一种高效的私有信息检索方案

私有信息检索是一个重要的安全多方计算协议，是指参与查询的用户与数据库拥有者希望在各自的私有信息互不泄露的情况下完成查询操作，该问题在多个情报部门的合作计算领域有着广阔的应用前景．本文将密码学技术应用于预处理辅助随机服务器协议，提出了一个新的私有信息检索解决方案，该方案在保持传统PIR协议通信复杂度不变的情况下，有效地降低了计算复杂度，可以高效应用于文件数据检索．对方案的安全性，计算复杂性和通信复杂性进行了分析．     

基于以太坊区块链的公平可搜索加密方案

传统的对称可搜索加密解决了云存储中加密数据的检索问题,但是没有考虑到检索的公平性问题,即用户在支付了服务费后服务器没有返回检索结果或返回错误的检索结果的情况。随着区块链的出现,基于比特币的对称可搜索加密方案被提出,但是比特币系统的交易周期长,且比特币的脚本语言不是图灵完备的,不能适用于更多的场景。因此提出基于以太坊区块链和智能合约的对称可搜索加密方案,在保证数据隐私性的同时,解决了检索的公平性问题。安全性和性能分析结果表明该方案是可行的。     

基于双方ECDSA的强匿名性比特币密钥管理方案

针对比特币密钥管理的安全性问题,提出智能手机钱包和硬件钱包的结合方案.利用CoinShuffle协议创建比特币交易,利用双方ECDSA对交易进行数字签名,从而实现比特币钱包的双重认证,同时增强用户使用比特币时的匿名性.安全性分析表明,该方案可以抵御中间人攻击、去匿名攻击等多种攻击,所创建的交易与标准比特币交易无法区分,与现有比特币系统完全兼容.该方案便于随时随地创建交易,这为其他区块链项目的密钥管理方案提供了新思路,具有一定的实用价值.     

基于点函数秘密共享的私有信息检索协议

针对私有信息检索（PIR）中的隐私安全问题，提出了一个基于点函数秘密共享的私有信息检索协议。该协议将检索的索引看成一个特殊的0-1点函数，利用点函数秘密共享技术生成这个点函数的密钥组，分别发送给p个服务器，根据p个服务器返回的响应作异或运算得到检索结果。对协议进行了正确性、安全性和效率分析，验证了这个协议是安全且高效的，并给出了一个具体实例来说明该协议的有效性。最后介绍了将该协议推广到多项私有信息检索和基于关键字的私有信息检索中的应用情况。     

基于交易网络的公有链用户识别方法

分析与研究公有链交易数据及系统用户行为对于保证公有链应用安全至关重要。比特币作为公有链的代表性应用,是一种基于P2P网络的电子现金系统。比特币交易地址具有匿名特征,无法关联到用户真实信息,这使得比特币溯源非常困难。为识别比特币中交易地址间的关联关系,推断出用户真实信息,提出一种基于交易网络的用户识别方法。对比特币区块数据进行预处理,通过解析比特币区块数据中的脚本信息,将比特币原始交易数据处理为更加直观的数据格式。衡量交易输入与输出地址间的相似程度,根据交易地址关联信息识别出比特币匿名地址对应的所有用户。在实验中应用真实的比特币区块数据,利用可视化方式对用户识别结果进行分析,结果表明该方法不受交易规则的限制,能对比特币匿名地址进行有效识别,且随着比特币区块数量的增加,识别准确率基本稳定于80%。     

基于比特币区块链的公共无线局域网接入控制隐私保护研究

在公共无线局域网的访问控制中,用户隐私保护和用户可问责性是一对相互冲突的目标。针对该问题,提出了一种基于比特币区块链和Intel SGX的匿名且可问责用户管理与访问控制方案。在不修改已有的比特币协议的前提下,实现了对公共无线局域网访问凭证的安全管理,而无须依赖可信第三方;采用基于Intel SGX的混合技术,通过较小的开销提供了用户可控的访问凭证匿名性保护;设计的区块链验证路径规则在保持用户隐私的同时实现了对恶意用户的问责。理论分析和实验结果验证了该方案的安全性和可行性。     

比特币区块链的数据压缩

区块链技术为数据存储提供了一种透明、不可更改、去中心化的方法。但随着数据量不断增加,比特币区块链系统需要大量的存储空间。分析了比特币区块的结构,针对比特币交易中的部分字段,提出相应的编码方案来减小比特币区块体积。实验表明,所提方案可使区块链体积减小18.13%。     

基于区块链的电子病历数据共享方案

以区块链为数据存储平台的电子病历系统是当下研究的热点. 存储在区块链上的数据是不可变的, 这加强了数据的安全性. 提出了一个基于区块链的电子病历数据共享方案, 实现了患者和第三方数据用户在不侵犯患者隐私的前提下共享患者电子病历. 使用私有链与联盟链构造方案的系统模型, 医院服务器上存储患者的电子病历密文, 私有链上存储患者病历密文的哈希值和关键字索引, 联盟链上存储由关键字索引构成的安全索引. 同时利用可搜索加密技术实现了联盟链上对关键字的安全搜索, 运用代理重加密算法实现了第三方数据用户对患者电子病历的共享. 通过数值实验对方案进行了性能评估.     

区块链P2P网络协议演进过程

针对点对点网络协议的特点,通过阅读源代码和官方文档,对比特币（Bitcoin）、以太坊（Ethereum）以及超级账本（hyperledger fabric）三种主流区块链系统的P2P协议进行了详细研究,通过讨论区块链点对点协议在演进过程中的变化分析了不同协议的优缺点,同时提出了分析标准,给出了量化评价,以期为未来区块链网络协议的研究提供有益的启发与指导。     

基于环签名的数字货币隐私保护技术

比特币是一种去中心化的数字货币,凭借其匿名性而被广泛使用,已经在全球范围内产生影响。比特币作为目前最著名且用户最多的数字货币,用户使用伪名在公开的账本中记录完整的交易历史,这是一种不使用中心化银行并且能够防止双重花费攻击的方法。如果把用户的伪名与他们在现实社会中的身份相关联,将对比特币的匿名性造成严重的威胁。在目前的混币服务中,混淆服务提供商仍然可以获取输入和输出地址之间的对应关系,所以混币服务器能够跟踪比特币用户的交易记录。为了解决这个问题,文章提出了一种新的交易混淆方案,以确保混币服务器无法获得任何用户的输入和输出地址之间的对应关系。文章使用一个环签名算法来确保混币服务器无法归纳指定交易与输出地址的关系。环签名能够确保签名是由环中的某个用户产生的,并且不会泄漏有关签名者的任何信息。此外,方案与现有比特币协议完全兼容,易于根据用户数量进行扩展。     

区块链上支持多关键字检索的可搜索加密方案

在基于云存储的单关键字可搜索加密中,云服务器不是完全可信的,且现有的单关键字检索不能精确地返回搜索结果。基于此, 结合区块链技术提出了区块链上的多关键字可搜索加密方案。该方案采用对称加密算法提高了加密效率;利用区块链技术解决了云服务器不诚实搜索的问题;采用多关键字的索引结构提高了搜索结果的精确性。在随机预言模型下,证明了该方案在选择关键字攻击下是不可区分IND CKA安全的,通过效率分析表明该方案具有更高的效率。     

单云服务器下的安全外包模幂运算

模幂运算是加密和签名系统中最基础的运算。由于模幂运算需要耗费很大的计算成本,因此很多方案提出将模幂运算安全外包给云服务器。但是,现存的大多方案都需要两个不共谋的服务器来实现安全的模幂运算,一旦服务器共谋,就会导致外包隐私数据泄露。此外,很多现有方案都假设底数和指数都是保密的,但这并不适合于大多数现实应用场景。通常来说,为了减轻计算负担,只有敏感消息才需要被保密。为了解决上述问题,分别提出了固定底数(底数公开、指数保密)和固定指数(指数公开、底数保密)的安全外包方案。在该方案中客户端只需要使用一个云服务器,从而避免了两个服务器的共谋攻击。理论分析及实验结果证明了该方案的安全性和高效性。     

