption cost.
The existing popular microblog system can be divided into a blogger, a fan and a microblog service platform in roles. The operation process of the service can be summarized as follows:
(1) bo owner and fan are first registered on the microblog service platform.
(2) The bloggers issue blog article type labels such as Stock, food, travel and health care on the microblog service platform at an irregular time, and each blog article can be labeled by the labels. Tags for identifying microblog contents or important information, such as Stock, food, travel, health care and the like, are called HashTag, abbreviated as HT hereinafter. In particular, a blog may be identified by a plurality of tags, such as by HT1,HT2,…, HTnTo mark a micro-blog.
(3) The vermicelli applies attention authorization to the blogger through the microblog service platform according to the blogger's own attention label such as Stock, food or travel, and one vermicelli can pay attention to a plurality of blogger labels (recorded as HT)1,HT2,…,HTn) It is of course also possible that these labels are marked with the same blog article.
(4) After receiving the fan application, the blogger reviews the qualification and determines whether to approve attention.
(5) Bloggers issue bloggers and may be tagged with multiple HT's.
(6) And the microblog service platform transfers the blog articles to all users paying attention to the blog articles of the blogger.
(7) And the fan successfully receives the blog articles pushed by the microblog service platform.
In the process, serious privacy information leakage exists, and the following three aspects are mainly adopted:
(1) the fan privacy information is disclosed to the microblog service platform. After entering the microblog service platform, the user needs the microblog service platform to help forward the attention application, match and forward the blog article, so that the privacy information of the user, such as fan hobbies, political tendencies or physical states, can be completely disclosed to the microblog service platform.
(2) The privacy information of the vermicelli is revealed to the bloggers. When the attention application is submitted, the blogger can accurately know which kind of blogged text the fan paying attention to, and therefore the privacy information of the user is also revealed to the blogger.
(3) The information of the bloggers is revealed to the microblog service platform. The microblog service platform bears the pairing task of the bloggers and the fans, so that the bloggers of the microblog service platform are transparent to the microblog service platform.
Disclosure of Invention
The invention aims to provide a privacy protection method for supporting multi-label and user updating in a microblog system, which can protect the privacy of fans under the condition of ensuring that a platform operates correctly according to a set model.
In order to achieve the purpose, the invention provides the following technical scheme:
a privacy protection method supporting multi-label and user updating in a microblog system comprises a blogger, fans and a microblog service platform in communication connection with the blogger and the fans, wherein the blogger and the fans are respectively registered in the microblog service platform, and the method further comprises the following steps:
the blogger and the fan establish the attention relationship between the blogger and the fan by using an elliptic curve key exchange algorithm;
based on the concern relationship, after the microblog service platform is successfully audited, the fan obtains the information issued by the blogger;
and the microblog service platform reestablishes the attention relationship between the bloggers and the fans by utilizing an elliptic curve key exchange algorithm based on the new signature sent by the bloggers.
According to the invention, by means of the existing modern cryptographic technologies such as the elliptic curve and the like, the problem that the blogger completes authorization without knowing specific attention information of the fan is solved, the microblog service platform performs correct blind matching and data forwarding without knowing any attention information, and the fan can correctly receive and read the blogged text without revealing any privacy. Particularly, the method can correctly process the vermicelli to pay attention to various blog article types at one time, and the blogger can effectively cancel the attention of the user after the vermicelli is overdue, such as under the condition of no renewal.
Preferably, before establishing the concern relationship, the microblog service platform initializes the system, selects an elliptic curve as a basis of an elliptic curve key exchange algorithm in the whole system, and publishes a parameter T ═ q, a, b, G, n, h of the selected elliptic curve. The initialization of the microblog service platform lays a foundation for the subsequent establishment of the concern relationship and the forwarding of the blog, and the stability and the confidentiality of the whole method are improved.
Preferably, the establishing of the attention relationship between the blogger and the fan by using an elliptic curve key exchange algorithm comprises the following steps:
(a) the fans send attention request information (fans, bloggers, U) containing encryption information U to the microblog service platform for storage, wherein the encryption information U is { mu ═ mui,i=1,2,…,N},μi=F(H(tagi) R, where r is a random number generated by vermicelli, tagiLabeling Bowen type, H () is a hash function, F () is a function that encodes data to a point on an elliptic curve;
(b) after the blogger is on line, the microblog service platform forwards the attention request message (vermicelli, blogger, U) to the blogger;
(c) after the owner passes the qualification verification of the vermicelli, the blindly signing is carried out on the encrypted information U to generate blindly signed information U' ═ { mu ═i′,i=1,2,…,N},μi′=xμiAnd returning a request response message (fan, blogger, U ') containing the blind signature information U' to the microblog service platform for storage, wherein x is a random number generated by the blogger;
(d) after the fan receives the request response message (fan, blogger, U ') forwarded by the microblog service platform, the blind signature information U' is subjected to blind removal operation to obtain a signature hash value T, the message (blogger, TAGS, delta, T) is stored, and a confirmation attention message (fan, blogger, T) containing the signature hash value T is sent to the microblog service platform to be stored, so that the establishment of the attention relationship is completed;
wherein TAGS ═ { tag ═ tagi,i=1,2,…,N},Δ={i,i=1,2,…,N}, T={ti,i=1,2,…,N},tagiiAnd tiHas a one-to-one correspondence relationship.
Preferably, the approval of the blog for the fan qualification comprises:
if the vermicelli pays corresponding fees, the vermicelli qualification is approved; or the like, or, alternatively,
and if the vermicelli meets the auditing conditions customized by the blogger, the vermicelli qualification is approved.
The above-mentioned auditing conditions are contents set by the information publisher according to the self-intention, and are not limited here.
Preferably, the performing a busy removing operation on the blind signature information to obtain the signature hash value T includes:
computing signaturesi=r-1μi′(mod q),μi' (mod q) is a modulo operation;
computing a signed hash value ti=H2(i),H2() is a hash function.
Preferably, the obtaining, by the fan, the information issued by the blogger after the audit of the microblog service platform is successful based on the concern relationship includes:
(a) the blogger release contains blog infoeKEYS, signed Hash value T*Information (info) ofe,KEYS,T*) Accessing the microblog service platform;
(b) the microblog service platform compares the records in the (A, B, T) format stored in the attention relationship establishing stage, and judges that the condition (B ═ Bo owner) ^ (T ═ T) is met*
Figure BDA0001507388860000051
) Then, a message (info) is sente,encKeyiBo Zhu, ti) To the vermicelli, wherein, encKeyiIs and tiHave a corresponding relationship;
(c) message (info) received by the vermicelli paire,encKeyiBo Zhu, ti) And decoding to obtain the Bowen.
Further, the blog infoeKEYS, signed Hash value T*Obtained by the following method:
infoe=AESEnckey(infop)
Figure BDA0001507388860000061
Figure BDA0001507388860000062
Figure BDA0001507388860000063
Figure BDA0001507388860000064
KEYS={enckeyi,i=1,2,...,N}
Figure BDA00015073888600000610
wherein, infopIn Bowen, H (. X.), H2(*)、H1(. one) are hash functions different from each other, AESEnckey(-) denotes the AES encryption algorithm with key as key,
Figure BDA0001507388860000068
is shown in
Figure BDA0001507388860000069
For the AES encryption algorithm of the key, encKeyiIs the ith encrypted key.
Preferably, said pair of received messages (info)eencKey, blogger, t) decodes to obtain the blog article including:
and recovering the AES encryption key:
ki=H1(i)
Figure BDA0001507388860000065
wherein the content of the first and second substances,
Figure BDA0001507388860000066
representing passage of a key kiCarrying out AES decryption operation;
according to the obtained key, the blog info is obtained through an AES decryption algorithmp
Figure BDA0001507388860000067
Wherein, AESDeckey(-) denotes AES decryption operation by key.
Preferably, the reestablishing, by the microblog service platform, the concern relationship between the blogger and the fan by using an elliptic curve key exchange algorithm based on the new signature sent by the blogger includes:
(a) the blogger generates and stores a new random number x', and calculates a new signature c ═ x-1x(mod n) and sending includesThe new signature c and the key replacing request information (Bob, c, S) of the continuation fan S are sent to the microblog service platform, wherein S is<(User1,T1),(User2,T2),…,(Userm,Tm)>, UsermDenotes the m-th vermicelli, TmRepresent and UsermA corresponding signature hash value;
