MuON: Epidemic based mutual anonymity in unstructured P2P networks

A mutual anonymity system enables communication between a client and a service provider without revealing their identities. In general, the anonymity guarantees made by the protocol are enhanced when a large number of participants are recruited into the anonymity system. Peer-to-peer (P2P) systems are able to attract a large number of nodes and hence are highly suitable for anonymity systems. However, the churn (changes in system membership) within P2P networks, poses a significant challenge for low-bandwidth reliable anonymous communication in these networks.This paper presents MuON, a protocol to achieve mutual anonymity in unstructured P2P networks. MuON leverages epidemic-style data dissemination to deal with churn. Simulation results and security analysis indicate that MuON provides mutual anonymity in networks with high churn, while maintaining predictable latencies, high reliability, and low communication overhead.     

一种新的P2P混合匿名通信系统

在分析现有匿名通信技术的基础上,本文针对匿名通信中的双向匿名问题,提出一种新的P2P混合匿名通信系统。该系统基于秘密共享思想,结合MIX和Crowds以及组播技术,实现匿名通信系统的发送者匿名、接收者匿名以及通信关系的隐藏。匿名通信系统内各节点可以是发送者、接收者和服务者三种角色,发送者基于秘密共享的思想,将信息加密分片,采用MIX和Crowds技术在多条链路上发送,在各链路最后一节点,通过组播技术发送到接收者所在的多播组。返回信息由接收者采用同样的方式走不同路径到达发送者所在的多播组。理论分析结果表明,该系统与多数匿名通信系统相比有较高的抗攻击性。     

一种可控路长的P2P匿名通信协议

P2P匿名通信系统带来了良好的可扩展性,然而要兼顾匿名和效率仍然是个难题。匿名技术在使用户获得良好匿名性能的同时,往往增加了通信延时及成员负载,牺牲了效率。在分析现有匿名通信技术的基础上,提出了一种新的可控路长的P2P匿名通信协议LCPACP（Length Controllable Protocol for P2P Anonymous Communication）。LCPACP采用嵌套加密来保证强匿名性,利用转发概率递减的策略来有效控制重路由路径长度,以取得高效率。理论分析与计算结果表明,新的协议能显著缩短路长,保证良好的传输性能,同时能提供良好的匿名保护。     

一种基于价格的P2P匿名通信系统激励机制

提出了一种基于价格的P2P匿名通信系统激励机制.通过对P2P系统和匿名通信系统研究中提出的激励机制进行归纳和分析,对搭便车用户给P2P匿名通信系统造成的影响进行定性和定量分析.提出在P2P匿名通信系统中通过对掩饰流量、中转流量和出口流量进行区别定价,建立流量价格体系,量化用户生产和消费的系统资源.引入价格机制一方面能够有效激励P2P匿名通信系统中用户提供流量中转和出口服务,从而提高整个P2P匿名通信系统的性能,另一方面也促使"搭便车"用户为系统提供掩饰流量,提高整个系统的匿名性,还能促使用户在申请匿名服务时根据自身需求申请适当的中转节点数,避免系统资源的不必要消耗.基于应用场景的用户策略分析证实了基于价格机制的P2P匿名通信系统激励机制的有效性.     

Mutual Anonymity for Mobile P2P Systems

Mobile peer-to-peer networks (MOPNETs) have become popular applications due to their ease of communication and resource sharing patterns in unfixed network infrastructures. As privacy and security are coming under increasing attention, many mobile and ad hoc network protocols attempt to provide mutual anonymity for users. Most existing anonymous designs, however, are path based, where the anonymous communications are achieved via a predetermined path. Such a design suffers from unreliable delivery and high processing overheads and is not practical. We propose a scalable secret-sharing-based mutual anonymity protocol, termed PUZZLE, which enables anonymous query issuance and file delivery for MOPNETs in ad hoc environments by employing Shamir's secret sharing scheme. We present the design of PUZZLE, analyze its degree of security and anonymity, and evaluate its performance by comprehensive trace-driven simulations. Experimental results show that compared with previous designs, PUZZLE achieves mutual anonymous communications with a lower cryptography processing overhead and higher degree of anonymity.     

网络匿名度量研究综述

保护网络空间隐私的愿望推动了匿名通信系统的研究,使得用户可以在使用互联网服务时隐藏身份和通信关系等敏感信息,不同的匿名通信系统提供不同强度的匿名保护,如何量化和比较这些系统提供的匿名程度从开始就是重要的研究主题,如今正得到更多关注,成为新的研究焦点,需要开展更多的研究和应用.匿名度量可以帮助用户了解匿名通信系统提供的保护级别,帮助开发者在设计和改进匿名通信系统时提供客观和科学的依据.给出了匿名度量研究的通用框架,包含匿名通信、匿名攻击和匿名度量三个部分及其相互关系.综述了匿名度量领域的研究工作,寻找其发展脉络和特点,按时间线回顾和归纳基于多种理论和方法的匿名度量标准,结合匿名通信攻击技术对典型的度量方法各自的特点和相互关系进行梳理和比较,介绍度量研究新的进展,展望研究的下一步方向和发展趋势.分析表明,匿名度量有助于判断匿名通信系统是否提供了所承诺的匿名性,用于表达匿名程度的度量标准越来越多样,基于信息论的度量方法应用最为广泛,随着Tor等匿名通信系统的大规模部署,出现了基于统计数据针对真实系统和基础设施进行的匿名性评估.随着匿名技术的新发展,如何扩展度量标准应用于新出现的匿名技术,如何组合度量标准以适用于新的匿名系统,都是有应用前景的研究方向.     

