Simple efficient mutual anonymity protocols for peer-to-peer network based on primitive roots

In this paper, we present two types of protocols that can achieve mutual anonymity in peer-to-peer (P2P) network environments, which means the identities of the service, requesters and providers, are anonymous to each other, to other peers, and even to the trusted third party (TTP). One of the two types of protocols is for hybrid P2P systems where there is a TTP to construct the transmission paths and look up the query files. The other type of protocol is for pure P2P environments where no TTP is involved in the session network. These two new protocols are based on primitive roots for three main reasons: simplicity, flexibility, and efficiency. Other issues concerning the P2P network structure as well as the security analyses of the proposed protocols will also be covered in this paper.     

基于投票的P2P文件真实性认证协议

提出了一种基于电子投票的文件真实性认证协议。需要验证文件真实性的发起者将投票请求发送给多个代理节点，由代理节点泛洪（Flood）投票并收集结果返回给发起者。发起者根据各选区的非重复选票确定文件的真实性。交互过程中使用洋葱路由和路由交换表，实现了发起者匿名、投票者匿名和文件提供者匿名。理论分析和实验表明，用该协议进行文件真实性认证，成功率在95％以上。与已有文件真实性认证协议比较，交互次数大大减少，并提供了参与者匿名。     

Mutual Anonymity for Mobile P2P Systems

Mobile peer-to-peer networks (MOPNETs) have become popular applications due to their ease of communication and resource sharing patterns in unfixed network infrastructures. As privacy and security are coming under increasing attention, many mobile and ad hoc network protocols attempt to provide mutual anonymity for users. Most existing anonymous designs, however, are path based, where the anonymous communications are achieved via a predetermined path. Such a design suffers from unreliable delivery and high processing overheads and is not practical. We propose a scalable secret-sharing-based mutual anonymity protocol, termed PUZZLE, which enables anonymous query issuance and file delivery for MOPNETs in ad hoc environments by employing Shamir's secret sharing scheme. We present the design of PUZZLE, analyze its degree of security and anonymity, and evaluate its performance by comprehensive trace-driven simulations. Experimental results show that compared with previous designs, PUZZLE achieves mutual anonymous communications with a lower cryptography processing overhead and higher degree of anonymity.     

Pseudo Trust: Zero-Knowledge Authentication in Anonymous P2Ps

Most of the current trust models in peer-to-peer (P2P) systems are identity based, which means that in order for one peer to trust another, it needs to know the other peer's identity. Hence, there exists an inherent tradeoff between trust and anonymity. To the best of our knowledge, there is currently no P2P protocol that provides complete mutual anonymity as well as authentication and trust management. We propose a zero-knowledge authentication scheme called Pseudo Trust (PT), where each peer, instead of using its real identity, generates an unforgeable and verifiable pseudonym using a one-way hash function. A novel authentication scheme based on Zero-Knowledge Proof is designed so that peers can be authenticated without leaking any sensitive information. With the help of PT, most existing identity-based trust management schemes become applicable in mutual anonymous P2P systems. We analyze the security and the anonymity in PT, and evaluate its performance using trace-driven simulations and a prototype PT-enabled P2P network. The strengths of our design include 1) no need for a centralized trusted party or CA, 2) high scalability and security, 3) low traffic and cryptography processing overheads, and 4) man-in-middle attack resistance.     

MuON: Epidemic based mutual anonymity in unstructured P2P networks

A mutual anonymity system enables communication between a client and a service provider without revealing their identities. In general, the anonymity guarantees made by the protocol are enhanced when a large number of participants are recruited into the anonymity system. Peer-to-peer (P2P) systems are able to attract a large number of nodes and hence are highly suitable for anonymity systems. However, the churn (changes in system membership) within P2P networks, poses a significant challenge for low-bandwidth reliable anonymous communication in these networks.This paper presents MuON, a protocol to achieve mutual anonymity in unstructured P2P networks. MuON leverages epidemic-style data dissemination to deal with churn. Simulation results and security analysis indicate that MuON provides mutual anonymity in networks with high churn, while maintaining predictable latencies, high reliability, and low communication overhead.     

Managing and sharing servants' reputations in P2P systems

Peer-to-peer information sharing environments are increasingly gaining acceptance on the Internet as they provide an infrastructure in which the desired information can be located and downloaded while preserving the anonymity of both requestors and providers. As recent experience with P2P environments such as Gnutella shows, anonymity opens the door to possible misuses and abuses by resource providers exploiting the network as a way to spread tampered-with resources, including malicious programs, such as Trojan Horses and viruses. We propose an approach to P2P security where servants can keep track, and share with others, information about the reputation of their peers. Reputation sharing is based on a distributed polling algorithm by which resource requestors can assess the reliability of perspective providers before initiating the download. The approach complements existing P2P protocols and has a limited impact on current implementations. Furthermore, it keeps the current level of anonymity of requestors and providers, as well as that of the parties sharing their view on others' reputations.     

