| ¡¡ | Chinese Journal of Computers Full Text |
| Title | A Controllable and Trusted Anonymous Communication Scheme |
| Authors | WU Zhen-Qiang ZHOU Yan-Wei QIAO Zi-Rui |
| Address | (School of Computer Science£¬ Shaanxi Normal University£¬ Xi'an 710062) |
| Year | 2010 |
| Issue | No.9(1686¡ª1702) |
| Abstract & Background | Abstract Encryption technology can only carry on the protection to the correspondence data content, but in some special application fields, such as e-voting, e-health, e-commerce and e-cash, the protection degree of private information, like user¡¯s identity, behavior, geographical location and so on, is one of important attributes to assess the overall system security. The anonymous communication technology that is strongly resistant to both eavesdropping and traffic analysis is the commonly used privacy protection method, but this technology can not only enhance an user¡¯s identity information but also protect a malicious user¡¯s identity and behavior. How to protect an authorized user¡¯s privacy and prevent malicious attacks is the key of promote the large-scale application of anonymous communication technology. A controllable and trusted anonymous communication architecture that build up the computer security with trusted computing based on the trusted platform module is proposed. The architecture realizes the sender¡¯s anonymity through a group communication technology, and achieves the protection of privacy information in user behavior, user geographical position by encapsulating package with nested encryptions in communication link. The anonymous communication scheme based on the architecture consists of four functional modules, such as getting group information by the user register for authentication management center (AMC), trusted user node list that was downloaded from the server after the user have passed the trusted evaluation, established anonymous communication link by randomly selected node, and traceable service of malicious behavior to services provider. This paper has carried on the systematization design to these modules, and gives each module a corresponding protocol. It is shown that the scheme has good security, controllability and credibility by analysis and simulation of safety, dependability, anonymity, and efficiency. The scheme can meet the demand of the large scale deployment of anonymous communication system in the future Internet. Keywords anonymity architecture; anonymous attestation; traceable anonymity; trusted platform model; attestation for trustworthiness of computing platform Background This work is supported by the National Natural Science Foundation of China (60633020) and the National High Technology Research and Development Program (863 Program) of China (2007AA01Z438200). Anonymity and identity management technologies are powerful tools to protect privacy. Nevertheless, their potential for abuse is a factor that hinders the development and implementation of privacy enhancing systems at a large scale. The past two decades have seen a growing interest in methods for anonymous communication on the Internet, both from the academic community and the general public. Several system designs have been proposed in the literature, of which a number have been implemented and are used by diverse groups, such as journalists, human rights workers, the military, and ordinary citizens, to protect their identities on the Internet. This paper discusses the requirements of a controllable and trusted anonymous communication that a large scale anonymity infrastructure should comply with in order to be acceptable for all parties. The authors survey the Trusted Computing Platform that is the industrial initiative to implement computer security. However, privacy protection is a critical problem that must be solved in Trusted Computing Platform. Two solutions have been proposed in the specification of TPM. TPM v1.1 is based on a trusted third party, called Privacy CA. Obviously, this is not satisfactory solution, since each transaction needs the involvement of Privacy CA, and the compromise of CA will disclose all mapping between AIK¡¯s and EK. The solution in TPM v1.2 is called direct anonymous attestation (DAA) in which TPM can directly proves its authenticity to a remote server with the help of Privacy CA. But so far this specification would not hide a sender¡¯s (or recipient¡¯s) network address (IP address, email address, etc.) on the Internet anonymous communication system. This paper presents a controllable and trusted anonymous communication architecure that consists of four functional modules, like authentication management center (AMC), trusted user node list that was downloaded from the server, established anonymous communication link, and traceable service of malicious behavior. The paper has carried on the systematization design to these modules, and has given each module a corresponding protocol. The architecture can meet the demand of the large scale deployment of anonymous communication system in the future Internet. |