G-Hordes:一种安全的匿名通信系统  被引量：1

作　　者：何高峰[1] 罗军舟[1] 

机构地区：[1]东南大学计算机科学与工程学院,南京210096

出　　处：《东南大学学报（自然科学版）》2009年第2期220-224,共5页Journal of Southeast University：Natural Science Edition

基　　金：江苏省自然科学基金资助项目(BK2007708);江苏省网络与信息安全重点实验室资助项目(BM2003201);计算机网络和信息集成教育部重点实验室资助项目(93K-9);科技部国际科技合作资助项目

摘　　要：在Hordes匿名通信系统的基础上,提出了一种新型安全的G-Hordes匿名通信系统.该系统由Guard Mixes与Hordes级联组成,其中Guard Mixes由Mix Cascade构成,可由可信第三方部署.用户选择部分Hordes节点作为洋葱报文目的地址集合,并在该集合中任选一节点作为Hordes起始转发节点,其余节点因不能正确解密而将接收到的报文丢弃.数据传输过程为:先发送报文给Guard Mixes,经Mix Cascade层层解密与混淆后传至正确转发节点,最后经Hordes转发到达接收者.分析表明,G-Hordes不仅能够有效抵抗前驱攻击,而且在整体上比Hordes和MixCascade更安全.此外,还对G-Hordes的网络延时进行了分析说明,指出可根据实际情况对MixCascade配置适当长度以达到系统性能与安全性之间的平衡.这为抵御前驱攻击及设计更加安全的匿名通信系统奠定了基础.G-Hordes, a novel safe anonymous communication system based on the Hordes anonymous communication system, is proposed. The G-Hordes is a cascade of the Guard Mixes and Hordes, and the former is composed of Mix cascades which may be deployed by trusted third parties. User chooses some Hordes nodes as the destination address set of the onion packet, and randomly picks up one node from the set to be the first forwarding node of Hordes. Other nodes discard the packet once received as it can not be correctly decrypted. The process of data transmission is as follows. Firstly packets are sent to the Guard Mixes. Then, they are transmitted to their correct forwarding nodes after decrypted layer by layer and mixed by Mix Cascade. Finally they are received by receivers through the Hordes＇ forward. The results show that the G-Hordes can resist the predecessor attack effectively, moreover it is safer than the Hordes and Mix cascade on the whole. In addition, the network latency of the G-Hordes is analyzed and the suitable Mix Cascade＇s length can be configured to obtain the balance of system performance and security based on practical applications. This work paves the way for the defense of the predecessor attack and the design of more secure anonymous communication systems.

关 键 词：匿名通信系统 G-Hordes 前驱攻击 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]