摘要
在公开的计算机网络中采用隐蔽路由网络连接 ,任何隐蔽网络的用户只能获得与其直接连接的前序和后继节点的地址 ,使得攻击者既不能窃听到机密 ,也不能实施流量分析 .现有的隐蔽路由方案或采用原子签名和加密 ,或采用嵌套加密和签名 ,即洋葱路由 ,本文应用分段验证签密的方法提出了一个新的隐蔽路由实现方案 ,该方案用签密代替现有方案中先签名再加密两步常规密码方法 ,减少协议的计算和通信量 ,提高了执行效率 ,并包容了两种方法各自具有的优点 .最后分析了方案的安全性 .
Anonymous routing connections on open computer networks are strongly resistant to both eavesdropping and traffic analysis,as any user of the anonymous networks can only obtain the addresses of its predecessor and successor sites.The anonymous routing schemes available are constructed either by using atomic signature and encryption or by nested signature and encryption,or onion routing.A new scheme that hides information and prevents from disturbing data packages is presented with Domain-Verifiable Signcryption technique.In this context,it appears to be efficient that the system is built by using efficient digital signcryption techniques instead of traditional paradigm of generating a digital signature of a message and then encrypting the signature together with the message and reducing computation and overhead costs in the protocol.At the same time,the merit of two kinds of schemes above is obtained.Finally,an analysis of security is given.
出处
《电子学报》
EI
CAS
CSCD
北大核心
2002年第7期995-998,共4页
Acta Electronica Sinica
基金
国家自然科学基金重点资助项目 (No .1 9931 0 1 0 )
关键词
网络安全
信息隐蔽
隐蔽路由
签密
分段验证签密
计算机网
networks security
information hiding
anonymous routing
signcryption
domain-verifiable signcryption