摘要
为了保障移动节点在使用基于位置的服务时的位置隐私,提出了一种基于随机洋葱路由的LBS移动隐私保护方案。该方案通过使用随机洋葱路由和混合加密方法相结合的方式来确保移动节点位置隐私和查询请求的安全性。移动节点在向LBS服务器发送查询请求之前,随机在网络中选取若干节点构造一条洋葱路径,查询请求则沿着这条路径上的节点依次转发,直到LBS服务器收到消息为止。然后,LBS将查询结果沿洋葱路径反向发送给发送节点。为了实现发送节点匿名,随机构建的洋葱路径上每一层的地址都使用对称加密和非对称加密相结合的方式进行加密,就这样层层加密生成最终的洋葱路径,路径中的每一跳节点都只能获取到其对应的下一跳节点的地址。LBS服务器和任意的中转节点都无法获知谁是发送节点,确保了发送节点的位置隐私。另一方面,为了保证查询请求和查询结果不被任意的第三方获取,发送节点首先使用一个对称密钥对查询请求进行加密,再使用LBS服务器的公有密钥加密该对称密钥,并将加密后的对称密钥密文附在查询请求密文后发送。LBS服务器同样将加密后的查询结果返回。实验结果表明,随着系统中节点数目的增多,该方案的平均响应时间也随之缓慢增加,不会出现平均响应时间随节点数目的增多而急剧增加从而导致系统瘫痪的现象,说明系统具有较好的稳定性和可伸缩性。洋葱路径是随机选择的,不依赖于特定的节点,因此该方案具有较好的健壮性。
In order to ensure the location privacy of mobile nodes when using location-based services, a mobile privacy protection scheme for location based service(LBS)based on random onion routing is proposed.This scheme integrates random onion routing and hybrid encryption to ensure the privacy of mobile node location and the security of query requests.The mobile node randomly selects several nodes in the network before sending the query request to the LBS server to build an onion path, and forwards the query request along this path in turn until the LBS server receives the message.Then, the LBS sends the query result to the sen-ding node along the reverse direction of the onion path.In order to realize the anonymity of the sending node, the addresses of each layer on the randomly constructed onion path are encrypted with a combination of symmetric encryption and asymmetric encryption.In this way, layers of encryption are used to generate the final onion path.Each hop node in the path can get only its next-hop node.Neither the LBS server nor any relay node in the onion routing path can know which node is the sending node, so that the location privacy of the sending node can be kept.On the other hand, in order to ensure that no third party can get the query request or query result, the sending node first uses a symmetric key to encrypt the query request.Then it uses the public key of the LBS server to encrypt the symmetric key.Finally it attaches the symmetric key ciphertext to the query request ciphertext and send it to the LBS server.The LBS server will also return the encrypted query result.Experimental results show that the average response time of this scheme increases slowly with the increase of the number of nodes in the system.The average response time will not increases sharply with the increase of the number of nodes, which will lead to system paralysis.So the system has good stability and scalability.The onion path is randomly selected which does not depend on a specific node, so the scheme has better robustness.
作者
王磊
李晓宇
WANG Lei;LI Xiao-yu(School of Computer and Artificial Intelligcnce,Zhengzhou University,Zhengzhou 450001,China)
出处
《计算机科学》
CSCD
北大核心
2022年第9期347-354,共8页
Computer Science
基金
国家自然科学基金(61876016)。
关键词
移动位置隐私
洋葱路由
混合加密
网络安全
Mobile location privacy
Onion routing
Hybrid encryption
Cyber security