(b) after the fans waiting for appointment making are on line, the microblog service platform sends a message requiring appointment making to the fans waiting for appointment making;
(c) the continuous vermicelli generates a new random number r#Calculating
Figure BDA0001507388860000071
And sends the encrypted information
Figure BDA0001507388860000072
Accessing the microblog service platform;
(d) encryption information U received by the microblog service platform#Computing
Figure BDA0001507388860000073
And will blind sign information
Figure BDA0001507388860000074
Returning to the continuous vermicelli;
(e) the renewal fan is based on the received U#′Computing
Figure BDA0001507388860000075
And
Figure BDA0001507388860000076
the local store (blogger, TAGS, delta) is then updated#,T#) And sends the hash value T#And storing the information to the microblog service platform to finish reestablishing the attention relationship between the bloggers and the fans.
In the technical scheme, because the blind signature is adopted, the blogger only knows that a fan pays attention to the blogger, but does not know which kind of information the fan pays attention to, so that the confidentiality of the information paid attention to by the fan can be ensured. If the fans are due or owed, the owner cancels the attention of the fans which do not renew or meet the requirements in a key updating mode, and the fans cannot be decrypted correctly after the next message is released.
Compared with the prior art, the invention has the advantages that:
1) the privacy of the vermicelli is protected. Because the attention request is encrypted information, the microblog service platform can store and forward the encrypted information but cannot obtain the original information; the blogger is a blind signature of the encrypted request for attention, so the blogger only knows that a certain user is paying attention to him, but not which kind of live broadcast he is paying attention to.
2) The privacy of the blogger is protected. Because the blog text is encrypted information, the microblog service platform can store, match and forward the blog text, but the original information of the blog text cannot be obtained, the fan can decrypt only the user who obtains the authorization attention, and the unauthorized user cannot decrypt.
3) The fans and the bloggers in the system can be out of synchronization, namely, the fans and the bloggers do not need to be on line at the same time, and the establishment of the concern relationship is completed in an asynchronous mode completely. This greatly extends the scope of use of the invention.
4) The fans can pay attention to a plurality of keywords tag for marking the blog, the blogger can release the blog marked by the keywords, and the microblog service platform can correctly match and forward the blog to all fans paying attention to the blog (possibly, the marks HT paid attention by the fans are different).
5) The doctor can cancel the attention of the fans who do not renew or meet the requirements in a key updating mode, and other fans can still watch the blog article normally.
Drawings
Fig. 1 is a flowchart of a privacy protection method for supporting multiple tags and user updating in a microblog system provided in this embodiment;
fig. 2 is a flowchart illustrating a key exchange process according to this embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the detailed description and specific examples, while indicating the scope of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention.
Fig. 1 is a flowchart of a privacy protection method for supporting multiple tags and user updating in a microblog system provided by this embodiment. Referring to fig. 1, the privacy protecting method includes the following five stages:
the first stage is as follows: protocol initialization and user registration, wherein the protocol initialization and the user registration are mainly used for completing parameters required by the protocol, and the blogger and the fan register on the microblog service platform.
And a second stage: and establishing an attention relationship, initiating an attention request to the blogger by the fan in the stage through an attention request message containing tag, and auditing and confirming the attention request by the blogger. In the process, a key exchange algorithm based on an elliptic curve is completed.
And a third stage: and (4) the blogger issues bloggers, the microblog service platform completes the blog blind matching based on tag under the condition that the content of the tag plaintext cannot be obtained, and forwards the matched bloggers to the corresponding vermicelli. The blog article is encrypted by the AES algorithm before being released and stored.
A fourth stage: the vermicelli receives and decodes the blog.
The fifth stage: and (4) replacing the key, namely when the blog owner wants to remove the attention of some fans, distributing a new encryption key to other normal fans, wherein the process is completed by the microblog service platform on the premise of not acquiring the information related to the tag and the old key.
