On the Economics of Anonymity in Vehicular Networks

Document Sample
On the Economics of Anonymity in Vehicular Networks Powered By Docstoc
					On Location Privacy in Vehicular
         Mix-Networks
                 Julien Freudiger
     IC-29 Self-Organised Wireless and Sensor Networks




                     Tutors:                Maxim Raya
                                         Márk Félegyházi

                     Mini-Project 2007
                        Outline
1.       Problem Statement

2.       System Model
     –     Vehicular Networks
     –     Adversary
     –     Mix-zone

3.       Cryptographic Mix-zones
     –     The CMIX protocols

4.       Vehicular Mix-Networks
     –     Dynamic Mix-Networks

5.       Results
                                             2
                         Mini-Project 2007
                      1. Problem Statement

What location privacy?
                                                                  RSU




                                                                                               V3


                                                                                  {(p3,s3,a3), timestamp, sign, cert3,k}
                                                                                             every 100 [ms]
                              {(p2,s2,a2), timestamp, sign, cert2,k}
                                         every 100 [ms]




                                                                        V2
                                                                             {(p4,s4,a4), timestamp, sign, cert4,k}
                                                                 RSU                    every 100 [ms]
                                                                                               V4



                         V1


        {(p1,s1,a1), timestamp, sign, cert1,k}
                   every 100 [ms]



                                                                                                                           3
                                                       Mini-Project 2007
                                     Our Approach
                                                                          mix-zone

• Create Mix-zones                                             RSU

• Use Pseudonyms
                                                                                       V3


                                                                          {(p3,s3,a3), timestamp, sign, cert3,k}
                                                                               sent by V3 every 100 [ms]
                                                                                 under pseudonym P3,k
                      {(p2,s2,a2), timestamp, sign, cert2,k}




                                                                     V2
                           sent by V2 every 100 [ms]
                             under pseudonym P2,k



                                                                          {(p4,s4,a4), timestamp, sign, cert4,k}
                                               mix-zone                        sent by V4 every 100 [ms]
                                                               RSU               under pseudonym P4,k
                                                                                      V4



                      V1

     {(p1,s1,a1), timestamp, sign, cert1,k}
          sent by V1 every 100 [ms]
            under pseudonym P1,k



                                                                                                                   4
                                                     Mini-Project 2007
             2. Vehicular Networks




• Safety messages
  – position (p), speed (s) and acceleration (a)
  – Time stamp
• Assume Public Key Infrastructure (PKI)
  – Certification Authority (CA) distributes pseudonyms
      • Pi,k with k=1,…,F for vehicle i
  – To each Pik corresponds public/private key pair (Ki,k,Ki,k-1)
      • Pik = H(Ki,k)
                                                                    5
                               Mini-Project 2007
                        Adversary Model
Adversary types:
     Local/Global:                           Internal/External:
          Monitoring area                          Member of the network or not

     Active/Passive:                         Complete/Incomplete
          Alter information or not           Information:
                                                   Amount of information

1.        Weak Adversary (WA)
      •     Global Passive External with incomplete information
2.        Strong Adversary (SA)
      •     Global Passive External with complete information
3.        RSU Adversary
      –     Global Passive partially Internal with complete information
                                                                                  6
                                     Mini-Project 2007
                   Mix-Zones definition
•   Goal: Obscure relation of incoming and outgoing traffic => Unlinkability




                                                    V2
                                   mix-zone
                                              RSU

                                                             V4



                              V1




•   Strong adversary observes location and time of entering/exiting events:
     – Entering event:      k = (n,)                    i.e., on road n at time 
     – Exiting event:       l = (e,’)                   i.e., on road e at time ’

•   Strong adversary has statistical information about mix-zones
     – Location:   pn,e = Prob(“Vehicle enters on road n and exits on road e”)
     – Timing:     qn,e(t) = Prob(“Time spent between n and e is t”)

     Prk ! l = Prob(“ Mapping of entering event k to exiting event l ”)
                                                                                      7
                                        Mini-Project 2007
         Mix-Zones Effectiveness
• Measure effectiveness with entropy:
                                   N
                     H (v)   Prk l  log 2 (Pr k l )
                                  k 1


                                                            where N= # of vehicles
• Maximize entropy
                        Max( H (v))
                          pn ,e , qn ,e ( t ), N


   – High density (N)
                                                      Mix-zones at road
   – High unpredictability (p,q)                   => intersections

                                                                               8
                          Mini-Project 2007
     3. Cryptographic Mix-Zone

• Silent Mix-zones:                     Not in the scope of
  – Turn off transceivers               Vehicular Networks
  – Unconditional security