Socket-based RR scheduling scheme for tightly coupled clusters providing single-name images

Server clusters for Internet services can yield both high performance and cost effectiveness. Contemporary approaches to cluster design must confront the tradeoff between dynamic load-balancing and efficiency when dispatching client requests to servers in the cluster. In this paper we describe a packet filtering-based RR scheduling scheme, intended to be an easily implemented scheme for hosting Internet services on a server cluster in a way transparent to clients. We take a non-centralized approach, in which client packets sent to the cluster's single IP address are broadcast to all of its servers. Packets requesting that a new TCP session be set up cause counters in each server to be incremented; if a server's counter matches its fixed unique ID, it takes charge of the session, else it ignores the packet. This yields a round-robin type algorithm. We describe this approach in detail, and present results of simulations that show it achieves higher performance (in terms of throughput and reliability) than similar approaches based on client-IP hashing and dispatcher-based RR.     

Secure dynamic anycasting for ‘best’ server selection using active networks

The networking community has tackled the resource-finding problem using several methods. The knowledge of the name or property of the resource enables one to find it over the network. Many techniques were proposed and investigated for a single instance of the resource. The Internet has experienced dramatic growth in the use and provision of services such as ftp, gopher, archie and World-Wide-Web. The heavy demands being placed on servers inspire replication (mirroring) of servers. This replication results in client intending to contact the ‘best’ server among many content-equivalent servers.

The solutions that were used for the ‘best’ server selection include multicast and broadcast communication to send request to all servers and choose the best one from all the replies. These solutions require the client to be powerful enough to handle all the replies, which may be overwhelming leading to client's machine getting hung. The other solution uses the name servers to provide a different unicast address for one member of a group of servers at different locations. The inherent disadvantage in this method is that the user is unable to choose the best server. The idea of application layer anycasting allows the user to select the best server according to the user's selection criteria. The main disadvantage of this scheme is that the client that does the selection may not be powerful to handle responses from all the content-equivalent servers. In this paper the idea of application layer anycasting has been extended by allowing the active routers to locate the best server. Active networks, unlike the traditional networks are not just passive carrier of bits but instead provides the capability for the user to inject customized programs into the networks that may modify, store or redirect the user data flowing through the network. Anycasting is done in the application level as it provides better end-to-end control, and there is no support in the network level. The choice of ‘best’ server is done based on the first response from the servers. The active routers do the filtering of responses from laggards and the client gets the response only from the best server, thus the client machine is not overwhelmed by responses. The client deals with the vital issue of security with respect to Active networks by the use of various encryption schemes. Since the ‘best’ server chosen is not always the best forever, a TTL value is associated with each of the best server found, and the best one is reselected after its expiry.

The performance of the proposed scheme is compared with the networks without active networks and is found to provide better response time for requests. Further, the proposed scheme avoids the overloading of a server, jockeying, and reduces the overhead of the client in selecting the best server. The overhead on the routers in active networks is insignificant compared to the advantages accrued due to it.     

基于区块链的多关键字细粒度可搜索加密方案

密文策略下基于属性的关键字搜索(CP-ABKS)技术可以对加密的数据实现细粒度控制和检索。现有CP-ABKS方案较少考虑云服务器的恶意行为和搜索过程的公平支付,且通常只支持单关键字密文检索。对此,文章提出基于区块链的多关键字细粒度可搜索加密方案。利用密文策略下基于属性的加密技术满足多用户检索,实现了细粒度访问控制和访问策略隐藏。结合区块链技术避免了恶意云服务器对索引的篡改,使用智能合约保障了用户和数据拥有者之间的公平支付。此外,文章方案还实现了多关键字检索,且无需第三方验证实体就可以保证用户得到正确的检索结果。安全性分析表明文中方案能够保证关键字和访问策略的不可区分性,并通过性能评估验证了该方案在保证效率的同时具有更优的功能。     

Optimal chaining scheme for video-on-demand applications on collaborative networks

By forwarding the server stream client by client, a chaining-based scheme is a good way to reduce the server streams for streaming applications in well-connected networks. In this paper, we prove that the minimum number of required server streams in such schemes is n-k+1, where n is the number of client requests and k is a value determined by client buffer sizes and the distribution of requests. In addition, we present an optimal chaining algorithm using a dynamic buffer allocation strategy. Compared to existing chaining schemes, our scheme not only utilizes the backward (basic chaining) and/or forward (adaptive chaining) buffer, but also exploits the buffers of other clients in order to extend the chain as much as possible. In this way, more clients can be chained together and served by the same server stream. Our simulation results show that the requirements of the server streams in the presented scheme are much lower those of existing chaining schemes. We also introduce mechanisms for handling VCR functions and fault exceptions in practical applications.     

群组内基于区块链的匿名可搜索加密方案

公钥可搜索加密技术不仅可以保护云存储中用户的数据隐私,还可以提供数据在不解密的条件下进行密态数据搜索的功能。针对群组内用户进行密文安全搜索的需求,本文以群组为单位使用基于身份的广播加密进行数据的加密与密钥封装,以基于身份的可搜索加密构造关键词密文及关键词陷门,提出了一种群组内的公钥可搜索加密方案,保证了只有群组内的授权用户才可以进行安全搜索并解密数据。此外,为保护用户的身份隐私,通过构造匿名身份,避免了因云服务器好奇行为而造成的用户身份泄露问题。同时,在按需付费的云环境中,为了防止云服务器向用户返回部分或不正确的搜索结果,文章结合区块链技术,使用区块链作为可信第三方,利用智能合约的可信性,在用户验证搜索结果正确后向云服务器支付搜索费用,解决了用户与云服务器之间的公平支付问题。并加入了违规名单机制,防止恶意用户对系统可用性造成影响。在安全性方面,通过基于判定性双线性Diffie-Hellman问题与判定性Diffie-Hellman问题进行安全性分析,证明了在随机谕言机模型与标准模型下方案满足关键词密文与关键词陷门的不可区分性。最后,通过功能对比表明本方案有较强的实用性,利用Charm-crypto密码库对方案进行效率对比,其结果表明本方案与其他相关方案相比具有较低的计算以及通信开销。     

区块链上基于云辅助的属性基可搜索加密方案

可搜索加密技术在不解密的情况下搜索加密数据.针对现有的可搜索加密技术没有考虑数据用户细粒度搜索权限的问题,以及现有的可搜索加密方案中因云存储的集中化对数据安全和隐私保护带来的问题,提出了区块链上基于云辅助的属性基可搜索加密方案.该方案利用可搜索加密技术实现加密数据在区块链上的安全搜索,利用基于属性的加密技术实现数据的细粒度访问控制,利用区块链不可篡改的特性确保关键字密文的安全.在该方案中属性基加密技术用来加密关键字,区块链上存储关键字密文,云服务器上存储关键字密文和数据密文.基于困难问题假设,证明该方案能够保证关键字密文和陷门的安全性.数值实验结果表明:该方案在密钥生成阶段、陷门生成阶段、关键字搜索阶段具有较高的效率.     

Improving the accuracy and storage cost in biometric remote authentication schemes

Recently, Bringer et al. proposed a new approach for remote biometric based verification, which consists of a hybrid protocol that distributes the server side functionality in order to detach the biometric data storage from the service provider. Besides, a new security model is defined using the notions of Identity and Transaction Privacy, which guarantee the privacy of the identity-biometrics relationship under the assumption of non-colluding servers. However, due to the high communication and computational costs, the systems following this model cannot be implemented for large scale biometric systems.In this paper, we describe an efficient multi-factor biometric verification system with improved accuracy and lower complexity by considering the range information of every component of the user biometrics separately. Also, the new scheme is provably secure based on the security model of Bringer et al and implements a different database storage that eliminates the disadvantages of encrypted biometric templates in terms of ciphertext expansion. Also, we evaluate different Private Information Retrieval (PIR) schemes applicable for this setting and propose a practical solution for our scheme that reduces the computation costs dramatically. Finally, we compare our results with existing provably secure schemes and achieve reduced computational cost and database storage cost due to the single storage of the common features of the users in the system and amortization of the time complexity of the PIR.