通信学报
通信學報
통신학보
JOURNAL OF CHINA INSTITUTE OF COMMUNICATIONS
2013年
4期
88-98
,共11页
李龙海%付少锋%苏锐丹%车向泉
李龍海%付少鋒%囌銳丹%車嚮泉
리룡해%부소봉%소예단%차향천
匿名通信%洋葱路由%通用重加密%混合结构
匿名通信%洋蔥路由%通用重加密%混閤結構
닉명통신%양총로유%통용중가밀%혼합결구
anonymous communication%onion routing%universal re-encryption%hybrid structure
对时金桥等提出的混合结构洋葱路由方案进行了分析,发现存在的安全漏洞.第一个漏洞来源于其密码学报文结构的可展性.攻击者能够利用该漏洞改变洋葱消息的路由或在其中嵌入标签以追踪消息路由.另一个漏洞表现在匿名转发服务器容易遭受选择密文攻击.展示了3种不同的能够以较低代价破坏发送者和接收者不可关联性的攻击过程.为了避免所提到的攻击,提出了能够利用反向调查捕获恶意节点的修正方案.
對時金橋等提齣的混閤結構洋蔥路由方案進行瞭分析,髮現存在的安全漏洞.第一箇漏洞來源于其密碼學報文結構的可展性.攻擊者能夠利用該漏洞改變洋蔥消息的路由或在其中嵌入標籤以追蹤消息路由.另一箇漏洞錶現在匿名轉髮服務器容易遭受選擇密文攻擊.展示瞭3種不同的能夠以較低代價破壞髮送者和接收者不可關聯性的攻擊過程.為瞭避免所提到的攻擊,提齣瞭能夠利用反嚮調查捕穫噁意節點的脩正方案.
대시금교등제출적혼합결구양총로유방안진행료분석,발현존재적안전루동.제일개루동래원우기밀마학보문결구적가전성.공격자능구이용해루동개변양총소식적로유혹재기중감입표첨이추종소식로유.령일개루동표현재닉명전발복무기용역조수선택밀문공격.전시료3충불동적능구이교저대개파배발송자화접수자불가관련성적공격과정.위료피면소제도적공격,제출료능구이용반향조사포획악의절점적수정방안.
SHI Jin-qiao et al’s hybrid-structured onion routing scheme was analysed and some security flaws were found in their design. The first flaw was derived from the malleability of its cryptographic message format which could be ex-ploited by attackers to redirect an onion message or embed tags into it for tracing its routing path. The second flaw was the vulnerability of relay servers to chosen ciphertext attack. Three different attacks were presented that each broke the sender-receiver unlinkability entirely at a relatively low cost. To evade these attacks, a modified scheme was also pro-posed which could capture malicious nodes by using upstream investigation.