• Cryptographic Mix-zones (CMIX):
  – Encrypt Safety Messages
  – Symmetric Cryptography
  – Computational security
  – Not user centric


                                                              9
                    Mini-Project 2007
             Centralized CMIX Protocol




(pi,si,ai)   =   Safety message of vehicle i
Ts           =   Time stamp
Sign         =   Digital Signature
Certi,k      =   k-th Certificate of vehicle i
SK           =   Symmetric Key
                                                           10
                                       Mini-Project 2007
                 Distributed CMIX Protocol




(pi,si,ai)   =    Safety message of vehicle i
Ts           =    Time stamp
Sign         =    Digital Signature
Certi,k      =    k-th Certificate of vehicle i
SK           =    Symmetric Key
                                                            11
                                        Mini-Project 2007
             Centralized CMIX Protocol
                 RSUs Adversary




(pi,si,ai)   =   Safety message of vehicle i    Ring Signatures :
Ts           =   Time stamp                     • Anonymous signatures based on groups
SignRing     =   Ring Signature                 • Require public keys of all the group members
DescRing     =   Ring description               • Accountable signature scheme
SK           =   Symmetric Key
                                                                                           12
                                      Mini-Project 2007
      4. Vehicular Mix-Networks




• Mix-network cumulative entropy for vehicle v:
                               L
              H tot (v, L)   H i (v)
                                         where L= Length of the path
                              i 1
                                                                  13
                     Mini-Project 2007
         Dynamic Mix-Networks
Dynamics
• Set of traversed mix-zones always different
• Mix-zones have different qn,e(t)
• Path length L varies for each vehicle v
  – Lv ~ N(v, v)

Upper Bounds
• WA model in Vehicular Mix-zone:
  – H(v) · log2(N)
• WA model in Vehicular Mix-network:
  – E[log2(N)] · log2(E[N])

                                                14
                       Mini-Project 2007
            5. Simulation Setup
Network model
• 10X10 Manhattan network with 4 roads/intersection
• N ~ Poisson()
•  ~ Uniform[0,T]
• Uniform random walk, pn,e ~ U(1/4)
• qn,e ~ N(n,e, n,e)

Metrics
• Entropy
• Cumulative Entropy
• Intersection Mapping Success Ratio (SR)
• Vehicle Mapping Success Ratio (SR)
                                                      15
                       Mini-Project 2007
Mix-Zone Entropy




                         16
     Mini-Project 2007
Mix-Zone SR




                      17
  Mini-Project 2007
Mix-Networks Entropy




                           18
       Mini-Project 2007
Mix-Networks SR




                        19
    Mini-Project 2007
          Results - Discussion
• Achievable anonymity depends on 
  – Traffic conditions determine location privacy

• Resistance to privacy degradation
  – Dynamic mix-networks offer good resistance
  – Dynamic mix-networks are strong when
    • global uniformity
    • local diversity



                                                    20
                          Mini-Project 2007
                   Future Work
• Results on VANET simulator
  – More realistic delay characteristics qn,e(t) and traffic
    patterns


• Extending towards user-centric location privacy
  – Cooperation for privacy
  – Cost of privacy


• Ring signatures
  – Anonymous signatures scheme for mobile networks
    with non-repudiation
                                                               21
                         Mini-Project 2007
                   Conclusion
•   Location privacy in vehicular networks
•   Cryptographic mix-zones (CMIX)
•   Dynamic mix-networks
•   Bounds on anonymity
•   High location privacy for various types of
    adversaries




                                                 22
                       Mini-Project 2007
                    Related Work
• A. R. Beresford. Mix-zones: User privacy in location-aware services.
  PerSec 2004

• L. Huang, K. Matsuura, H. Yamane, and K. Sezaki. Silent cascade:
  Enhancing location privacy without communication QoS
  degradation. SPC 2005

• M. Li, K. Sampigethaya, L. Huang, and R. Poovendran. Swing &
  Swap: User-centric Approaches Towards Maximizing Location
  Privacy. WPES 2006

• R. Rivest, A. Shamir, and Y. Tauman. How to leak a secret.
  ASIACRYPT 2001

                                                                         23
                            Mini-Project 2007
            CMIX Discussion
• Extended mix-zone



• Overlapping mix-zones
  – Same SK over several mix-zones

• Attacks
  – As secure as symmetric crypto
  – Key establishement
                                       24
                   Mini-Project 2007

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:5
posted:6/8/2012
language:Latin
pages:24