The first phase mainly includes system initialization and user initialization. The specific process is as follows:
when the method is deployed on a microblog service platform, system initialization is required. When the system is initialized, the microblog service platform selects an elliptic curve as the basis of an elliptic curve key exchange algorithm in the whole system, and publishes the parameter T of the selected elliptic curve as (q, a, b, G, n, h). Wherein q, a, b define an expression for an elliptic curve. G is any point on the elliptic curve, calledFor the base point, the key generation and encryption operations in elliptic curve cryptography are based on that point, n being the order of the base point G, and
Figure BDA0001507388860000091
the ratio of the elliptic curve step to the base point step is shown. The system initialization process is only performed once at system deployment.
The fan and the gambler first register with the user to obtain login credentials, and when the gambler registers, user initialization is required. Initially, the user generates a random number x as his id by the blogger Bob. The id is owned by the owner Bob alone, and the platform and fans do not know the value.
After the protocol initialization and user registration phases are finished, the second phase, namely the attention relationship establishing phase, is carried out. In the process, the tool of the elliptic curve encryption algorithm is mainly used, and compared with the tool of RSA blind signature and the like, the tool greatly improves the algorithm efficiency, can effectively improve the use effect of the patent, and expands the application range of the invention. The specific process of this stage is:
s201: the vermicelli Alice sends some kinds of blog articles expected to pay attention to the blogger Bob to the microblog service platform (assuming that tag is set to { tag ═ by TAGS ═ tag ═ ofiI-1, 2, …, N, where N denotes the number of tags). Specifically, vermicelli Alice selects a random number r and calculates μi=F(H(tagi) R, i ═ 1,2, …, N, where H (×) is the hash function and F (×) is the function that encodes the data to a point on the elliptic curve. Then, Alice sends an attention request message in the format of (Alice, Bob, U) to the microblog service platform, where U ═ μ ═i,i=1,2,…,N}。
S202: the microblog service platform stores the attention request message (Alice, Bob, U). And after the blogger Bob comes online, the microblog service platform forwards the request message (Alice, Bob, U) to the blogger Bob.
S203: the doctor Bob carries out qualification examination on the vermicelli Alice, and if the doctor Bob agrees to pay attention to the vermicelli Alice, blind signature information mu is calculatedi′=xμiI 1,2, …, N, and will format the request as (Alice, Bob, U')Sending a response message to the microblog service platform, wherein U ═ mui′,i=1,2,…,N}。
S204: and the microblog service platform stores the request response message (Alice, Bob, U '), and forwards the request response message (Alice, Bob, U') to the vermicelli Alice after the vermicelli Alice goes online.
S205: after the vermicelli Alice obtains the request response message (Alice, Bob, U'), it calculates:i=r-1μi' (mod q) and signed hash value ti=H2(i) Then, the vermicelli Alice stores the message (Bob, TAGS, Δ, T), wherein TAGS ═ tagi,i=1,2,…,N},Δ={i,i= 1,2,…,N},T={ti,i=1,2,…,N},tagiiAnd tiHaving a one-to-one correspondence relationship, and simultaneously sending a confirmation attention message (Alice, Bob, T) to the microblog service platform, wherein H2And (×) is another hash function different from H (×). The hash function referred to in the present invention may be any effective hash function.
S206: the microblog service platform stores confirmation attention messages (Alice, Bob, T) for later blind matching.
Therefore, the vermicelli Alice and the doctor Bob establish an attention relationship.
On the basis of establishing the concern relationship, issuing the blog article, which comprises the following specific processes:
s301: the blog text that Bob of the record blogger needs to release is infop,(infopAccess address containing information stream), using tagiThe representation describes the ith of the microblog's tags. Before the message is issued, the bos Bob preferably selects a random number key as a key for AES encryption, and encrypts the message plaintext by using an AES encryption algorithm to obtain ciphertext infoe
infoe=AESEnckey(infop)(1)
S302: first, the blogger Bob performs the following calculations:
Figure BDA0001507388860000111
Figure BDA0001507388860000112
Figure BDA0001507388860000118
Figure BDA0001507388860000113
wherein H1Is different from H2(ii) another hash function of (x),
AESEnckey(-) denotes the AES encryption algorithm with key as key,
Figure BDA0001507388860000114
is shown in
Figure BDA0001507388860000115
Is an AES encryption algorithm for the key and,
then, the blogger Bob sends a message (info) to the microblog service platforme,KEYS,T*). Wherein KEYS ═ { enckey ═i,i=1,2,…,N},