Performance evaluation of an efficient fault tolerant service discovery protocol for vehicular networks

Recently, vehicular networks and inter-vehicle communication have received attention from the research community and the automotive industry. In this context, many services are deployed in vehicular networks that are beneficial to drivers and passengers. Service discovery in vehicular networks is vital to make such services useful. However, due to the lack of communication reliability in vehicular ad hoc networks, it is necessary to implement fault-tolerant techniques during the discovery of service providers in vehicular networks. Very few service discovery protocols for vehicular networks have considered fault tolerant techniques, which are very important for the efficiency of service discovery. Fault tolerant techniques improve service request satisfaction and reduce dropped connections due to faulty components between the service provider and the service requester. In this paper, we propose a fault tolerant location based service discovery protocol for vehicular networks which can work well under service provider failures, communication link failures and roadside router failures. Our protocol permits the discovery of location based services where the requester specifies the region of interest within the request. Our protocol uses an infrastructure support consisting of clusters of roadside routers formed in specific regions in the vehicular network. In addition, service discovery messages are integrated into the network layer and use channel diversity in order to improve service discovery efficiency. We describe our fault tolerant location based vehicular service discovery protocol (FTLocVSDP) and discuss its proof of correctness and performance evaluation. We prove that the success rate is improved in the roadside router failure and in the communication link failure scenarios by 50% and 30%, respectively, compared to the location based service discovery protocol for vehicular networks (LocVSDP) which does not consider fault tolerant techniques.     

P2P文件共享系统中基于访问控制的信任模型

在P2P文件共享系统中,节点之间共享彼此的文件.但是由于对等网络的匿名性和开放性,在文件共享系统中存在很多信任方面的问题,如恶意节点和自私节点的大量存在.为了孤立恶意节点和鼓励节点共享自己的文件,提出了基于访问控制的信任模型.首先,定义了一种信任机制,它引入了直接信任,推荐信任,时间衰减等因子.其次,对每个共享文件都加入了两个阈值--可信性总评价阈值和贡献量阈值来控制访问.对于每个请求者,只有当它有了对文件的访问资格后才能访问该文件.最后,通过大量的实验证明了本模型的可行性和高效性,特别是对恶意节点具有很好的孤立作用.     

BitTorrent-like P2P approaches for VoD: A comparative study

The enormous popularity of Video on Demand (VoD) has attracted substantial research attention into the effective use of peer-to-peer (P2P) architectures to provide solutions at large-scale. In particular, the high efficiency of BitTorrent has inspired many P2P protocols for VoD. However, these protocols use different approaches to adapt the design of Bittorrent to VoD, and in most cases their performance has been evaluated separately and in limited scenarios. As a consequence, the research community still lacks a clear understanding of how these protocols compare against each other and how well each of them would work in real world conditions, where, for instance, peers have heterogeneous bandwidths, may freeride or may be located behind NAT/firewall.In this paper, we propose a simulation based methodology which aims at putting forward a common base for comparing the performance of these different protocols under a wide range of conditions. We show that, despite their considerable differences: (i) existing BitTorrent-like VoD approaches all share some characteristics, such as that their bandwidth reciprocity based methods to incentivize cooperation do not always yield an optimal overall performance. Furthermore, we demonstrate that (ii) in these protocols there is a trade-off between QoS and resilience to freeriding and malicious attacks. We also discover that, (iii) when peers doing streaming coexist with peers doing traditional file transfer, the latter actually benefit from this coexistence, at the expenses of the former. Finally, we show that (iv) early departures of peers from the system do not significantly affect the QoS delivered, while jumping to a different position in the file has a bigger negative impact. Overall, our findings provide important implications for both VoD service providers and future system designers. On the one hand, our results can guide VoD service providers in selecting the most appropriate protocol for a given environment. On the other hand, exposing the flaws of current approaches will help researchers in improving them and/or designing better ones.     

Adaptive Search Radius – Using hop count to reduce P2P traffic

Peer-to-Peer (P2P) file sharing accounts for a very significant part of the Internet’s traffic, affecting the performance of other applications and translating into significant peering costs for ISPs. It has been noticed that, just like WWW traffic, P2P file sharing traffic shows locality properties, which are not exploited by current P2P file sharing protocols.We propose a peer selection algorithm, Adaptive Search Radius (ASR), where peers exploit locality by only downloading from those other peers which are nearest (in network hops). ASR ensures swarm robustness by dynamically adapting the distance according to file part availability. ASR aims at reducing the Internet’s P2P file sharing traffic, while decreasing the download times perceived by users, providing them with an incentive to adopt this algorithm. We believe ASR to be the first locality-aware P2P file sharing system that does not require assistance from ISPs or third parties nor modification to the server infrastructure.We support our proposal with extensive simulation studies, using the eDonkey/eMule protocol on SSFNet. These show a 19 to 29% decrease in download time and a 27 to 70% reduction in the traffic carried by tier-1 ISPs. ASR is also compared (favourably) with Biased Neighbour Selection (BNS), and traffic shaping. We conclude that ASR and BNS are complementary solutions which provide the highest performance when combined. We evaluated the impact of P2P file sharing traffic on HTTP traffic, showing the benefits on HTTP performance of reducing P2P traffic.A plan for introducing ASR into eMule clients is also discussed. This will allow a progressive migration to ASR enabled versions of eMule client software.ASR was also successfully used to download from live Internet swarms, providing significant traffic savings while finishing downloads faster.     

一种基于智能卡的匿名公平移动支付系统

提出了一种基于智能卡的匿名公平移动支付系统模型,基于该模型提出了一个可追踪匿名的脱线式数字现金协议,它使用智能卡作为分布匿名代理,实现了数字现金的动态匿名和兑零的功能;证明了匿名数字现金满足安全性和可追踪匿名性,该协议的效率高于基于盲签名和匿名代理服务器技术的协议.提出了一个关于时间敏感商品的公平移动支付方案,即使用智...     

基于超节点的Chord系统

Chord是一种比较成功的结构化P2P路由算法,但是网络节点性能的差异,影响了整个系统的效率;网络中一部分节点的频繁加入和退出所引起的系统震荡也影响了系统的性能;同时,结构化系统不提供相关节点的匿名性,也是结构化系统的一个不足之处.本文利用节点性能的差异,提出了基于超级节点的Chord路由算法,在Chord系统中形成节点簇,不但提高了系统的效率,而且能够有效地处理系统震荡问题,同时,为Chord系统提供了一定的匿名性.     

可监管的比特币隐私保护混淆服务

随着比特币隐私保护研究的深入,比特币作为一种新型“数字货币”变得更加难以监管。针对该问题,提出了一种可监管的比特币隐私保护混淆方案RBmix。RBmix模型使用公平盲签名算法,并引入可信第三方,具有可监管性、匿名性、可扩展性、比特币兼容性以及抗DoS攻击性。实验结果表明RBmix协议具有良好的扩展性和执行效率。     

Usable optimistic fair exchange

Fairly exchanging digital content is an everyday problem. It has been shown that fair exchange cannot be achieved without a trusted third party (called the Arbiter). Yet, even with a trusted party, it is still non-trivial to come up with an efficient solution, especially one that can be used in a p2p file sharing system with a high volume of data exchanged.We provide an efficient optimistic fair exchange mechanism for bartering digital files, where receiving a payment in return for a file (buying) is also considered fair. The exchange is optimistic, removing the need for the Arbiter’s involvement unless a dispute occurs. While the previous solutions employ costly cryptographic primitives for every file or block exchanged, our protocol employs them only once per peer, therefore achieving an O(n) efficiency improvement when n blocks are exchanged between two peers. Our protocol uses very efficient cryptography, making it perfectly suitable for a p-2-p file sharing system where tens of peers exchange thousands of blocks and they do not know beforehand which ones they will end up exchanging. Therefore, our system yields up to one-to-two orders of magnitude improvement in terms of both computation and communication (40 s vs. 42 min, 1.6 MB vs. 200 MB). Thus, for the first time, a provably secure (and privacy-respecting when payments are made using e-cash) fair exchange protocol can be used in real bartering applications (e.g., BitTorrent) [14] without sacrificing performance.     

基于SM2数字签名的区块链匿名密钥交换协议

区块链技术因其去中心化、匿名性、不可篡改、不可伪造等优点, 已经成为我国的一项前沿技术, 在各领域得到广泛的应用。虽然用户可利用区块链发布匿名交易, 有效隐藏交易双方的身份信息, 但双方交易完成后传输交易相关数据可能破坏匿名性。这是因为在数据传输过程中, 为了保证双方通信安全, 往往使用认证密钥交换协议认证双方身份, 计算会话密钥建立安全信道。由于传统的认证密钥交换协议涉及双方的长期公私钥对信息, 所以将泄露交易双方的身份信息。虽然区块链匿名密钥交换可基于交易双方的历史链上交易完成密钥交换, 有效保障交易双方的匿名性, 但现有区块链匿名密钥交换协议主要基于国外密码算法设计, 难以适用于国产区块链平台, 不符合我国密码核心技术自主可控的要求。为丰富国产商用密码算法在区块链匿名密钥交换方面的研究, 满足区块链交易后双方匿名安全通信的需求, 本文以 SM2 数字签名算法和区块链为基础, 构造非交互式和交互式两种区块链匿名密钥交换协议。并在 CK 安全模型中证明非交互式的协议满足会话密钥安全, 交互式的协议满足有前向安全性的会话密钥安全。最后通过理论分析和编程实现结果表明, 本文协议在没有比现有协议消耗更多的计算开销与通信代价的前提下, 可适用于国产化区块链平台。     

An novel three-party authenticated key exchange protocol using one-time key

Three-party authenticated key exchange protocol (3PAKE) is an important cryptographic technique for secure communication which allows two parties to agree a new secure session key with the help of a trusted server. In this paper, we propose a new three-party authenticated key exchange protocol which aims to achieve more efficiency with the same security level of other existing 3PAKE protocols. Security analysis and formal verification using AVISPA tools show that the proposed protocol is secure against various known attacks. Comparing with other typical 3PAKE protocols, the proposed protocol is more efficient with less computation complexity.     

一种UC匿名的移动自组网概率组播策略

鉴于现有移动自组网匿名路由协议不能为组播提供匿名通信支持,而只能提供特定非形式化的匿名性分析,提出了一种UC(universally composable)匿名的移动自组网概率组播策略.在路由发现阶段,采用一次性密钥对保持路径记录私密.在数据分组传输阶段,采用Gossip机制、DH秘密路径及Bloom Filter编码实现匿名源路由组播.最后,采用UC框架分析了协议的匿名性,并对协议的性能进行了仿真.分析与仿真结果表明,该策略在实现匿名性的同时还提供了较好的可靠性.     

移动网络可信匿名认证协议

针对终端接入移动网络缺乏可信性验证问题,提出一种移动网络可信匿名认证协议,移动终端在接入网络时进行身份验证和平台完整性认证。在可信网络连接架构下,给出了可信漫游认证和可信切换认证的具体步骤,在认证时利用移动终端中预存的假名和对应公私钥对实现了用户匿名隐私的保护。安全性分析表明,协议满足双向认证、强用户匿名性、不可追踪性和有条件隐私保护。协议中首次漫游认证需要2轮交互,切换认证需1轮即可完成,消息交换轮数和终端计算代价优于同类可信认证协议。     

三因子匿名认证与密钥协商协议

为确保通信双方的信息安全,很多认证与密钥协商（AKA）协议被提出并应用于实际场景中。然而现有三因子协议都存在安全漏洞,如易受智能卡丢失攻击、口令猜测攻击等,有的更是忽略了匿名性。针对上述问题提出了一种三因子匿名认证与密钥协商协议。该协议通过融合智能卡、口令和生物认证技术,并增加口令与生物特征更新阶段以及智能卡更新分配阶段,并利用椭圆曲线上的计算性Diffie-Hellman（CDH）假设进行信息交互,来实现安全通信。在随机预言机模型下证明了所提协议的安全性。与同类协议进行对比分析的结果表明,所提协议能有效防范智能卡丢失攻击、重放攻击等多种攻击,实现了匿名性、口令自由更新等更全面的功能,且具有较高的计算和通信效率。     

WuKong: a practical video streaming service based on native BitTorrent and scalable video coding

Many researches on peer-to-peer video streaming have focused on dealing with highly dynamic, high-churn P2P environment. Most of P2P streaming protocols were modified from a P2P file sharing protocol. Inspired by the high performance on peer-to-peer file sharing of BitTorrent, we propose an overlaying streaming mechanism on the native BitTorrent protocol and realize a practical P2P video streaming service, called WuKong. WuKong not only takes advantages of BitTorrent but also combines the video scalability of layered video coding. In this paper, we depict an overlaid streaming mechanism in WuKong and an adaptive layer-downloading process to balance between the video quality and bandwidth utilization on heterogeneous peers. WuKong is carried out by using an open-sourced library of the BitTorrent protocol, coding schemes of the Windows Media Video (WMV), and the Scalable Video Coding (SVC). We measured and compared the service quality of end-users served by WuKong on heterogeneous peers. In addition, we evaluated the effectiveness of WuKong with peers that are randomly joining and leaving the P2P network. The results show that WuKong not only provides high quality P2P video streaming services but also supports different scaling abilities over heterogeneous devices.