信息网络安全 ›› 2018, Vol. 18 ›› Issue (7): 29-35.doi: 10.3969/j.issn.1671-1122.2018.07.004

• • 上一篇    下一篇

无线网络接入中用户身份和位置的双重隐身机制研究

叶阿勇(), 李晴, 金俊林, 孟铃玉   

  1. 福建师范大学数学与信息学院,福建福州350007
  • 收稿日期:2018-03-05 出版日期:2018-07-15 发布日期:2020-05-11
  • 作者简介:

    作者简介:叶阿勇(1977—),男,福建,教授,博士,主要研究方向为基于位置的服务、隐私计算、无线定位技术;李晴(1992—),女,福建,硕士研究生,主要研究方向为网络与信息安全;金俊林(1994—),男,江苏,硕士研究生,主要研究方向为网络与信息安全;孟玲玉(1994—),女,黑龙江,硕士研究生,主要研究方向为网络与信息安全。

  • 基金资助:
    国家自然科学基金[61771140];福建省自然科学基金[2018J01780];福建省高校自然科学基金青年重点项目[JZ160430];2015福州科技计划项目[2015-G-51]

Research on a Dual-stealth Mechanism of User Identity and Location in Accessing Wireless Network

A-yong YE(), Qing LI, Junlin JIN, Lingyu MENG   

  1. College of Mathematics and Informatics, Fujian Normal University, Fuzhou Fujian 350007, China
  • Received:2018-03-05 Online:2018-07-15 Published:2020-05-11

摘要:

由于用户位置与无线网络之间存在固有的“用户-终端-基站-位置”的时空映射关系,导致端到端匿名认证不能解决用户的位置隐私泄露问题。文章采用模糊化思想,构造基于k匿名集的身份认证模型,替代现有协议中的唯一身份标识,实现针对基站的用户身份和设备身份双重匿名保护。在此基础上,引入可信第三方,切断服务端与基站的直接关联,屏蔽用户与接入点的映射关系,解决服务端的位置隐私问题,从而实现对用户身份和位置信息的双重隐身保护。在隐身接入机制中,引入随机因子和哈希运算等来抵御多种网络攻击。文章从理论角度分析了方案的可行性和安全性。

关键词: 无线网络, 隐身接入, 匿名认证, 基于身份的密码体制

Abstract:

Because of the inherent "user-terminal-BS-location" spatio-temporal mapping relationship between user location and wireless network, the end-to-end anonymous authentication can't solve the leakage problem of location privacy. This paper uses the idea of fuzzification to construct the identity authentication model with k-anonymous set identity, which replaces the unique identity in existing protocols and achieves double anonymity protection of user identity and device identity for BS. On this basis, the trusted third party is introduced to cut off the direct correlation between the server and BS, shield the mapping relationship between the user and the accessed BS, and solve the location privacy problem of the server, so as to achieve double-stealth protection of the user identity and location. In the stealth access mechanism, random factors and hash operations are introduced to resist a variety of network attacks. This paper analyzes the feasibility and safety of the scheme from a theoretical point of view.

Key words: wireless network, stealth access, anonymous authentication, identity-based cryptosystem

中图分类号: