CN111491294A - Switching-based privacy protection delay tolerant network routing method - Google Patents

Switching-based privacy protection delay tolerant network routing method Download PDF

Info

Publication number
CN111491294A
CN111491294A CN202010265619.0A CN202010265619A CN111491294A CN 111491294 A CN111491294 A CN 111491294A CN 202010265619 A CN202010265619 A CN 202010265619A CN 111491294 A CN111491294 A CN 111491294A
Authority
CN
China
Prior art keywords
node
information
exchange
message
encounter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010265619.0A
Other languages
Chinese (zh)
Other versions
CN111491294B (en
Inventor
蒋庆丰
钱振江
邓琨
李盛庆
毕安琪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Changshu Institute of Technology
Original Assignee
Changshu Institute of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Changshu Institute of Technology filed Critical Changshu Institute of Technology
Priority to CN202010265619.0A priority Critical patent/CN111491294B/en
Publication of CN111491294A publication Critical patent/CN111491294A/en
Application granted granted Critical
Publication of CN111491294B publication Critical patent/CN111491294B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0433Key management protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/02Communication route or path selection, e.g. power-based or shortest path routing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a privacy protection delay tolerant network routing method based on exchange, which can be used for obtaining meeting information and calculating a real utility value to forward messages while protecting privacy information by nodes. The invention discloses a privacy protection delay tolerant network routing method, which comprises the following steps: (10) system setting: the trusted authority issues system parameters, the mobile node registers, and the trusted authority carries out information digital signature and node communication signature; (20) node encounter record information generation: the transmission node meets the non-transmission node to generate node meeting record and abstract; signing the abstract information; (30) non-transfer node encounter record information exchange: non-transmission nodes meet to exchange meeting record information; (40) exchange encounter record information distribution: merging, deleting and adding exchange encounter records of the encounter nodes; (50) calculating a routing efficiency value: the transmission node calculates a real utility value; (60) message routing and forwarding: and message forwarding is carried out between the nodes.

Description

Switching-based privacy protection delay tolerant network routing method
Technical Field
The invention belongs to the technical field of network security, and particularly relates to a privacy protection delay tolerant network routing method based on exchange.
Background
The end-to-end communication of the traditional Internet wired network and manet (mobile Ad Hoc network) mobile network is assumed under the premise of network connectivity, and the end-to-end communication cannot be communicated under the network environment that long time delay and intermittent connection exist in a link. In order to effectively transfer data in the presence of intermittent connections in the network, researchers have proposed a new network architecture, namely, delay Tolerant network dtns (delay Tolerant networks). The DTNs are widely applied to the fields of mobile social networks, vehicle-mounted networks, disaster relief, environmental monitoring, military strategies and the like.
The method includes that for effective DTNs data transfer, relevant students already propose some routing and distribution protocols, a common routing protocol in DTNs is a routing protocol based on a utility value, when meeting between nodes in the protocol, a routing utility value is calculated through meeting information, then message forwarding is carried out according to a utility value, but Privacy information such as meeting times, time, location, trajectory and the like is leaked in routing if real identity communication is adopted, Privacy information such as identity, routing utility value and the like is protected, Kate A of the university of sliding iron Canada and the like propose a first DTNs anonymous communication solution which proposes a DTNs security framework and guarantees effective security communication through an identity-based encryption method (see documents of Kate A, Zaveragenetcom G, where the Privacy network U, anonymity and security information in Privacy relay networks [ C ]. C of Privacy of EEm, Nippliernet, 504: 513. C ] and Privacy information protection, Privacy, protection, Privacy, protection, Privacy, and Privacy, etc. are carried out by a communication, and Privacy protection, a communication network, a communication protection, a communication network, a communication protection, a Privacy protection, a communication network, a Privacy protection, a communication network, a Privacy protection, a communication network, a Privacy protection, a communication network, a Privacy protection, a communication network, a Privacy protection, a communication network, a Privacy protection, a communication network.
In summary, the problems of the prior art are as follows: the privacy protection routing method aiming at the DTNs based on the utility value cannot obtain node encounter information and calculate the real utility value while protecting the node privacy information.
Disclosure of Invention
The invention aims to provide a privacy protection delay tolerant network routing method based on exchange, so that nodes can obtain meeting information and calculate a real utility value to forward messages while protecting privacy information.
The technical solution for realizing the purpose of the invention is as follows:
a privacy protection delay tolerant network routing method based on exchange comprises the following steps:
(10) system setting: the trusted authority issues system parameters, the mobile node registers, and the trusted authority carries out information digital signature and node communication signature;
(20) node encounter record information generation: the transmission node and the non-transmission node meet each other to generate a node meeting record containing information such as a record serial number, a pseudo-random identifier, meeting time and the like; generating an encounter record abstract through a hash function; respectively signing the summary information through a private key of the user;
(30) non-transfer node encounter record information exchange: non-transmission nodes meet, and meeting record information exchange is carried out according to the real utility value of each node and the transmission node and the utility value after the meeting record is exchanged;
(40) exchange encounter record information distribution: setting an information confirmation set by the encountering node, merging the information confirmation set, deleting the confirmed exchange encountering records, and adding the exchange encountering records which are existed in the node of the opposite side and are not existed in the node of the opposite side;
(50) calculating a routing efficiency value: when the non-transmission node exchanges the encounter record information and is sent to the transmission node, the transmission node decrypts the encounter record information through the shared secret key of the non-transmission node to obtain the exchanged non-transmission node identifier, and the exchanged non-transmission node identifier and the real utility value of the exchanged non-transmission node identifier are calculated;
(60) message routing and forwarding: and the non-transmission node sends the message, presents the real identification certificate and sends the message between the transmission node and the non-transmission node, and when the transmission nodes meet, the message is forwarded to the node with a large utility value. Compared with the prior art, the invention has the following remarkable advantages:
in the method, the encounter record information is exchanged when the non-transmission nodes meet, and the exchanged encounter record information is sent to the transmission node when the non-transmission nodes meet the transmission node, so that the transmission node calculates the real utility value of the non-transmission nodes and protects the real identification privacy information of the non-transmission nodes.
