Chapter 13 Location Privacy

Similar documents
MIX Network for Location Privacy First Draft

Security functions in mobile communication systems

Wireless Attacks and Countermeasures

2001, Cisco Systems, Inc. All rights reserved. Copyright 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.

Security in ECE Systems

Wireless Security Security problems in Wireless Networks

UNIT-5. GSM System Operations (Traffic Cases) Registration, call setup, and location updating. Call setup. Interrogation phase

MIXes in Mobile Communication Systems: Location Management with Privacy *

Addressing Privacy: Matching User Requirements with Implementation Techniques

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2012

Transaction Privacy in Wireless Networks

Network Security (NetSec)

Secure and Authentication Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography.

Protocols for Anonymous Communication

Defeating IMSI Catchers. Fabian van den Broek et al. CCS 2015

Network Security. Security of Mobile Internet Communications. Chapter 17. Network Security (WS 2002): 17 Mobile Internet Security 1 Dr.-Ing G.

City Research Online. Permanent City Research Online URL:

0x1A Great Papers in Computer Security

Request for Comments: Cisco Systems January 2006

Privacy and Anonymity in the Internet

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

Source Anonymous Message Authentication and Source Privacy using ECC in Wireless Sensor Network

E3-E4 (CM MODULE) CDMA x & EV-DO. For internal circulation of BSNL only

Privacy through Pseudonymity in Mobile Telephony Systems

Mohammad Hossein Manshaei 1393

Grandstream Networks, Inc. GWN7000 OpenVPN Site-to-Site VPN Guide

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Subject: Adhoc Networks

5G-ENSURE. Privacy Enablers. (Project Number )

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, autumn 2015

GLOBAL SYSTEM FOR MOBILE COMMUNICATION (2) ETI2511 Friday, 31 March 2017

Communication Networks 2 Signaling 2 (Mobile)

A Pattern Language for Mobility Management [1] Petri Jokela

UMTS System Architecture and Protocol Architecture

Mobile Security Fall 2011

Achieving User Privacy in Mobile Networks

Session key establishment protocols

Network Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2011

Wireless Network Security Spring 2014

Session key establishment protocols

Module 28 Mobile IP: Discovery, Registration and Tunneling

GPSIH: A Generic IP-Based Scheme For Identity Hiding In MANETs.

5 Tips to Fortify your Wireless Network

Efficient GSM Authentication and Key Agreement Protocols with Robust User Privacy Protection

11:1 Anonymous Internet Access Method for Wireless Systems

The Mobile Equipment Identifier (MEID)

New Privacy Issues in Mobile Telephony: Fix and Verification

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

Quality of Service and Security as Frameworks toward Next-Generation Wireless Networks

Anonymization for web, fixed line, and mobile applications

NETLMM Security Threats on the MN-AR Interface draft-kempf-netlmm-threats-00.txt

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

COPYRIGHTED MATERIAL. Index

SECURE ROUTING PROTOCOLS IN AD HOC NETWORKS

CIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec

Mobile network security report: Ukraine

SYSTEM THREAT ANALYSIS FOR HIGH ASSURANCE SOFTWARE DEFINED RADIOS

Computer and Network Security

Cellular Mobile Systems and Services (TCOM1010) GSM Architecture

Securing SMS of a GSM Network Message Center Using Asymmetric Encryption Technique Algorithm.

Fraud Prevention and User Privacy in Mobile Computing (extended summary)

PORTABLE communication systems (PCSs) do not require

WLAN Security Overview

On Privacy and Anonymity in Knowledge Externalization

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. EJ Jung

Anonymity. Assumption: If we know IP address, we know identity

Contents. GSM and UMTS Security. Cellular Radio Network Architecture. Introduction to Mobile Telecommunications

Security by Spatial Reference

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

Network Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

Wireless LAN Security (RM12/2002)

Part 1. Lecturer: Prof. Mohamed Bettaz Coordinator: Prof. Mohamed Bettaz Internal Examiner: Dr. Mourad Maouche. Examination Paper

NS-AKA: An Improved and Efficient AKA Protocol for 3G (UMTS) Networks

Defining Anonymity in Networked Communication, version 1

CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals

A Privacy-Aware Service Protocol for Ubiquitous Computing Environments

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Wireless and Mobile Network Investigation

Assignment Project Whitepaper ITEC495-V1WW. Instructor: Wayne Smith. Jim Patterson

Grandstream Networks, Inc. GWN7000 Multi-WAN Gigabit VPN Router VPN Configuration Guide

Privacy defense on the Internet. Csaba Kiraly

Mobile Security Fall 2013

Network Encryption 3 4/20/17

COMP327 Mobile Computing Session: Lecture Set 6 - Personal Area Networks and Wireless Connections - Part 2

Secure 3G user authentication in ad-hoc serving networks

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

GPRS security. Helsinki University of Technology S Security of Communication Protocols

Anonymous Communication: DC-nets, Crowds, Onion Routing. Simone Fischer-Hübner PETs PhD course Spring 2012

Mobile Security Fall 2013

Managing and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer

CIS 5373 Systems Security

Understand iwag Solution for 3G Mobile Data

Mobile Communications Chapter 9: Network Protocols/Mobile IP

Network Security: Cellular Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2013

Introduction to VANET

Detecting & Eliminating Rogue Access Point in IEEE WLAN

Data Security for Wireless Mesh Network Using Onion Routing Algorithm Shruti Patil 1, Suvarna Kanakaraddi 2, Chetankumar Patil 3

Wireless Network Security Spring 2013

Internet of Things (IoT) Attacks. The Internet of Things (IoT) is based off a larger concept; the Internet of Things came

