In mobile social networks, people can quickly find potential friends with the same attributes by sharing personal attribute profile. These attribute profiles, however, usually contain sensitive information, if this information gets intercepted by malicious attackers it may result in unpredictable consequences. In this paper, a dual handshake privacy-preserving scheme is proposed based on user pseudo identity anonymous and hash value authentication, which is combined with identity authentication, one-way hash function and key agreement to ensure that malicious attackers can not get the real content of personal profile by identity fraud, attribute forgery, hacking security attributes and eavesdrop secure channel, thus the personal privacy can be protected. At the same time, the scheme relies on the powerful computing and anti-attack ability to trusted third party to reduce the computation cost of the intelligent terminal and security risks. Security and performance analysis demonstrates that this scheme is of high privacy, non-repudiation and verifiability and is more effective than existing solutions.%在移动社交网络中分享用户特征属性配置文件能够迅速找到与用户特征属性相同的朋友。然而,配置文件通常包含用户的敏感隐私信息,如果被恶意攻击者截获将有可能造成不可预计的后果。该文提出一种基于用户伪身份匿名与哈希值比对认证的双重握手机制的隐私保护方案,结合身份权限认证、单向哈希散列函数、密钥协商等技术保证恶意攻击者无法通过身份欺骗、伪造特征属性、窃听安全信道等方式获取用户配置文件的真实内容,从而保证用户的个人隐私不被泄漏。依靠可信第三方服务器强大的计算和抗攻击能力,减轻智能用户终端计算负担和安全风险。安全分析和实验分析表明,该方案更具有隐私性、消息不可抵赖性和可验证性,比传统的解决方案更有效。
展开▼