Figure BDA0001507388860000116
Wherein encKeyiAnd
Figure BDA0001507388860000117
is in a one-to-one correspondence.
S303: information (info) received by microblog service platforme,KEYS,T*) Then, first, the information (info) is storede,KEYS,T*) Comparing with the record in the (A, B, T) format stored in the attention relationship establishment stage, such as (Alice, Bob, T), if the following conditions are met:
Figure BDA0001507388860000119
then the vermicelli Alice pays attention to the issue of the blogger BobThe microblog is distributed, the matching is successful, and the microblog service platform transmits a message (info)e,encKeyi,Bob,ti) Forwarded to Alice, wherein encKeyiIs and tiHave a corresponding relationship.
In this embodiment, the pseudo code of the blog issuing process is described as follows:
Figure BDA0001507388860000121
on the basis of information release, the receiving and decoding of the blog messages are carried out, and the specific process is as follows:
s401: vermicelli Alice receives the message (info)e,encKeyi,Bob,ti) Find T in local store corresponding to (Bob, T)iAndithe AES encryption key is recovered by the following calculation:
ki=H1(i)(7)
Figure BDA0001507388860000122
if the unauthorized user acquires the message due to the error or network attack in the system execution process, the fan is not associated with (Bob, t)i) Corresponding toiTherefore, k cannot be calculatediAnd decrypt the key, so the fan cannot decrypt the message plaintext correctly, and the content of the blog cannot be decoded and read.
S402: according to the obtained key, ciphertext info is decrypted by an AES decryption algorithm by adopting the formula (9)eDecrypting to obtain the plaintext info of the Bowenp
infop=AESDeckey(infoe)(9)
Therefore, the vermicelli correctly receives and decodes the blog information and obtains the blog plaintext infop
In this embodiment, the pseudo code for bosom reception and decoding is described as follows:
Figure BDA0001507388860000131
the blogger may withdraw the fans of interest for arrearage reasons and the like. Specifically, a method of changing the key is adopted, the process is similar to the process of reestablishing the concern relationship, but the process is transparent to the fans, and all calculation is mainly completed by the microblog service platform. In the whole process, the microblog service platform cannot obtain any information related to the tag and the old key. The flow of the key exchange process is shown in fig. 2, and the specific steps are as follows:
s501: the Bob generates and stores a new random ID x', and then calculates c ═ x-1x′(mod n)。
S502: and the blogger Bob sends a key replacing request to the microblog service platform. Assume that Bob requires a contract with the following user:
S=<(User1,T1),(User2,T2),…,(Userm,Tm)>(10)
the blogger Bob sends a message (Bob, c, S) to the microblog service platform.
S503: the microblog service platform saves the message (Bob, c, subscribe) and waits for the user in the subscribe to go online.
S504: if Alice meets the requirement of renewal, namely (Alice, T) belongs to the SUBSCRIBERS, the next time Alice gets online, the Alice receives a message that the microblog service platform requires the renewal of the Alice. At this time, Alice needs to select a new random number r#And calculate
Figure BDA0001507388860000132
Will calculate the result
Figure BDA0001507388860000133
Figure BDA0001507388860000134
And sending the information to a microblog service platform.
S505: the microblog service platform receives U#Post-calculation
Figure BDA0001507388860000141
And will be
Figure BDA0001507388860000142
Figure BDA0001507388860000143
Sending back the powder wire Alice.
S506: vermicelli Alice obtains U#′After that, calculate:
Figure BDA0001507388860000144
and
Figure BDA0001507388860000145
then vermicelli Alice updates the local storage as (Bob, TAGS, Δ)#,T#) And sending T to the microblog service platform#
S507: microblog service platform stores messages (Alice, Bob, T)#) And finishing the key replacing process.
In the embodiment, the privacy exchange algorithm based on the elliptic curve and the AES symmetric key encryption algorithm are utilized to solve the problem that the blogger Bob completes authorization without knowing specific information of interest of the user, the microblog service platform performs correct blind matching and data forwarding without knowing any information of interest, and the user can correctly receive and acquire information without revealing any privacy.
The above-mentioned embodiments are intended to illustrate the technical solutions and advantages of the present invention, and it should be understood that the above-mentioned embodiments are only the most preferred embodiments of the present invention, and are not intended to limit the present invention, and any modifications, additions, equivalents, etc. made within the scope of the principles of the present invention should be included in the scope of the present invention.