Transcription:

Chapter 13 Location Privacy Security aspects of mobile communication Implicit addressing Pseudonyms Communication mixes [NetSec], WS 2007/2008 13.1

Security Aspects of Mobile Communication Mobile communication faces all threats that does its fixed counterpart: Masquerade, eavesdropping, authorization violation, loss / modification / forgery of transmitted information, repudiation of communication acts Thus, similar measures like in fixed networks have to be taken However, there are specific issues arising out of mobility of users and/or devices: Some already existing threats get more dangerous: Wireless communications is more accessible for eavesdropping The lack of a physical connection makes it easier to access services Some new difficulties for realizing security services: Authentication has to be re-established when the mobile device moves Key management gets harder as peer identities can not be predetermined One completely new threat: The location of a device / user becomes a more important information that is worthwhile to eavesdrop on and thus to protect [NetSec], WS 2007/2008 13.2

Location Privacy in Mobile Networks Identifier GSM/UMTS: IMEI WLAN: MAC Address Bluetooth: MAC address [NetSec], WS 2007/2008 13.3

Location Privacy in Mobile Networks There is no appropriate location privacy in today s mobile networks: GSM / UMTS: Active attackers can collect IMSIs on the air interface Visited network s operators can partially track the location of users Home network operators can fully track the location of users However, at least communicating end systems can not learn about the location of a mobile device Wireless LAN / IPv6: No location privacy, as the (world-wide unique) MAC address is always included in the clear in every MAC frame Mobile IP: Standard Mobile IP: HA can fully / FA can partially track MNs Mobile IP with AAA: no location privacy on air interface, foreign AAA infrastructure can partially / home AAA server can fully track MNs Mobile IP with route optimization: even CNs can track an MN from everywhere around the world if the MN wishes to use the optimization [NetSec], WS 2007/2008 13.4

Location Privacy in Mobile Networks The basic location privacy design problem: A mobile device should be reachable No (single) entity in the network should be able to track the location of a mobile device Some fundamental approaches to this problem [Müller99a]: Broadcast of messages: Every message is sent to every possible receiver If confidentiality is needed, the message is encrypted asymmetrically This approach does not scale well for large networks / high load Temporary pseudonyms: Mobile devices use pseudonyms which are changed regularly However, to be able to reach the mobile device this needs a mapping entity which can track the mobile s history of pseudonyms Mix networks: Messages are routed via various entities (mixes) and every entity can only learn a part of the message route [NetSec], WS 2007/2008 13.5

Addressing schemes Addressing schemes for location privacy with broadcast: Explicit addresses: Every entity that sees an explicit address is able to determine the addressed entity Implicit addresses: An implicit address does not identify a specific device or location, it just names an entity without any further meaning attached to the name Visible implicit addresses: Entities that see multiple occurrences of an address can check for equality Invisible implicit addresses: Only the addressed entity can check for equality of the address This requires public key operations: ImplAddr A = {r B, r A } +K A where r A is chosen by the addressed entity and r B is a random value created by an entity B which wants to invisibly make reference to entity A [NetSec], WS 2007/2008 13.6

Pseudonyms Temporary Pseudonyms: The location of a device A is no longer stored with its identification ID A but with a changing pseudonym P A (t) Example: VLRs in GSM might just know and store the TMSI (which is kind of a temporary pseudonym) The mapping of an ID A to the current pseudonym P A (t) is stored in a trustworthy device Example: GSM HLRs might be realized as trustworthy devices When an incoming call has to be routed to the current location of device A: The network provider of device A asks the trustworthy device for the current pseudonym P A (t) The network then routes the call to the current location of A by looking up the temporary pseudonym in a location database It is important, that the entities that route a call can not learn about the original address of the call setup message ( implicit addresses) The use of mixes (see below) can provide additional protection against attacks from colluding network entities [NetSec], WS 2007/2008 13.7

Communication mixes Communication mixes: The concept was invented in 1981 by D. Chaum for untraceable email communication A mix hides the communication relations between senders and receivers: It buffers incoming messages which are asymmetrically encrypted so that only the mix can decrypt them It changes the appearance of messages by decrypting them It changes the order of messages and relays them in batches However, if the mix is compromised an attacker can learn everything Security can be increased by cascading mixes Example: A sends a message m to B via two mixes M1 and M2 A M1: {r 1,{r 2, {r 3, m} } } +K B +KM2 +KM1 M1 M2: {r 2, {r 3, m} } +K B +KM2 M2 B: {r 3, m} +K B It is important, that the mixes process enough messages [NetSec], WS 2007/2008 13.8

Communication mixes M1, {M3, {M4, {M2, {M5, {Dest, {Message} +KD } +KM5 } +KM2 } +KM4 } +KM3 } +KM1 Source M1 M4 M3 M2 M5 Dest [NetSec], WS 2007/2008 13.9

Summary (what do I need to know) Security aspects of mobile communication Same as for all other communication networks PLUS location privacy issues Addressing schemes Implicit addressing Temporary pseudonyms Communication mixes Chaum s mix [NetSec], WS 2007/2008 13.10

Additional References [Chaum81] [Chaum88] [Müller99a] D. Chaum, "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms," Communications of the ACM, vol. 24, pp. 84-88, 1981. D. Chaum, "The Dining Philosophers Problem: Unconditional Sender and Receiver Untraceability," Journal of Cryptology, vol. 1 (1), pp. 65-75, 1988. G. Müller, K. Rannenberg (Ed.). Multilateral Security in Communications. Addison-Wesley-Longman, 1999. [NetSec], WS 2007/2008 13.11

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback