Dogan Kesdogan

Stop-and-Go-MIXes Providing Probabilistic Anonymity in an Open System

Currently known basic anonymity techniques depend on identity verification. If verification of user identities is not possible due to the related management overhead or a general lack of information (e.g. on the Internet), an adversary can participate several times in a communication relationship and observe the honest users. In this paper we focus on the problem of providing anonymity without identity verification. The notion of probabilistic anonymity is introduced. Probabilistic anonymity is based on a publicly known security parameter, which determines the security of the protocol. For probabilistic anonymity the insecurity, expressed as the probability of having only one honest participant, approaches 0 at an exponential rate as the security parameter is changed linearly. Based on our security model we propose a new MIX variant called “Stop-and-Go-MIX” (SG-MIX) which provides anonymity without identity verification, and prove that it is probabilistically secure.

Variable and scalable security: protection of location information in mobile IP

The amount of mobile and nomadic computing is expected to increase dramatically in the near future. Hand in hand with this ubiquitous mobile computing security and privacy problems show up, which have not been dealt with sufficiently up to now. The main problems are traffic analysis and the easy access to location information, for example in the popular Internet just by looking at the address headers of messages. The need for security and privacy supporting networks is discussed. We present the nondisclosure method (NDM) as a way to provide the user with variable and scalable security and privacy. We exemplarily demonstrate the applicability of NDM in an existing network by presenting an upward compatible protocol extension to the Internet protocol (IP), the secure IP in IP protocol. Its main design goal is the untraceability of network connections in mobile environments.

Measuring anonymity: the disclosure attack

Anonymity services hide user identity at the network or address level but are vulnerable to attacks involving repeated observations of the user. Quantifying the number of observations required for an attack is a useful measure of anonymity.

How to increase security in mobile networks by anomaly detection

The increasing complexity of cellular radio networks yields new demands concerning network security. Especially the task of detecting, repulsing and preventing abuse both by in- and outsiders becomes more and more difficult. This paper deals with a relatively new technique that appears to be suitable for solving these issues, i.e. anomaly detection based on profiling mobile users. Mobility pattern generation and behavior prediction are discussed in depth, before a new model of anomaly detection that is based on the Bayes decision rule is introduced. Applying this model to mobile user profiles proves the feasibility of our approach. Finally, a special emphasis is put on discussing privacy aspects of anomaly detection.

Privacy enhancing identity management: protection against re-identification and profiling

User centric identity management will be necessary to protect users privacy in an electronic society. However, designing such systems is a complex task, as the expectations of the different parties involved in electronic transactions have to be met. In this work we give an overview on the actual situation in user centric identity management and point out problems encountered there. Especially we present the current state of research and mechanisms useful to protect the users privacy. Additionally we show security problems that have to be borne in mind while designing such a system and point out possible solutions. Thereby, we concentrate on attacks on linkability and identifiability, and possible protection methods.

Fundamental limits on the anonymity provided by the MIX technique

The MIX technique forms the basis of many popular services that offer anonymity of communication in open and shared networks such as the Internet. In this paper, fundamental limits on the anonymity provided by the MIX technique are found by considering two different settings. First, we consider an information theoretic setting to determine the extent of information inherent in observations of the traffic passing through the MIX. We show that if the size of sender anonymity sets is less than the total user population, the information contained in traffic observations is sufficient to deduce all communication relationships between senders and receivers using the MIX. More importantly, we show that even if every user sends a message in each communication round, it is possible to compromise the anonymity significantly. We precisely characterize the extent of compromised anonymity in each case. In the second setting, we assume that the attacker has unlimited computational resources and is free to choose any attack algorithm. We derive tight upper and lower bounds on the minimum number of observations required to deduce all recipient peer-partners of a targeted user. The analysis done in these two settings reveals many discrete mathematical structures inherent in anonymity sets, and the intuition gained from these structures can be used when designing or using a MIX based anonymity technique

Location management strategies increasing privacy in mobile communication

Mobile communication offers many new opportunities. However, because of the mobility of the subscribers trustworthiness of data, reliability and security are major issues.

TrustedPals: secure multiparty computation implemented with smart cards

We study the problem of Secure Multi-party Computation (SMC) in a model where individual processes contain a tamper-proof security module, and introduce the TrustedPals framework, an efficient smart card based implementation of SMC for any number of participating entities in such a model. Security modules can be trusted by other processes and can establish secure channels between each other. However, their availability is restricted by their host, that is, a corrupted party can stop the computation of its own security module as well as drop any message sent by or to its security module. We show that in this model SMC can be implemented by reducing it to a fault-tolerance problem at the level of security modules. Since the critical part of the computation can be executed locally on the smart card, we can compute any function securely with a protocol complexity which is polynomial only in the number of processes (that is, the complexity does not depend on the function which is computed), in contrast to previous approaches.

Distributed Temporary Pseudonyms: A New Approach for Protecting Location Information in Mobile Communication Networks

One of the major security aspects in mobile communication networks concerns information about the localization of the (mobile) network user. This information may be protected by establishing a trusted third party that is responsible for creating suitable pseudonyms for the user identity. Distributing the maintenance of pseudonyms among n independent trusted parties allows to increase further the security of location information. In this paper, a method is proposed that guarantees security as long as at least one of the n parties may definitely be trusted whereas the other parties may turn out to be corrupt. The pseudonym collision probability is derived analytically before a detailed OPNET simulation evaluates the cost of the new approach compared to standard GSM.

An algorithmic framework for robust access control in wireless sensor networks

If the data collected within a sensor network is valuable or should be kept confidential then security measures should protect the access to this data. We first determine security issues in the context of access control in sensor networks especially focusing on the problem of node capture, i.e., the possibility that an attacker can completely take over some of the sensor nodes. We then introduce the notion of t-robust sensor networks which can withstand capture of up to t nodes and consider three basic security concepts for such networks: (1) t-robust storage, a mechanism to securely store data within a set of sensors such that capture of any t sensors does not reveal that data to the adversary; (2) n-authentication which ensures that authentication is achieved with every uncompromised sensor in the broadcast range of a client (n denotes the number of nodes in that broadcast range); and (3) n-authorization, an authorization primitive with similar properties like n-authentication. We present a generic t-robust protocol for implementing access control using these primitives.