电子学报 ›› 2022, Vol. 50 ›› Issue (4): 1002-1013.DOI: 10.12263/DZXB.20211021

• 学术论文 • 上一篇    下一篇

一种可隐藏敏感文档和发送者身份的区块链隐蔽通信模型

佘维1,2,3, 霍丽娟1,2, 刘炜1,2,3, 张志鸿2,4, 宋轩1,2, 田钊1,2()   

  1. 1.郑州大学网络空间安全学院,河南 郑州 450000
    2.郑州市区块链与数据智能重点实验室,河南 郑州 450000
    3.河南省互联网医疗卫生服务协同创新中心,河南 郑州 450000
    4.郑州大学信息工程学院,河南 郑州 450000
  • 收稿日期:2021-08-01 修回日期:2022-03-13 出版日期:2022-04-25 发布日期:2022-04-25
  • 通讯作者: 田钊
  • 作者简介:佘 维 男,1977年12月生,湖南常德人.博士,教授,博士生导师,CCF会员.主要研究方向为区块链技术、信息安全和可信分布式系统.E-mail: wshe@zzu.edu.cn
    霍丽娟 女,1997年6月生,河南开封人.硕士研究生,CCF会员.主要研究方向为区块链技术和网络空间安全.E-mail: lijuan.huo.zzu@outlook.com
    田 钊(通讯作者) 男,1985年9月生,河南荥阳人.博士,讲师.主要研究方向为区块链技术.E-mail: tianzhao@zzu. edu. cn
  • 基金资助:
    河南省高校科技创新人才支持计划(21HASTIT031);河南省重大公益专项(201300210300);河南省重点研发与推广专项(212102310039);郑州大学教育教学改革研究与实践项目(2021ZZUJGLX168)

A Blockchain-Based Covert Communication Model for Hiding Sensitive Documents And Sender Identity

SHE Wei1,2,3, HUO Li-juan1,2, LIU Wei1,2,3, ZHANG Zhi-hong2,4, SONG Xuan1,2, TIAN Zhao1,2()   

  1. 1.School of Cyber Science and Engineering,Zhengzhou University,Zhengzhou,Henan 450000 China
    2.Zhengzhou Key Laboratory of Blockchain and Data Intelligence,Zhengzhou,Henan 450000 China
    3.Henan Collaborative Innovation Center for Internet Medical and Health Services,Zhengzhou University,Zhengzhou,Henan 450000,China
    4.School of Information Engineering,Zhengzhou University,Zhengzhou Henan 450000 China
  • Received:2021-08-01 Revised:2022-03-13 Online:2022-04-25 Published:2022-04-25
  • Contact: TIAN Zhao

摘要:

目前,区块链隐蔽通信的研究主要是通过发起多笔交易来传输一条短消息,这一方式不仅不适用于敏感数据量大的情况,还可能存在有些交易没有被打包而造成秘密信息的丢失,而且传输过程没有隐藏发送方身份.部分区块链隐蔽通信的研究中使用的图像隐写术虽然具有嵌入率高这一优点,但是越来越难以抵御基于统计特征的检测分析.针对以上问题,本文提出一种可隐藏敏感文档和发送者身份的区块链隐蔽通信模型.首先发送方使用密文策略的属性基加密(Ciphertext-Policy Attribute-Based Encryption,CP-ABE)对敏感文档进行加密,得到加密文档后将其上传至星际文件系统(Inter Planetary File System,IPFS);然后发送方利用基于生成式对抗网络(Generative Adversarial Networks,GAN)的图像隐写术将加密文档的哈希值嵌入载体图像中,得到载密图像后将其上传至IPFS;接着发送方创建一笔含有载密图像的哈希值的交易,交易经环签名之后广播到区块链网络中进行验证打包上链;之后,接收方从交易中读取载密图像的哈希值并通过上述步骤的逆过程得到加密文档;最后接收方根据CP-ABE设置的访问控制策略解密加密文档得到敏感文档.实验结果表明,该模型在传输秘密信息量上从KB提升至MB,而且具有较高的隐蔽性和安全性.

关键词: 区块链, 隐蔽通信, 基于生成式对抗网络的图像隐写术, 环签名, 密文策略的属性基加密, 星际文件系统

Abstract:

At present, the research of blockchain covert communication mainly transmits a short message by initiating multiple transactions. This method is not suitable for situations where there is a large amount of sensitive data. And there may be some transactions that are not packaged, resulting in loss of secret information. Meanwhile, the sender's identity is not hidden during the transmission. Although the traditional image steganography used in some research has the advantage of high embedding rate, it is increasingly difficult to resist detection and analysis based on statistical features. To solve the above problems, this paper proposes a blockchain-based covert communication model for hiding sensitive documents and sender identity. First, the sender encrypts a sensitive document using cipertext-policy attribute-based encryption(CP-ABE), and then uploads the encrypted document to inter planetary file system(IPFS). Next, the sender embeds the hash value of the encrypted document into a cover-image employing the image steganography based on generative adversarial networks(GAN), and then uploads the stego-image to IPFS. After that, the sender creates a transaction containing the hash value of the stego-image and signs it using the ring signature, and then broadcasts the transaction to the blockchain network for verification and package into a block. Then the receiver reads the hash value of the stego-image from the transaction and obtains the encrypted document through the inverse process of the above steps. Finally, the receiver decrypts the encrypted document and obtains the sensitive document according to the access control policy set by CP-ABE. The experimental results show that the model can greatly improve the capacity of secret information from KB to MB during the transmission, and has high concealment and security.

Key words: blockchain, cover communication, image steganography based on generative adversarial networks(GAN), ring signature, cipertext-policy attribute-based encryption(CP-ABE), inter planetary file system(IPFS)

中图分类号: