一种可隐藏敏感文档和发送者身份的区块链隐蔽通信模型  被引量：12

作　　者：佘维[1,2,3] 霍丽娟 刘炜 张志鸿[2,4] 宋轩 田钊 SHE Wei;HUO Li-juan;LIU Wei;ZHANG Zhi-hong;SONG Xuan;TIAN Zhao(School of Cyber Science and Engineering,Zhengzhou University,Zhengzhou,Henan 450000 China;Zhengzhou Key Laboratory of Blockchain and Data Intelligence,Zhengzhou,Henan 450000 China;Henan Collaborative Innovation Center for Internet Medical and Health Services,Zhengzhou University,Zhengzhou,Henan 450000,China;School of Information Engineering,Zhengzhou University,Zhengzhou Henan 450000 China)

机构地区：[1]郑州大学网络空间安全学院,河南郑州450000 [2]郑州市区块链与数据智能重点实验室,河南郑州450000 [3]河南省互联网医疗卫生服务协同创新中心,河南郑州450000 [4]郑州大学信息工程学院,河南郑州450000

出　　处：《电子学报》2022年第4期1002-1013,共12页Acta Electronica Sinica

基　　金：河南省高校科技创新人才支持计划(No.21HASTIT031);河南省重大公益专项(No.201300210300);河南省重点研发与推广专项(No.212102310039,212102310554);郑州大学教育教学改革研究与实践项目(No.2021ZZUJGLX168)。

摘　　要：目前,区块链隐蔽通信的研究主要是通过发起多笔交易来传输一条短消息,这一方式不仅不适用于敏感数据量大的情况,还可能存在有些交易没有被打包而造成秘密信息的丢失,而且传输过程没有隐藏发送方身份.部分区块链隐蔽通信的研究中使用的图像隐写术虽然具有嵌入率高这一优点,但是越来越难以抵御基于统计特征的检测分析.针对以上问题,本文提出一种可隐藏敏感文档和发送者身份的区块链隐蔽通信模型.首先发送方使用密文策略的属性基加密(Ciphertext-Policy Attribute-Based Encryption,CP-ABE)对敏感文档进行加密,得到加密文档后将其上传至星际文件系统(Inter Planetary File System,IPFS);然后发送方利用基于生成式对抗网络(Generative Adversarial Networks,GAN)的图像隐写术将加密文档的哈希值嵌入载体图像中,得到载密图像后将其上传至IPFS;接着发送方创建一笔含有载密图像的哈希值的交易,交易经环签名之后广播到区块链网络中进行验证打包上链;之后,接收方从交易中读取载密图像的哈希值并通过上述步骤的逆过程得到加密文档;最后接收方根据CP-ABE设置的访问控制策略解密加密文档得到敏感文档.实验结果表明,该模型在传输秘密信息量上从KB提升至MB,而且具有较高的隐蔽性和安全性.At present,the research of blockchain covert communication mainly transmits a short message by initiating multiple transactions.This method is not suitable for situations where there is a large amount of sensitive data.And there may be some transactions that are not packaged,resulting in loss of secret information.Meanwhile,the sender’s identity is not hidden during the transmission.Although the traditional image steganography used in some research has the advantage of high embedding rate,it is increasingly difficult to resist detection and analysis based on statistical features.To solve the above problems,this paper proposes a blockchain-based covert communication model for hiding sensitive documents and sender identity.First,the sender encrypts a sensitive document using cipertext-policy attribute-based encryption(CP-ABE),and then uploads the encrypted document to inter planetary file system(IPFS).Next,the sender embeds the hash value of the encrypted document into a cover-image employing the image steganography based on generative adversarial networks(GAN),and then uploads the stego-image to IPFS.After that,the sender creates a transaction containing the hash value of the stego-image and signs it using the ring signature,and then broadcasts the transaction to the blockchain network for verification and package into a block.Then the receiver reads the hash value of the stego-image from the transaction and obtains the encrypted document through the inverse process of the above steps.Finally,the receiver decrypts the encrypted document and obtains the sensitive document according to the access control policy set by CP-ABE.The experimental results show that the model can greatly improve the capacity of secret information from KB to MB during the transmission,and has high concealment and security.

关 键 词：区块链 隐蔽通信 基于生成式对抗网络的图像隐写术 环签名 密文策略的属性基加密 星际文件系统 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]