Claims (1)

1. A privacy protection method supporting multi-label and user update in a microblog system comprises a blogger, fans and a microblog service platform in communication connection with both the blogger and the fans, wherein the blogger and the fans are respectively registered in the microblog service platform, and the method is characterized by further comprising the following steps:
the microblog service platform initializes the system, selects an elliptic curve as the basis of an elliptic curve key exchange algorithm in the whole system, and publishes a parameter T of the selected elliptic curve as (q, a, b, G, n, h);
the blogger and the fan establish the attention relationship of the blogger and the fan by using an elliptic curve key exchange algorithm, and the method comprises the following steps:
(a1) the fan sends an attention request message containing encrypted information U to the microblog service platform for storage, wherein the encrypted information U is { mu ═ mu }i,i=1,2,…,N},μi=F(H(tagi) R, where r is a random number generated by vermicelli, tagiLabeling Bowen type, H () is a hash function, F () is a function that encodes data to a point on an elliptic curve;
(b1) after the blogger is online, the microblog service platform forwards the attention request message to the blogger;
(c1) after the owner passes the qualification verification of the vermicelli, blind signature is carried out on the encrypted information U to generate blind signature information U '({ mu'i,i=1,2,…,N},μ′i=xμiAnd returning a request response message containing the blind signature information U' to the microblog service platform for storage, wherein x is a random number generated by the blogger;
the approval of the doctor for the qualification of the vermicelli comprises the following steps:
if the vermicelli pays corresponding fees, the vermicelli qualification is approved; or the like, or, alternatively,
if the vermicelli meets the auditing conditions customized by the blogger, the vermicelli qualification auditing is passed;
(d1) the fan receives the request response message forwarded by the microblog service platform), performs blind removal operation on the blind signature information U', obtains a signature hash value T, stores the message containing the blogger, the TAGS, the delta and the T, and sends a confirmation attention message containing the signature hash value T to the microblog service platform for storage, so far, the establishment of the attention relationship is completed;
wherein, TAGS={tagi,i=1,2,…,N},Δ={i,i=1,2,…,N},T={ti,i=1,2,…,N},tagiiAnd tiHave a one-to-one correspondence;
the performing a busy removing operation on the blind signature information to obtain a signature hash value T includes:
computing signaturesi=r-1μ′i(mod q),μ′i(mod q) is a modulo operation;
computing a signed hash value ti=H2(i),H2() is a hash function;
based on the concern relationship, after the microblog service platform is successfully audited, the fan obtains the information issued by the blogger, and the information comprises the following steps:
(a2) the blogger release contains blog infoeKEYS, signed Hash value T*To the microblog service platform;
(b2) the microblog service platform compares the records in the (A, B, T) format stored in the attention relationship establishing stage, and judges that the records meet the conditions
Figure FDA0002605421290000021
Then, send the packet containing infoe,encKeyiBo Zhu, tiTo the vermicelli, wherein encKeyiIs and tiHave a corresponding relationship;
(c2) the powder silk pair receives the powder silk containing infoe,encKeyiBo Zhu, tiDecoding the message to obtain the blog;
the blog infoeKEYS, signed Hash value T*Obtained by the following method:
infoe=AESEnckey(infop)
Figure FDA0002605421290000022
Figure FDA0002605421290000023
Figure FDA0002605421290000031
Figure FDA0002605421290000032
KEYS={enckeyi,i=1,2,…,N}
Figure FDA0002605421290000033
wherein, infopIn Bowen, H (. X.), H2(*)、H1(. one) are hash functions different from each other, AESEnckey(-) denotes the AES encryption algorithm with key as key,
Figure FDA0002605421290000034
is shown in
Figure FDA0002605421290000035
For the AES encryption algorithm of the key, encKeyiThe ith encrypted key;
the pair of received include infoe,encKeyiBo Zhu, tiDecoding the message to obtain the blog comprises:
and recovering the AES encryption key:
ki=H1(i)
Figure FDA0002605421290000036
wherein the content of the first and second substances,
Figure FDA0002605421290000037
representing passage of a key kiCarrying out AES decryption operation;
decryption by AES according to the obtained keyAlgorithm for obtaining blog infop
infop=AESDeckey(infoe)
Wherein, AESDeckey(-) represents AES decryption operation by key;
the microblog service platform reestablishes the concern relationship between the blogger and the fan by using an elliptic curve key exchange algorithm based on the new signature sent by the blogger, and the method comprises the following steps:
(a3) the blogger generates and stores a new random number x', and calculates a new signature c ═ x-1x' (mod n), and sending a rekey request message containing the new signature c and the continuation fan S to the microblog service platform, wherein S is<(User1,T1),(User2,T2),…,(Userm,Tm)>,UsermDenotes the m-th vermicelli, TmRepresent and UsermA corresponding signature hash value;
(b3) after the fans waiting for appointment making are on line, the microblog service platform sends a message requiring appointment making to the fans waiting for appointment making;
(c3) the continuous vermicelli generates a new random number r#Calculating
Figure FDA0002605421290000041
And sends the encrypted information
Figure FDA0002605421290000046
Accessing the microblog service platform;
(d3) encryption information U received by the microblog service platform#Computing
Figure FDA0002605421290000042
And will blind sign information
Figure FDA0002605421290000044
Returning to the continuous vermicelli;
(e3) the renewal fan is based on the received U#′Computing
Figure FDA0002605421290000043
And
Figure FDA0002605421290000045
then updates the table containing the blogger, TAGS, Delta#,T#And sends the hash value T#And storing the information to the microblog service platform to finish reestablishing the attention relationship between the bloggers and the fans.
CN201711335877.6A 2017-12-14 2017-12-14 Privacy protection method supporting multi-label and user updating in microblog system Active CN108055194B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711335877.6A CN108055194B (en) 2017-12-14 2017-12-14 Privacy protection method supporting multi-label and user updating in microblog system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711335877.6A CN108055194B (en) 2017-12-14 2017-12-14 Privacy protection method supporting multi-label and user updating in microblog system

