信息网络安全 ›› 2017, Vol. 17 ›› Issue (5): 44-50.doi: 10.3969/j.issn.1671-1122.2017.05.007

• • 上一篇    下一篇

一种基于STDM的用户隐私数据保护方案研究

陈向荣1,2(), 程丁3, 秦鹏宇1,2, 程成4   

  1. 1. 同济大学计算机科学与技术系,上海 201804
    2. 同济大学嵌入式系统与服务计算教育部重点实验室,上海 201804
    3. 安徽大学信息安全系,安徽合肥 230601
    4. 苏州科技大学电子工程系,江苏苏州 215009
  • 收稿日期:2017-02-23 出版日期:2017-05-20 发布日期:2020-05-12
  • 作者简介:

    作者简介: 陈向荣(1993—),男,四川,硕士研究生,主要研究方向为信息安全、车联网;程丁(1996—),男,安徽,本科,主要研究方向为网络信息安全;秦鹏宇(1993—),男,山东,硕士研究生,主要研究方向为大数据、信息安全;程成(1980—),男,江苏,讲师,博士,主要研究方向为网络信息安全、机器学习。

  • 基金资助:
    国家国际科技合作专项[2013DFM10100]

Research on a User Data Security Protection Strategy Based on STDM Technology

Xiangrong CHEN1,2(), Ding CHENG3, Pengyu QIN1,2, Cheng CHENG4   

  1. 1. Department of Computer Science & Engineering, Tongji University, Shanghai 201804, China;
    2. Key Laboratory of Embedded System and Service Computing of Ministry of Education, Tongji University, Shanghai 201804, China
    3. Department of Information Security, Anhui University, Hefei Anhui 230601, China
    4. Department of Electronic Engineering, Suzhou University of Science and Technology, Suzhou Jiangsu 215009, China
  • Received:2017-02-23 Online:2017-05-20 Published:2020-05-12

摘要:

文章在研究扩展变换抖动调制(STDM)算法的基础上,给出了一种基于图像加密的用户隐私数据安全保护解决方案。在数据加密时,客户端先将用户名嵌入到图片中,并对软件指纹与用户密码进行MD5加密得到密码密文,然后通过存储在本地的随机种子产生控制流来指导密码密文嵌入到图片中;服务器收到客户端发送的图片后,提取其中的用户名,通过随机数控制流提取出密码密文,将其与服务器中相应用户的密码密文进行验证,若验证成功则生成一个新随机种子发送给客户端。实验结果表明,文中方案可用于网站或客户端用户登录的数据安全防护场景。

关键词: STDM, 软件指纹, 用户隐私, 安全防护

Abstract:

Based on the research of spread transform dither modulation algorithm, this paper proposes a security solution based on image encryption. In the process of data encryption, the client first user name embedded in them, and the software of fingerprint and user MD5 password encryption password to get the ciphertext. Then, the client controls the ciphertext to be embedded into the image by the local random seed generation control flow. When the server receives the picture sent by the client, the server name is extracted first. Similarly, the server extracts the password ciphertext through the random number control flow, with the corresponding user password ciphertext verification. If the authentication is successful, a new random seed is generated and sent to the client. To test the method, a prototype verification system was developed and the ideal results were obtained. The results show that the image encryption scheme can be used to protect the data security of the site or the client. At the same time, it can also meet the requirements of user’s convenience.

Key words: STDM, software fingerprinting, user privacy, safety protection

中图分类号: