240 likes | 400 Views
On Location Privacy in Vehicular Mix-Networks. Julien Freudiger IC-29 Self-Organised Wireless and Sensor Networks Tutors: Maxim Raya Márk Félegyházi. Outline. Problem Statement System Model Vehicular Networks Adversary Mix-zone Cryptographic Mix-zones The CMIX protocols
E N D
On Location Privacy in Vehicular Mix-Networks Julien Freudiger IC-29 Self-Organised Wireless and Sensor Networks Tutors: Maxim Raya Márk Félegyházi
Outline • Problem Statement • System Model • Vehicular Networks • Adversary • Mix-zone • Cryptographic Mix-zones • The CMIX protocols • Vehicular Mix-Networks • Dynamic Mix-Networks • Results
1. Problem Statement What location privacy?
Our Approach • Create Mix-zones • Use Pseudonyms
2. Vehicular Networks • Safety messages • position (p), speed (s) and acceleration (a) • Time stamp • Assume Public Key Infrastructure (PKI) • Certification Authority (CA) distributes pseudonyms • Pi,k with k=1,…,F for vehicle i • To each Pik correspondspublic/private key pair (Ki,k,Ki,k-1) • Pik = H(Ki,k)
Adversary Model Adversary types: • Weak Adversary (WA) • Global Passive External with incomplete information • Strong Adversary (SA) • Global Passive External with complete information • RSU Adversary • Global Passive partially Internal with complete information
Mix-Zones definition • Goal: Obscure relation of incoming and outgoing traffic => Unlinkability • Strong adversary observes location and time of entering/exiting events: • Entering event: k = (n,) i.e., on road n at time • Exiting event: l = (e,’) i.e., on road e at time ’ • Strong adversary has statistical information about mix-zones • Location: pn,e = Prob(“Vehicle enters on road n and exits on road e”) • Timing: qn,e(t) = Prob(“Time spent between n and e is t”) Prk ! l = Prob(“ Mapping of entering event k to exiting event l ”)
Mix-Zones Effectiveness • Measure effectiveness with entropy: • Maximize entropy • High density (N) • High unpredictability (p,q) where N= # of vehicles Mix-zones at road intersections =>
3. Cryptographic Mix-Zone • Silent Mix-zones: • Turn off transceivers • Unconditional security • Cryptographic Mix-zones (CMIX): • Encrypt Safety Messages • Symmetric Cryptography • Computational security • Not user centric Not in the scope of Vehicular Networks
Centralized CMIX Protocol (pi,si,ai) = Safety message of vehicle i Ts = Time stamp Sign = Digital Signature Certi,k = k-th Certificate of vehicle i SK = Symmetric Key
Distributed CMIX Protocol (pi,si,ai) = Safety message of vehicle i Ts = Time stamp Sign = Digital Signature Certi,k = k-th Certificate of vehicle i SK = Symmetric Key
Centralized CMIX ProtocolRSUs Adversary (pi,si,ai) = Safety message of vehicle i Ts = Time stamp SignRing = Ring Signature DescRing = Ring description SK = Symmetric Key • Ring Signatures : • Anonymous signatures based on groups • Require public keys of all the group members • Accountable signature scheme
4. Vehicular Mix-Networks • Mix-network cumulative entropy for vehicle v: where L= Length of the path
Dynamic Mix-Networks Dynamics • Set of traversed mix-zones always different • Mix-zones have different qn,e(t) • Path length L varies for each vehicle v • Lv ~ N(v, v) Upper Bounds • WA model in Vehicular Mix-zone: • H(v) · log2(N) • WA model in Vehicular Mix-network: • E[log2(N)] · log2(E[N])
5. Simulation Setup Network model • 10X10 Manhattan network with 4 roads/intersection • N ~ Poisson() • ~ Uniform[0,T] • Uniform random walk, pn,e ~ U(1/4) • qn,e ~ N(n,e, n,e) Metrics • Entropy • Cumulative Entropy • Intersection Mapping Success Ratio (SR) • Vehicle Mapping Success Ratio (SR)
Results - Discussion • Achievable anonymity depends on • Traffic conditions determine location privacy • Resistance to privacy degradation • Dynamic mix-networks offer good resistance • Dynamic mix-networks are strong when • global uniformity • local diversity
Future Work • Results on VANET simulator • More realistic delay characteristics qn,e(t) and traffic patterns • Extending towards user-centric location privacy • Cooperation for privacy • Cost of privacy • Ring signatures • Anonymous signatures scheme for mobile networks with non-repudiation
Conclusion • Location privacy in vehicular networks • Cryptographic mix-zones (CMIX) • Dynamic mix-networks • Bounds on anonymity • High location privacy for various types of adversaries
Related Work • A. R. Beresford. Mix-zones: User privacy in location-aware services. PerSec 2004 • L. Huang, K. Matsuura, H. Yamane, and K. Sezaki. Silent cascade: Enhancing location privacy without communication QoS degradation. SPC 2005 • M. Li, K. Sampigethaya, L. Huang, and R. Poovendran. Swing & Swap: User-centric Approaches Towards Maximizing Location Privacy. WPES 2006 • R. Rivest, A. Shamir, and Y. Tauman. How to leak a secret. ASIACRYPT 2001
CMIX Discussion • Extended mix-zone • Overlapping mix-zones • Same SK over several mix-zones • Attacks • As secure as symmetric crypto • Key establishement