基于密钥协商和身份匿名技术的社交发现隐私保护方案  被引量：3

作　　者：沈楠[1] 李瑞琪 贾春福 袁科[3] SHEN Nan;LI Ruiqi;JIA Chunfu;YUAN Ke(College of Artificial Intelligence,Tianjin Univ.of Sci.&Technol.,Tianjin 300457,China;College of Cybersecurity,Nankai Univ.,Tianjin 300350,China;School of Computer and Info.Eng.,Henan Univ.,Kaifeng 475004,China)

机构地区：[1]天津科技大学人工智能学院,天津300457 [2]南开大学网络空间安全学院,天津300350 [3]河南大学计算机与信息工程学院,河南开封475004

出　　处：《工程科学与技术》2019年第6期168-174,共7页Advanced Engineering Sciences

基　　金：国家重点研发计划(2018YFA0704703);国家自然科学基金项目(61672300;61702399;61802111;61972215;61972073);天津市自然科学基金项目(16JCYBJC15500;17JCZDJC30500);河南省高等学校重点科研项目基础研究计划(18A413004)

摘　　要：针对移动社交网络中用户进行属性匹配时,服务器与用户可能会搜集查询用户的属性信息,恶意的攻击者可能发起中间人攻击、重放攻击和伪造身份攻击等问题,提出一种基于密钥协商和身份匿名技术的社交发现隐私保护方案。在该方案中,身份通过系统认证的查询用户与响应用户,基于查询用户随机选定的不可逆哈希函数与随机数,生成各自的属性哈希值集;服务器负责计算所有响应用户与查询用户的属性匹配值,根据值的大小向查询用户推荐好友。系统合法用户查询匹配过程中以及建立好友关系之后的保密通信使用的私钥,基于迪菲–赫尔曼密钥协商技术,经由服务器保密传输公开参数而生成,但对服务器保密。安全分析表明,该方案能够防止系统用户隐私信息泄露,进而保障了其身份的匿名性。同时,基于jPBC密码算法库在MyEclipse平台上对方案进行仿真实现,实验结果表明,该方案在减轻用户计算与通信负担方面比同类方案更加有效。In order to solve the problems that servers and users may collect and query user’s attribute information,malicious attackers may launch man-in-the-middle attack,replay attack and forgery identity attack when attributes were matched by users in mobile social networks,a privacy protection scheme for social discovery based on key agreement and identity anonymity technology was proposed.In the scheme,the respective attribute hash sets of the query user and the response user whose identity were authenticated by the system were generated by irreversible hash functions and random numbers randomly selected by the query user.The server was responsible for calculating attribute matching values between all responding users and querying users,and recommending friends to querying users according to the size of the values.The Private keys used in the secure communication in the process of query matching and subsequent establishment of friendship by legal users of the system,were generated by secretly transferring public parameters through the server based on Diffie–Hellman key agreement technology,and confidential to the server.The security analysis demonstrated that the scheme could prevent the leakage of user’s privacy information and ensure the anonymity of user’s identity.At the same time,a simulation experiment was designed on MyEclipse platform based on the jPBC cryptographic algorithm library.Experimental results showed that compared with the similar schemes,the proposed scheme is more effective in reducing user’s computation and communication burden.

关 键 词：社交发现 密钥协商 身份匿名 双线性对 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]