Publications (2)

Publication Number Publication Date
CN108055194A CN108055194A (en) 2018-05-18
CN108055194B true CN108055194B (en) 2020-10-30

Family

ID=62132250

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711335877.6A Active CN108055194B (en) 2017-12-14 2017-12-14 Privacy protection method supporting multi-label and user updating in microblog system

Country Status (1)

Country Link
CN (1) CN108055194B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109583229B (en) * 2018-10-30 2021-05-11 中国科学院信息工程研究所 Privacy information tracing and evidence obtaining method, device and system

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107360450A (en) * 2017-08-15 2017-11-17 浙江工商大学 A kind of kindergarten education net cast platform for protecting privacy of user

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9064102B2 (en) * 2007-09-11 2015-06-23 Google Technology Holdings LLC Method, system and device for secured access to protected digital material

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107360450A (en) * 2017-08-15 2017-11-17 浙江工商大学 A kind of kindergarten education net cast platform for protecting privacy of user

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
视频直播平台中的用户隐私保护研究;赵威;《浙江工商大学硕士学位论文》;20170615;第3.2、3.2.1-3.2.3、4.1节,附图4-1、5-7 *

Also Published As

Publication number Publication date
CN108055194A (en) 2018-05-18

Similar Documents

Publication Publication Date Title
Yu et al. Enabling attribute revocation for fine-grained access control in blockchain-IoT systems
Li et al. Efficient and privacy-preserving carpooling using blockchain-assisted vehicular fog computing
EP3742696B1 (en) Identity management method, equipment, communication network, and storage medium
TWI701929B (en) Cryptographic calculation, method for creating working key, cryptographic service platform and equipment
CN101605137B (en) Safe distribution file system
EP2095288B1 (en) Method for the secure storing of program state data in an electronic device
US20150082024A1 (en) Technologies for synchronizing and restoring reference templates
EP3662403B1 (en) Private data processing
CN109729041B (en) Method and device for issuing and acquiring encrypted content
CN104917787B (en) File security sharing method based on group key and system
CN107708112A (en) A kind of encryption method suitable for MQTT SN agreements
WO2015060157A1 (en) Attribute information providing method, and attribute information providing system
CN106537432A (en) Method and device for securing access to wallets in which cryptocurrencies are stored
CN107046687A (en) The secure connection of low-power equipment
CN107113286A (en) The roaming content erasing operation of striding equipment
CN101005357A (en) Method and system for updating certification key
CN106790037A (en) The instant communication method and system of a kind of User space encryption
CN104365127B (en) Method for following the trail of mobile device in remote display unit
CN109347625A (en) Crypto-operation, method, cryptographic service platform and the equipment for creating working key
JP6072806B2 (en) Group secret management by group members
US11677543B2 (en) Key exchange method and key exchange system
CN110557248B (en) Secret key updating method and system based on signcryption of certificateless cryptography
Yang et al. Protocol for ownership transfer across authorities: with the ability to assign transfer target
JP2007201522A (en) Encryption communication system, key sharing method, key providing apparatus, and information processing apparatus
CN107959725B (en) Data interaction method considering privacy of both issuing and subscribing parties based on elliptic curve

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant