面向移动定位系统的移动终端安全协议设计与实现

论文总字数：42438字

摘 要

随着信息技术高速发展，人类的生活已经发生了前所未有的改变。互联网，智能装置和感知技术的高速发展共同促进了物联网的崛起。在众多的物联网技术落地和应用当中，移动设备终端的定位问题又以其广泛的应用场景和巨大的用户数量成为物联网研究的重中之重。移动终端定位系统的大量应用带来了海量用户位置信息，而这些用户位置信息涉及到大量的用户隐私问题，需要在系统的设计中充分考虑数据传输中存在的安全隐患并了解数据加密和完整性保护方面的不足。本文所基于的面向GPS移动目标定位追踪系统以其高并发的接入方式以及庞大的设备数量而迫切需要一个高效的安全的客户端与服务器数据传输机制。本文充分考虑该移动定位系统的复杂通信模型，基于满足大规模端到端复杂通信应用需求的三方口令认证密钥交换协议，综合应用加密方案，为该移动定位系统设计出一种高效安全的客户端与服务器密钥交换协议并基于DDH假设证明了协议的安全性。在后续的客户端向服务器基于位置的查询中，通过本文的协议保证了对于客户端的隐私保护和服务器端的内容保护。

关键词：移动定位；3PAKE协议；密钥交换协议；基于位置的查询；隐私保护；内容保护

ABSTRACT

Information technology has changed human life a lot. The rapid development of the Internet, smart devices and sensing technologies have jointly promoted the rise of the Internet of Things. In the landing and application of many Internet of Things technologies, the positioning problem of mobile device terminals has become the top priority of Internet of Things research with its wide application scenarios and huge number of users. User location information involves a large number of user privacy issues, and it is necessary to fully consider the security risks in data transmission and understand data encryption and integrity in the design of the system. Insufficient protection. The GPS-oriented mobile target tracking system based on this paper urgently needs an efficient and secure client and server data transmission mechanism with its high concurrent access mode and huge number of devices. This paper fully considers the complex communication model of the mobile positioning system, based on the three-party password authentication key exchange protocol that meets the requirements of large-scale end-to-end complex communication applications, and comprehensively applies the encryption case to design an efficient and secure client-to-server password authenticated key exchange protocol for this mobile positioning system. And we demonstrated the security of this protocol based on the DDH assumptioin.

And in the subsequent client-to-server location-based query, the privacy preserving for the client and the content protecting of the server are guaranteed through the protocol of this article.

Key words: mobile positioning; 3PAKE protocol; password authenticated key exchange；location based query; privacy preserving; content protecting

目 录

第一章 绪论……………………………………………………………………………………………1

1.1 研究背景及其意义……………………………………………………………………………1

1.2 研究方向研究现状……………………………………………………………………………2

1.3 论文整体组织结构……………………………………………………………………………3

第二章 基础知识以及相关的理论介绍………………………………………………………4

2.1 Chosen-ciphertext attack简介…………………………………………………………4

2.1.1 介绍……………………………………………………………………………………4

2.1.2 攻击方式………………………………………………………………………………4

2.1.2.1 Lunchtime Attacks………………………………………………………………4

2.1.2.2 自适应选择密文攻击………………………………………………………………5

2.2 ElGamal加密算法……………………………………………………………………………5

2.2.1 加密算法介绍…………………………………………………………………………5

2.2.1.1密钥生成算法…………………………………………………………………5

2.2.1.2 加密过程………………………………………………………………………5

2.2.1.3 解密过程………………………………………………………………………6

2.2.2 实际应用………………………………………………………………………………6

2.2.3 安全分析………………………………………………………………………………6

2.2.4效率分析………………………………………………………………………………7

2.3 平滑投射哈希函数(Smooth Projective Hash Function) …………………………7

2.3.1 SPHFs的一般定义……………………………………………………………………7

2.3.2 基于密文语言的平滑投射哈希函数………………………………………………8

第三章 基于3PAKE的客户端-服务器密钥交换协议…………………………………9

3.1 协议描述………………………………………………………………………………………9

3.2 安全性证明…………………………………………………………………………………10

3.2.1 3PAKE协议的安全模型……………………………………………………………10

3.2.2 Diffie-Hellman假设………………………………………………………………12

3.2.3 安全性证明…………………………………………………………………………12

第四章 保护位置询问中隐私及内容安全性的通信协议……………………………18

4.1 协议概述………………………………………………………………………………………18

4.2 初始化数据…………………………………………………………………………………19

4.3 不经意传输阶段……………………………………………………………………………20

4.4 私人信息检索（PIR）阶段………………………………………………………………21

4.5 安全性分析…………………………………………………………………………………22

4.5.1 客户端隐私安全……………………………………………………………………22

4.5.2 服务器内容安全……………………………………………………………………23

第五章 结束语………………………………………………………………………………………23

参考文献………………………………………………………………………………………………24

致谢………………………………………………………………………………………………………29

剩余内容已隐藏，请支付后下载全文，论文总字数：42438字