摘要
分析了Gao等人提出的(t,N-2)弹性Mix Net方案,发现存在严重安全漏洞.主动攻击者利用Elgamal算法的可展性构造具有相关性的密文组,然后通过观察对应明文组的相关性获得输入与输出的对应关系,最终破坏Mix Net的秘密性.两个不同服务器组中的恶意服务器可以相互勾结利用共谋攻击使Mix Net输出错误结果,并以不可忽略的概率逃过验证协议的检验.分析结果说明Gao的方案不满足(t,N-2)弹性,且基于该Mix Net的电子投票应用也是不安全的.
We analysed Gao et al. ' s (t, N - 2)-resilient Mix Net scheme and found some serious security flaws in their design. In order to break Mix Net's privacy, an active attacker can construct a list of ciphertexts with some relativity by utilizing the malleability of the E1Gamal encryption scheme, and then observe the corresponding relativity of plaintexts to get the relationship between input and output elements. The malicious servers from two different groups can initiate collusion attacks proposed by this paper to make the Mix Net system output wrong and cheat the verifying protocol with non-negligible probability of success. The result of analysis shows that Gao et al. 's scheme does not satisfy (t, N-2)- resilience and that the electronic voting application based on their Mix Net is also insecure.
出处
《西安电子科技大学学报》
EI
CAS
CSCD
北大核心
2007年第6期926-929,934,共5页
Journal of Xidian University
基金
国家自然科学基金面上项目资助(60473028)
关键词
匿名通信
MIX
NET
共谋攻击
anonymous communication
Mix Net
collusion attacks