SACS:一种可扩展的匿名通信系统

匿名通信的主要目的是隐藏通信双方的身份或通信关系,从而实现网络用户的个人通信隐私及对涉密通信更好的保护.目前匿名系统的研究主要在于提高匿名性能,许多原型系统借助于多个代理的重路由技术、填充包技术和加密技术来达到匿名发送或匿名接收的目的.而当匿名系统真正要被应用于现实网络中时,系统管理方式和管理代价直接会影响到系统的可扩展性.目前的许多匿名原型系统采用集中式管理机制,不能承受大量用户的存在,因此都无法应用于大规模的网络环境中.本文基于Crowds系统,提出了一种新的匿名通信系统SACS的结构与协议描述,引入了分区域管理机制,实现了对系统内成员的分布式管理,有效地降低了匿名系统的管理开销,具有很好的可扩展性.概率分析与测试结果表明新的系统在减少系统的附加管理开销、支持良好扩展性的同时保持了与原Crowds系统相当的匿名性.     

基于P2P的匿名通信技术研究

随着P2P网络的发展和广泛使用,用户隐私安全的重视程度不断提高。现有的加密技术虽然可以保护通信中的数据内容,却不能很好地保护用户身份,因此在利用匿名技术的同时也要防止不法分子趁机散布非法信息。为了在P2P系统中实现匿名通信,提出了一种基于无环分组路由选择机制,即通过将网络地址切割、成员分组保护、组管理员统一管理来实现通信隐私和涉密通信。仿真实验表明,采用此机制的路由策略得到明显改善,且在保证通信效率的同时提高了用户的匿名性,从而使P2P网络得到更有效的实时保护。     

P2P-SIP网络通信安全方案

P2P和SIP融合技术已经普遍应用于多媒体通信中,它解决了传统的SIP网络单点失效的问题。但是由于现有的P2P-SIP缺少有效的认证方案,给其带来很多安全隐患。现有的P2P-SIP网络的认证方案大多采用节点的真实ID,不能满足其匿名性的特殊要求。针对这个问题,提出了一种基于Diffie-Hellman算法的节点匿名认证方案DHB,该方案初始化阶段使用代理ID分发中心PIAC产生节点的假名。认证阶段采用改进的Diffie-Hellman算法和节点共享信息进行身份认证,实现了P2P-SIP中节点间的匿名认证。理论和实验分析表明,DHB可以有效抵御中间人攻击和猜测攻击,是一种安全有效的节点匿名认证方案。     

P2P匿名通信系统的匿名度量

分析了P2P匿名通信系统模型及攻击模型,基于信息熵,针对共谋攻击,度量了几种典型的P2P匿名系统的接收者匿名度,分析了系统匿名性与系统规模N、恶意节点比例、路径长度及转发概率的关系。计算数据表明,嵌套加密使系统获得强匿名,接收者的匿名度随系统规模等的增大而增大,随恶意节点比例的增大而减小,受恶意节点比例及系统规模影响较大,受路径长度影响较小。     

移动P2P网络双向匿名通信机制设计

无线链路不稳定和恶意节点不合作等因素会影响移动P2P网络匿名机制的实现。为解决该问题,通过改进移动P2P网络结构,提出一种可以随网络状况自适应变化的NCS-Crowds匿名算法,综合运用假名映射和掩饰流等匿名技术,设计系统架构演进架构下的双向匿名通信机制。理论分析和仿真结果证明,该机制能够根据网络状况在转发成功率和开销代价之间取得较好的折中,实现双向匿名通信。     

移动互联网络动态匿名算法设计与分析

提出了一种匿名算法,通过在IP层动态变化源地址,实现匿名通信。该算法在发送报文时动态建立匿名链路,加密记录中间结点地址,形成一个源地址在最内层,最后一跳节点地址在最外层的洋葱地址数据。在报文应答时,按照发送时形成的洋葱地址数据逐跳回送应答报文。这样既有效保证了发送方匿名,又保证了源地址信息不丢失。分析表明,该算法动态隐藏源地址,匿名度高,带宽消耗低,加解密次数少,时延短,可以为移动互联网络提供优质的网络层匿名通信服务。     

Mutual anonymous overlay multicast

Multicast services are demanded by a variety of applications. Many applications require anonymity during their communication. However, there has been very little work on anonymous multicasting and such services are not available yet. Due to the fundamental differences between multicast and unicast, the solutions proposed for anonymity in unicast communications cannot be directly applied to multicast applications. In this paper we define the anonymous multicast system, and propose a mutual anonymous multicast (MAM) protocol including the design of a unicast mutual anonymity protocol and construction and optimization of an anonymous multicast tree. MAM is self-organizing and completely distributed. We define the attack model in an anonymous multicast system and analyze the anonymity degree. We also evaluate the performance of MAM by comprehensive simulations.     

匿名通信协议MACP概率模型检验

匿名通信技术是保护互联网用户隐私的最有力手段之一,但匿名通信协议的形式化验证仍是亟待解决的难题。对P2P匿名通信协议MACP进行了形式化验证与分析,将MACP协议的匿名路径建立过程模型化为一个离散时间马尔可夫链;然后利用概率计算树逻辑PCTL描述MACP协议的匿名性质,并采用概率模型检验器对MACP协议的匿名性进行检验。检验结果表明,通过增加匿名通道数,提高了MACP协议的匿名等级和抗攻击能力;MACP协议的匿名性随着规模的增大而增强,并没有因控制匿名路径的长度而降低。     

Anonymous mechanisms in group decision support systems communication

Using group decision support systems (GDSS) as a backdrop, this paper looks at the issues surrounding anonymity, with particular emphasis on how it may be achieved. Ensuring anonymity requires more than simple encryption. Anonymity is viewed as a composite of three types of anonymity—environmental, content-based and procedural. Each type is investigated and procedures developed to improve the anonymity of the system. Behavioral and operational costs are identified for each of the three types of anonymity. For some meetings, the benefits of supporting anonymous communication may not justify the costs. Mechanisms providing complete procedural anonymity in various system configurations are presented. It is shown that five separate mechanisms can be used to provide procedural anonymity. The impact of relaxing each of these mechanisms is also investigated. Even though a system provides anonymity, participants may be skeptical. This skepticism can reduce the overall efficiency of the group. For this reason it is important to be able to convince groups that their comments are indeed anonymous. The issue of how to convince individuals that their anonymity is secure is discussed and a partial solution to this problem is presented.     

匿名网络Tor与I2P的比较研究

Tor（the onion router）是部署最多的匿名通信系统,提供在线匿名和隐私保护,而隐形互联网I2P （invisible Internet project）允许应用程序通过使用大蒜路由,以匿名和安全方式相互发送消息。匿名网络Tor和I2P目前已受到学术界、工业界的高度重视,也受到用户的欢迎。网络Tor和I2P之间的设计理念区别关键在于：I2P试图将现有的互联网服务转移到I2P网络,并在框架内提供服务实现,而Tor则允许匿名访问分别实施和操作外部互联网服务。对匿名网络Tor、I2P分别从使用术语、项目开发、匿名服务、关键技术、威胁类型等多个方面进行比较,揭示两种匿名网络的内在联系与本质区别。     

基于重路由匿名通信系统的设计

在分析现有匿名通信系统的基础上,设计了一种新的基于重路由的匿名通信方案。针对如何实现用户与用户之间通信匿名性的问题,提出了一种结合重路由机制中的变长策略和下一跳路由选择策略的方法来建立匿名通信路径,该方法还引入了概率转发机制和加密机制。针对如何增强匿名通信系统稳定性和抗攻击能力的问题,提出采用多服务器协调的P2P工作方式来设计匿名通信系统;并且新方案引入了分片冗余机制,在维护匿名转发路径的同时,也对通信消息提供了保护。通过理论分析和仿真分析可知,该方案设计具有较好的稳定性和匿名性。     

How anonymous are you online? Examining online social behaviors from a cross-cultural perspective

Communication on the Internet is often described as “anonymous”, yet the usage of the term is often confusing, even in academia. Three levels of anonymity, visual anonymity, dissociation of real and online identities, and lack of identifiability, are thought to have different effects on various components of interpersonal motivation. Specifically, we propose that cross-cultural differences in interpersonal motivation (autonomy vs. affiliation) are illustrated by choices individuals make when deciding whether or not to remain anonymous while communicating online. Autonomy is often valued in Western societies, whereas Eastern societies tend to emphasize affiliation, suggesting that individuals in Western societies will gravitate toward online communities that allow lower levels of anonymity, while individuals in Eastern societies will be more likely to seek out online communities that promote higher levels of anonymity. The research presented in this article supports this notion, suggesting that we need to consider cultural differences when designing online communication systems and other communications technologies.     

通用匿名系统结构的研究与设计

现行匿名通信系统主要针对具体应用构建，由于具体的应用需求和实现方式不同，各种匿名通信技术存在着功能上重复、互操作性和可重用性差等不足，该文分析了基于转发机制下的匿名通信系统的实现，提出了基于转发机制的通用匿名通信系统的结构，该体系结构采用分层机制，划分了7个可重用的功能组件。该文对各功能组件进行了可重用性设计，并描述了建立连接、数据转发等可重用组件的实现算法。