解決疼點
Resolve Pain Point

市場上的大多數即時通訊系統提供商(IMSP)都要求準用戶發送其個人信息(例如電子郵件,用戶名和密碼)以在提供商的中央服務器上進行註冊。只有這樣做,用戶才能在以後嘗試登錄訪問服務時使用該信息向集中式服務器進行身份驗證。一些潛在的用戶可能會錯誤地認為他們的個人信息是唯一的,並且他們的通信是安全的,因為IMSP聲稱已針對現有用戶檢查了該個人信息是否存在潛在的重複。但是實際上,創建帳戶的是IMSP,他們總是可以偽造任何用戶信息以達到不道德的目的。為了解決這個問題,西蒂姆(Citum)使用一種獨特的身份驗證機制來更好地檢查和平衡用戶與IMSP:一個用戶的個人身份驗證信息完全由用戶自己本人生成,而不依靠其他人生成。 IMSP仍然擁有授予授權用戶訪問其服務的權利。


Most instant messenger system providers (IMSPs) in the marketplace require prospective users to send in their personal information (e.g., email, username, and password) to register at the providers’ centralized servers. Only in doing so, the users can use the info to authenticate themselves to the centralized servers when they try to login to access the service in the future. Some prospective users may mistakenly believe that their personal information is unique and that their correspondence is secure because IMSP claims that personal information is checked against existing users for potential duplicates. But in fact, it is the IMSPs who create the account and they can always forge any user information for unethical ends. To tackle that, Citium uses a unique authentication mechanism for better checks and balances between users and IMSP: A user authentication info is entirely generated by the user but no one else. IMSPs still own the rights to grant authorized users access to their services.

傳統方案
Traditional Solution

傳統上,即時通訊系統提供商(IMSP)通過以下身份驗證和授權機制為其用戶提供服務:

  1. 用戶向IMSP提交他/她的用戶信息(例如,帳戶ID和密碼)。
  2. IMSP驗證用戶信息。
  3. IMSP授權用戶使用其服務。

由於IMSP擁有所有用戶信息,因此傳統的方式在密碼分析上並不安全,因此從理論上講IMSP可能會偽造用戶行為。 此外,IMSP有時無法確保免受駭客入侵和惡意攻擊。 最後但並非最不重要的一點是,社交黑客 會攻擊粗心的用戶,這些粗心的用戶會在不同的IMSP上同一套用戶資料(例如,一摸一樣的用戶名、性別和年齡)。 僅其中一個IMSP的安全漏洞 可能會導致用戶在整個互聯網上遭受隱私洩露。

Traditionally, instant messenger system providers (IMSPs) provide service to their users through the following authentication and authorization regime:

  1. A user submits his/her user info (e.g., account ID and password) to the IMSP.
  2. IMSP authenticates the user info.
  3. IMSP authorizes the user to use its service.

The traditional regime is not cryptanalytically secure, because IMSP holds all user info so that it is theoretically possible for the IMSP to falsify user behavior. Moreover, IMSP sometimes fails to secure against malicious attacks. Last but not least, social hacking preys on careless users who apply the same set of profiles (e.g., same username, gender, and age) at different IMSPs. Security breach at one of these IMSPs may cause Internet-wide privacy leak for the users.

西蒂姆方案
Citium Solution

西蒂姆與傳統的身份驗證和授權機制不同。西蒂姆無需提交用戶信息,其工作方式如下:

  1. 用戶將僅與適用服務會話有關的用戶簽名提交給IMSP。
  2. IMSP驗證簽名。
  3. IMSP授權用戶使用其服務。

西蒂姆體制在密碼分析上是安全的,因為在西蒂姆的體制中 即時通訊系統提供商(IMSP)從理論上說不可能偽造用戶行為。即使IMSP被駭客成功攻陷了,駭客也無法偽造用戶的簽名或行為。最重要的是,因為西蒂姆機制的設計類似於黑匣子,所以即使是最粗心的用戶也無法洩漏個人信息。有人將這種方法稱為零知識證明。 IMSP可以對用戶進行身份驗證並授權通信服務,而無需獲取任何用戶隱私信息。此外,由於在西蒂姆體制中任何IMSP或不懷好意的駭客都不再可能選擇性地延遲或拒絕服務,因此無法對用戶的行為進行未經授權的分析。

Citium is different from the traditional authentication and authorization regime. Instead of submitting user info, Citium works as follows:

  1. A user submits his/her user signature pertaining only to the applicable service session to the IMSP.
  2. IMSP authenticates the signature.
  3. IMSP authorizes the user to use its service.

The Citium regime is cryptanalytically secure because IMSPs are theoretically impossible to falsify user behavior. Even if the IMSP is hacked, the attacker is also theoretically unable to falsify the user’s signature or behavior. Most importantly, even the most careless users are unable to leak personal information because the Citium regime is designed like a black-box. Some call such an approach as zero-knowledge proof. IMSPs can authenticate users and authorize communication services without the need to obtain any user privacy information. Since any IMSP or unscrupulous hacker in the Citium regime can no longer be able to selectively delay or deny service, it is impossible to perform unauthorized analysis of user behavior.