1 / 27

Location Services with Built-In Privacy

Location Services with Built-In Privacy. Mike Hamburg Stanford University Joint work with Arvind Narayanan, Narendran Thiagarajan, Mugdha Lakhani, Dan Boneh. Location-based social networking. Finally taking off?. Why privacy?. EFF, tech companies lobbying for ECPA revision

sofia
Download Presentation

Location Services with Built-In Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Location Services with Built-In Privacy Mike Hamburg Stanford University Joint work with Arvind Narayanan, Narendran Thiagarajan, Mugdha Lakhani, Dan Boneh

  2. Location-based social networking • Finally taking off?

  3. Why privacy? EFF, tech companies lobbying for ECPA revision Why do service providers care? Positive externality

  4. This talk: Private proximity testing Goal: Detect when friends are nearby When not nearby, friends don’t see your location Server never sees your location First step toward more complex functionality

  5. Proximity testing: some applications Granularity must be user-configurable

  6. Client-server vs. peer-to-peer Only client-server model supports configurable granularity Poor/nonexistent infrastructure for complex peer-to-peer protocols

  7. Mathematical formulation: not obvious “Pairs of friends get notified whenever they are within 100ft of each other” Triangulation attack

  8. Reducing proximity test to equality test

  9. Correct method: 3 hexagonal grids Users are “close” if they match on one of three grids

  10. Equality testing ? Space of possible locations is small! ElGamal-like cryptographic protocol based on Decisional Diffie Hellman (DDH) problem (Lipmaa) Too expensive! Requires both users to be online at once =

  11. A three-party protocol Server learns which users are near each other Still a privacy breach!

  12. Three-party done right Server can cause users to compute wrong answer but cannot cause privacy breach Avoids need for big integer arithmetic Information-theoretic security

  13. Problem: online brute-force attack If only there were a way to verify that a user really is where they claim to be…

  14. Location tags

  15. Properties of location tags Location tag = vector + matching function i.e., space-time fingerprint Unpredictability cannot produce matching tag unless nearby Reproducibility two devices at same place & time produce matching tags (not necessarily identical)

  16. Location tags using WiFi packets Discard packets like TCP that may originate outside local network • DHCP, ARP, Samba etc. are local 15 packets/sec on CS/EE VLAN Two different devices see about 90% of packets in common

  17. Location features Each packet is a “location feature” At least around 10 bits of entropy Timing, source/destination and other packet contents Tag with 15 location features gives > 80-bit security level

  18. Comparing location tags Need to compare two vectors that match approximately: fuzzy set intersection Basic concept: Alice encodes vector as polynomial Sends random points on polynomial to Bob Intersection size is large  few enough “errors”  Bob can decode using Berlekamp-Massey algorithm

  19. Shared secret keys Traditional solution: PKI PGP (un)usability study Better solution: Identity-based encryption Our solution: bind public keys to social identities

  20. SocialKeys My Facebook profile

  21. Android implementation

  22. Android implementation

  23. Android implementation

  24. Android implementation

  25. Other location privacy questions Location based advertising Location based search Location statistics

  26. Summary Proximity testing: useful primitive, tricky to define! Improve constant factor in crypto protocols for Private Equality Testing Location tags to enhance location privacy SocialKeys: transparent crypto via key sharing over social networks

  27. Thank you

More Related