The utility value calculation of the mobile node can be directly carried out without depending on any credible third party in the protocol, and the protocol is suitable for DTNs with long time delay and frequent link interruption.
The invention is described in further detail below with reference to the figures and the detailed description.
Drawings
FIG. 1 is a main flow diagram of the switching-based privacy preserving delay tolerant network routing method of the present invention.
Fig. 2 is a flow chart of the system setup steps of fig. 1.
Fig. 3 is a system network model diagram.
FIG. 4 is an exemplary graph of encounter records.
Fig. 5 is a flowchart of the non-transit node encounter record information exchange step of fig. 1.
FIG. 6 is a schematic diagram of an encounter record exchange process.
FIG. 7 is a diagram of exchanged encounter records.
Fig. 8 is a flowchart of the exchange encounter record information distribution step in fig. 1.
Fig. 9 is a flowchart of the message route forwarding step in fig. 1.
Detailed Description
As shown in fig. 1, the switching-based privacy protection delay tolerant network routing method of the present invention includes the following steps:
(10) system setting: the trusted authority issues system parameters, the mobile node registers, and the trusted authority carries out information digital signature and node communication signature;
as shown in fig. 2, the (10) system setting step includes:
(11) releasing system parameters: the trusted authority adopts a symmetric encryption algorithm comprising a bilinear mapping technology and AES and a hash function issuing system parameter;
(12) mobile node registration: when the mobile node registers to the system, the trusted authority signs the real identifier of the mobile node through the master key to serve as the identity certificate of the mobile node, and meanwhile, a pseudo-random identifier set of the non-transfer node is generated; each pseudo-random identifier is generated by a random number, a symmetric encryption algorithm and a master key;
(13) information digital signature: based on the identification and the node public key, the trusted authority generates a node private key through a master key and a hash function so as to digitally sign information;
(14) and (3) node communication signature: when the non-transfer node and the transfer node communicate, a new pseudo-random identifier is adopted periodically to carry out node communication and information signature.
The network model of the DTNs system shown in fig. 3 includes a trusted authority ta (trust authority), a fixed network, and a mobile node 3. The TA has rich system resources and is trusted, and is responsible for issuing public and private key certificates for each mobile node as a certificate authority to generate a node pseudo-random identifier. The fixed network comprises a wired Internet and a wireless access point AP and is responsible for connecting the TA and the mobile node. Mobile node N1~N8The representative carries the mobile device with high-speed short-distance wireless communication functions such as WIFI and Bluetooth.
The mobile node obtains the key and the node identification from the TA through the fixed network. The nodes being divided into message passing nodes NTAnd a non-passing node N. The non-transfer node generates a message and sends the message to the transfer node, and the transfer node transfers the message to the non-transfer destination node. The passing node is assumed to use a real identifier, the identifier of the passing node is public, the non-passing node adopts a pseudo-random identifier, the information such as the real identifier, the position and the like of the non-passing node is secret, and privacy protection is needed.
TA first generates bilinear parameters from the security parameter k by using a bilinear mapping technique (q,P,G1,G2,ê),G1,G2Group of order q, P is the anagen, e: g1×G1→G2For non-degenerate, efficiently computable bilinear mapping, and then selecting a random number s ∈ Z* qAs master key, PpubsP is a public key; finally, selecting AES (advanced encryption Standard) equal symmetric encryption algorithm Enc () and Hash function H1:{0,1}*→G1*,H2:G2→{0,1}nPublishing system parameters (q, G)1,G2,P,Ppub,ê,n,H1,H2And Enc ()), n is the length of the message to be encrypted.
When passing through the node
Figure BDA0002439954210000041
When registering to the system, TA signs the ID through the main key s to generate certificate as the ID, and at the same time, through the main key s and the hash function H1Generating a public key corresponding to the identifier
Figure BDA0002439954210000042
And a private key for digitally signing information
Figure BDA0002439954210000043
When the node N is not transmittingjWhen registering to the system, TA signs its true identification through the master key s, generates a certificate as its identification, and simultaneously generates NjPseudo-random identification set of
Figure BDA0002439954210000044
Each pseudo-random identification Pidj=Encs(NjR) is represented by a random number r and a node real identifier NjA symmetric encryption algorithm Enc () and a master key s. TA passes both the master key s and the hash function H1Generating a pseudo-random identity PidjCorresponding public key H1(Pidj) And a private key SK for digitally signing informationj=sH1(Pidj). Periodic acquisition while the mobile node is in communication with the TAAnd carrying out node communication and information signature by using the new pseudo-random identifier so as to hide the true identifier of the node.
(20) Node encounter record information generation: the transmission node and the non-transmission node meet each other to generate a node meeting record containing information such as a record serial number, a pseudo-random identifier, meeting time and the like; generating an encounter record abstract through a hash function; respectively signing the summary information through a private key of the user;
suppose a passing node
Figure BDA0002439954210000051
And a non-transfer node NjMeet, NjGenerating and connecting nodes by pseudo-random identification and private key
Figure BDA0002439954210000052
Session key of
Figure BDA0002439954210000053
Key through sessionijEncrypting the information to ensure information confidentiality, and generating the encounter record information ER as shown in FIG. 4ijWherein: seq is a record sequence number generated by each transfer node, and each sequence number in the system is a unique positive integer which cannot be repeated; pidjPseudo-random identification of nodes generated by an identification anonymization technique;
Figure BDA00024399542100000523
… is a node
Figure BDA0002439954210000054
And NjThe time of each encounter (other information such as encounter position may be included as necessary);
Figure BDA0002439954210000055
SigPidjare respectively nodes
Figure BDA0002439954210000056
And NjThe digital signature of (1). Signature is carried out on the summary information through a private key of the user to ensure the integrity of the information。
(30) Non-transfer node encounter record information exchange: non-transmission nodes meet, and meeting record information exchange is carried out according to the real utility value of each node and the transmission node and the utility value after the meeting record is exchanged;
if the non-transfer node directly informs the transfer node of the real identification, the transfer node can obtain the meeting time, the meeting position and other privacy information between the transfer node and the non-transfer node according to the meeting record information. In order to protect the real identification, the approximate meeting information of the same transfer node is exchanged when meeting between the non-transfer nodes.
As shown in fig. 5, the (30) non-transfer node encounter record information exchanging step includes:
(31) the non-transfer node calculates: n is a radical ofjSeparate compute and transfer node
Figure BDA0002439954210000057
True utility value of
Figure BDA0002439954210000058
And NkExchanging utility values after encounter records
Figure BDA0002439954210000059
NkSeparate compute and transfer node
Figure BDA00024399542100000510
True utility value of
Figure BDA00024399542100000511
And NjExchanging utility values after encounter records
Figure BDA00024399542100000512
(32) Non-transfer node information exchange: if it is not
Figure BDA00024399542100000513
And
Figure BDA00024399542100000514
if the error ranges are smaller than the error range specified according to the requirement, the encounter record information is exchanged, and the exchanged encounter record information containing the real identification of the exchange node is generated.
Transfer node
Figure BDA00024399542100000515
And a non-transfer node NjAt t1The time points of the two-dimensional images meet each other,
Figure BDA00024399542100000516
and a non-transfer node NkAt t2Meet at a moment. The working principle is shown in fig. 6.
NjSeparate compute and transfer node
Figure BDA00024399542100000517
True utility value of
Figure BDA00024399542100000518
And NkExchanging utility values after encounter records
Figure BDA00024399542100000519
NkSeparate compute and transfer node
Figure BDA00024399542100000520
True utility value of
Figure BDA00024399542100000521
And NjExchanging utility values after encounter records
Figure BDA00024399542100000522
If it is not
Figure BDA0002439954210000061
And if the error range is specified according to needs, executing the step 2) to exchange the meeting record information, otherwise, not exchanging.
Node NkIdentify the true NkIs sent to Nj,NjBy and
Figure BDA0002439954210000062
key shared between themijEncryption node identification NkAnd other encounter record information except the record serial number to ensure information confidentiality, then signing to ensure information integrity certification, and finally generating two exchange encounter record information ER 'shown in figure 7'ijOne reserved for itself and one sent to Nk。NjSending self information to NkAnd generates encounter record information ER'ikThe procedure is the same as above.
(40) Exchange encounter record information distribution: setting an information confirmation set by the encountering node, merging the information confirmation set, deleting the confirmed exchange encountering records, and adding the exchange encountering records which are existed in the node of the opposite side and are not existed in the node of the opposite side;
in order to reduce the repeated distribution of the encounter record information, each node is provided with an information confirmation set for storing the exchange encounter record information sequence number received by the transfer node.
As shown in fig. 8, the (40) exchanging encounter record information distributing step includes:
(41) information confirmation set setting: each node is provided with an information confirmation set used for storing the exchange encounter record information sequence number received by the transfer node;
(42) and (3) information confirmation set merging: when two nodes meet, carrying out parallel operation on the self information confirmation set and the confirmation set of the node of the other side to obtain a new confirmation set;
(43) exchange encounter record deletion: according to the new information confirmation set, the node deletes the confirmed exchange meeting record in the record set;
(44) exchange encounter record addition: and adding the exchange encounter record information which is owned by the opposite node and not owned by the opposite node into the exchange encounter record set of the opposite node.
And when the two nodes meet, carrying out parallel operation on the self information confirmation set and the confirmation set of the node of the opposite side to obtain a new confirmation set. And according to the new information confirmation set, the node deletes the confirmed exchange meeting record in the record set. And adding the exchange encounter record information which is owned by the opposite node and not owned by the opposite node into the exchange encounter record set of the opposite node. Through the distribution of the exchanged encounter record information among the nodes, the encounter record information can quickly reach the transfer node, and therefore the routing efficiency value is calculated.
(50) Calculating a routing efficiency value: when the non-transmission node exchanges the encounter record information and is sent to the transmission node, the transmission node decrypts the encounter record information through the shared secret key of the non-transmission node to obtain the exchanged non-transmission node identifier, and the exchanged non-transmission node identifier and the real utility value of the exchanged non-transmission node identifier are calculated;
when N is presentkAnd NjThe exchanged record information is sent to the transfer node
Figure BDA0002439954210000065
When the temperature of the water is higher than the set temperature,
Figure BDA0002439954210000066
through with NjShared secret Key ofijCarry out decryption
Figure BDA0002439954210000067
Obtaining the meeting node identification Nk(the true identity is Nj). Since the session key is only provided
Figure BDA0002439954210000068
And NjIn common, and therefore based on the signed encounter record and the session key,
Figure BDA0002439954210000071
consider the identifier NkIs true, then the AND node N is calculatedkThe utility value of (c). In the same way, NjAnd NkExchanged information ER'ikIs sent to
Figure BDA0002439954210000072
When the temperature of the water is higher than the set temperature,
Figure BDA0002439954210000073
through with NkShared secret Key ofikCarry out decryption
Figure BDA0002439954210000074
Obtaining the meeting node identification Nj(the true identity is Nk). Based on the signed encounter record and the session key,
Figure BDA0002439954210000075
consider the identifier NjIs true, then the AND node N is calculatedjThe utility value of (c).
Decrypting the encounter record information to obtain the non-transfer node NjAfter identification, the node is transferred
Figure BDA0002439954210000076
The routing efficiency value is calculated according to the following equation.
Uij=Uij(old)+(1-Uij(old))×Uinit,0<Uinit≤1,0≤Uij≤1
In the formula of UijIs a node
Figure BDA0002439954210000077
And NjEfficiency value, U, after encounter updateij(old)To update the pre-efficiency value, UinitTo initialize the constants.
(60) Message routing and forwarding: and the non-transmission node sends the message, presents the real identification certificate and sends the message between the transmission node and the non-transmission node, and when the transmission nodes meet, the message is forwarded to the node with a large utility value.
As shown in fig. 9, the (60) message routing and forwarding step includes:
(61) message sending of non-transfer nodes: when the transfer node and the non-transfer node meet, the non-transfer node sends the message to the transfer node;
(62) presenting a true identification certificate of a non-transfer node: the non-transfer node checks the message set of the transfer node, and if finding that the target node is the message of the non-transfer node, the non-transfer node presents a real identification certificate signed by the TA master key;
(63) message sending of a transfer node: the transfer node determines the TA master key signature as a message destination node according to the true identifier of the TA master key signature, and sends the message to the non-transfer node;
(64) forwarding the large utility value node message: when two transfer nodes meet, the utility values are compared, and the message is forwarded to the node with the large utility value.
Preferably, in the step of forwarding (64) the node message with high utility value, the utility value is compared by using the problem of the fukung yao.
When a transitive node and a non-transitive node meet, the non-transitive node sends a message to the transitive node. And the non-transfer node checks the message set of the transfer node, and if finding that the destination node is the message of the non-transfer node, the non-transfer node presents the real identification certificate signed by the TA master key. And the transfer node determines that the transfer node is the destination node of the message according to the true identifier signed by the TA master key and sends the message to the non-transfer node.
In order to ensure the anonymity of the destination node of the message, a non-transfer node can select a friend node with close relationship to exchange a real identification certificate signed by a TA master key, firstly receives the message of the other party and then exchanges the message back.
When two transfer nodes meet, the utility values are compared, and the message is forwarded to the node with the large utility value. In order to ensure the privacy of the utility value, the utility value is compared by the problem of the radix tabani yao.
When two nodes meet, in order to realize the comparison of the sizes of the efficiency relations between the nodes without revealing the real efficiency of each other, the efficiency information protection problem is abstracted into the problem of the million of the Chinese Yao. The yao million Fuji problem is a Secure Multi-party computing SMC (Secure Multi-party computing) problem that enables multiple participants with private data to collaborate on computing using their private data without revealing their private data.

Claims (6)

1. A privacy protection delay tolerant network routing method based on exchange is characterized by comprising the following steps:
(10) system setting: the trusted authority issues system parameters, the mobile node registers, and the trusted authority carries out information digital signature and node communication signature;
(20) node encounter record information generation: the transmission node and the non-transmission node meet each other to generate a node meeting record containing information such as a record serial number, a pseudo-random identifier, meeting time and the like; generating an encounter record abstract through a hash function; respectively signing the summary information through a private key of the user;
(30) non-transfer node encounter record information exchange: non-transmission nodes meet, and meeting record information exchange is carried out according to the real utility value of each node and the transmission node and the utility value after the meeting record is exchanged;
(40) exchange encounter record information distribution: setting an information confirmation set by the encountering node, merging the information confirmation set, deleting the confirmed exchange encountering records, and adding the exchange encountering records which are existed in the node of the opposite side and are not existed in the node of the opposite side;
(50) calculating a routing efficiency value: when the non-transmission node exchanges the encounter record information and is sent to the transmission node, the transmission node decrypts the encounter record information through the shared secret key of the non-transmission node to obtain the exchanged non-transmission node identifier, and the exchanged non-transmission node identifier and the real utility value of the exchanged non-transmission node identifier are calculated;
(60) message routing and forwarding: and the non-transmission node sends the message, presents the real identification certificate and sends the message between the transmission node and the non-transmission node, and when the transmission nodes meet, the message is forwarded to the node with a large utility value.
2. The privacy-preserving delay-tolerant network routing method of claim 1, wherein the (10) system-setting step comprises:
(11) releasing system parameters: the trusted authority adopts a symmetric encryption algorithm comprising a bilinear mapping technology and AES and a hash function issuing system parameter;
(12) mobile node registration: when the mobile node registers to the system, the trusted authority signs the real identifier of the mobile node through the master key to serve as the identity certificate of the mobile node, and meanwhile, a pseudo-random identifier set of the non-transfer node is generated; each pseudo-random identifier is generated by a random number, a symmetric encryption algorithm and a master key;
(13) information digital signature: based on the identification and the node public key, the trusted authority generates a node private key through a master key and a hash function so as to digitally sign information;
(14) and (3) node communication signature: when the non-transfer node and the transfer node communicate, a new pseudo-random identifier is adopted periodically to carry out node communication and information signature.
3. The privacy-preserving delay-tolerant network routing method of claim 2, wherein the (30) non-transitive node encounter record information exchange step comprises:
(31) the non-transfer node calculates: n is a radical ofjSeparate compute and transfer node
Figure FDA0002439954200000021
True utility value of
Figure FDA0002439954200000022
And NkExchanging utility values after encounter records
Figure FDA0002439954200000023
NkSeparate compute and transfer node
Figure FDA0002439954200000024
True utility value of
Figure FDA0002439954200000025
And NjExchanging utility values after encounter records
Figure FDA0002439954200000026
(32) Non-transfer node information exchange: if it is not
Figure FDA0002439954200000027
And
Figure FDA0002439954200000028
if the error ranges are smaller than the error range specified according to the requirement, the encounter record information is exchanged, and the exchanged encounter record information containing the real identification of the exchange node is generated.
4. The privacy-preserving delay-tolerant network routing method of claim 3, wherein the exchange encounter record information distribution step (40) comprises:
(41) information confirmation set setting: each node is provided with an information confirmation set used for storing the exchange encounter record information sequence number received by the transfer node;
(42) and (3) information confirmation set merging: when two nodes meet, carrying out parallel operation on the self information confirmation set and the confirmation set of the node of the other side to obtain a new confirmation set;
(43) exchange encounter record deletion: according to the new information confirmation set, the node deletes the confirmed exchange meeting record in the record set;
(44) exchange encounter record addition: and adding the exchange encounter record information which is owned by the opposite node and not owned by the opposite node into the exchange encounter record set of the opposite node.
5. The privacy-preserving delay-tolerant network routing method of claim 4, wherein the message routing forwarding step (60) comprises:
(61) when the transmission node and the non-transmission node meet, the non-transmission node sends the message to the transmission node;
(62) presenting a true identification certificate of a non-transfer node: the non-transfer node checks the message set of the transfer node, and if finding that the target node is the message of the non-transfer node, the non-transfer node presents a real identification certificate signed by the TA master key;
(63) message sending of a transfer node: the transfer node determines the TA master key signature as a message destination node according to the true identifier of the TA master key signature, and sends the message to the non-transfer node;
(64) forwarding the large utility value node message: when two transfer nodes meet, the utility values are compared, and the message is forwarded to the node with the large utility value.
6. The privacy-preserving delay-tolerant network routing method of claim 5, wherein:
and in the step of forwarding the node message with the large utility value (64), utility value comparison is carried out through the problem of the Fuji of Yao.
CN202010265619.0A 2020-04-07 2020-04-07 Switching-based privacy protection delay tolerant network routing method Active CN111491294B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010265619.0A CN111491294B (en) 2020-04-07 2020-04-07 Switching-based privacy protection delay tolerant network routing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010265619.0A CN111491294B (en) 2020-04-07 2020-04-07 Switching-based privacy protection delay tolerant network routing method

Publications (2)

Publication Number Publication Date
CN111491294A true CN111491294A (en) 2020-08-04
CN111491294B CN111491294B (en) 2021-11-09

Family

ID=71813557

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010265619.0A Active CN111491294B (en) 2020-04-07 2020-04-07 Switching-based privacy protection delay tolerant network routing method

Country Status (1)

Country Link
CN (1) CN111491294B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116150445A (en) * 2023-04-04 2023-05-23 哈尔滨工业大学(深圳)(哈尔滨工业大学深圳科技创新研究院) Batch information query method, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102868602A (en) * 2012-10-12 2013-01-09 南京邮电大学 Improved routing method based on social correlation degree in delay tolerant network
CN103297343A (en) * 2013-05-17 2013-09-11 华中科技大学 Routing method based on delay tolerant network
CN104579957A (en) * 2014-12-04 2015-04-29 北京理工大学 Routing method of delay tolerant network based on degree of intimacy and time constraint forwarding
CN107770771A (en) * 2017-09-22 2018-03-06 哈尔滨工业大学深圳研究生院 The method for routing of secret protection is added in opportunistic network
US20180152824A1 (en) * 2015-05-07 2018-05-31 University Of Florida Research Foundation, Inc. Ad-hoc social network (ahsn) system, ahsn-enabled device, and methods of use
CN109743728A (en) * 2019-01-21 2019-05-10 常熟理工学院 A kind of mobile agency meeting network route method of secret protection

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102868602A (en) * 2012-10-12 2013-01-09 南京邮电大学 Improved routing method based on social correlation degree in delay tolerant network
CN103297343A (en) * 2013-05-17 2013-09-11 华中科技大学 Routing method based on delay tolerant network
CN104579957A (en) * 2014-12-04 2015-04-29 北京理工大学 Routing method of delay tolerant network based on degree of intimacy and time constraint forwarding
US20180152824A1 (en) * 2015-05-07 2018-05-31 University Of Florida Research Foundation, Inc. Ad-hoc social network (ahsn) system, ahsn-enabled device, and methods of use
CN107770771A (en) * 2017-09-22 2018-03-06 哈尔滨工业大学深圳研究生院 The method for routing of secret protection is added in opportunistic network
CN109743728A (en) * 2019-01-21 2019-05-10 常熟理工学院 A kind of mobile agency meeting network route method of secret protection

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116150445A (en) * 2023-04-04 2023-05-23 哈尔滨工业大学(深圳)(哈尔滨工业大学深圳科技创新研究院) Batch information query method, electronic equipment and storage medium
CN116150445B (en) * 2023-04-04 2023-07-21 哈尔滨工业大学(深圳)(哈尔滨工业大学深圳科技创新研究院) Batch information query method, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN111491294B (en) 2021-11-09

Similar Documents

Publication Publication Date Title
Deng et al. Threshold and identity-based key management and authentication for wireless ad hoc networks
Kong et al. Achieving privacy-preserving and verifiable data sharing in vehicular fog with blockchain
Kate et al. Anonymity and security in delay tolerant networks
US8050409B2 (en) Threshold and identity-based key management and authentication for wireless ad hoc networks
Tan et al. A secure and authenticated key management protocol (SA-KMP) for vehicular networks
Wan et al. USOR: An unobservable secure on-demand routing protocol for mobile ad hoc networks
Liu et al. Bua: A blockchain-based unlinkable authentication in vanets
CN103765810A (en) Secure group messaging
Zhong et al. Broadcast encryption scheme for V2I communication in VANETs
Rabieh et al. Efficient privacy-preserving chatting scheme with degree of interest verification for vehicular social networks
Lin et al. Flexible group key management and secure data transmission in mobile device communications using elliptic curve Diffie-Hellman cryptographic system
Zhang et al. Cerberus: Privacy-preserving computation in edge computing
Kumar et al. Blockchain-enabled secure communication for unmanned aerial vehicle (UAV) networks
Bakiras et al. Secure and anonymous communications over delay tolerant networks
Wei et al. A practical one-time file encryption protocol for iot devices
Wang et al. An anonymous data access scheme for VANET using pseudonym-based cryptography
CN109743728B (en) Privacy-protecting mobile social network routing method
CN111491294A (en) Switching-based privacy protection delay tolerant network routing method
Sun et al. Ridra: A rigorous decentralized randomized authentication in VANETs
Di et al. A novel identity-based mutual authentication scheme for vehicle ad hoc networks
Shi et al. Delegated key-policy attribute-based set intersection over outsourced encrypted data sets for CloudIoT
Li et al. An efficient privacy-preserving bidirectional friends matching scheme in mobile social networks
Wang et al. An improved lightweight identity authentication protocol for VANET
Boualam et al. Privacy Preservation Authentication Model for a Secure Infrastructure over Vehicular Communications.
Kanchan et al. EASPSC: Efficient authentication of SignRecryption protocol using shareable clouds in VANET groups

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant