Abstract
We formalize in the strand space theory the notion of provable anonymity. Bundle in a strand space is used to formalize a session of a protocol. Behaviors of an observer can then be formalized as extensions of a bundle. Reinterpretation function can be naturally derived from the mapping from one message term of an edge of a bundle in a strand space to that in another strand space. We formally define observational equivalence on bundles and use it to formalise anonymity properties. The novelty of our theory lies in the observational model and the construction of reinterpretation functions in the strand space theory. We build our theory in Isabelle/HOL to achieve a mechanical framework for the analysis of anonymity protocols.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Schneider, S., Sidiropoulos, A.: CSP and anonymity. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 198–218. Springer, Heidelberg (1996)
Hughes, D., Shmatikov, V.: Information hiding, anonymity and privacy: a modular approach. J. Comput. Secur. 12(1), 3–36 (2004)
Garcia, F.D., Hasuo, I., Pieters, W., van Rossum, P.: Provable anonymity. In: Proceedings of the 3rd Workshop on Formal Methods in Security Engineering, pp. 63–72. ACM (2005)
Chothia, T., Orzan, S., Pang, J., Torabi Dashti, M.: A Framework for automatically checking anonymity with \(\mu \) CRL. In: Montanari, U., Sannella, D., Bruni, R. (eds.) TGC 2006. LNCS, vol. 4661, pp. 301–318. Springer, Heidelberg (2007)
Arapinis, M., Chothia, T., Ritter, E., Ryan, M.D.: Analysing unlinkability and anonymity using the applied pi calculus. In: Proceedings of the 23rd IEEE Computer Security Foundations Symposium, pp. 107–121. IEEE CS (2010)
Shmatikov, V.: Probabilistic model checking of an anonymity system. J. Comput. Secur. 12(3/4), 355–377 (2004)
Halpern, J.Y., O’Neill, K.R.: Anonymity and information hiding in multiagent systems. J. Comput. Secur. 13(3), 483–514 (2005)
Bhargava, M., Palamidessi, C.: Probabilistic anonymity. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 171–185. Springer, Heidelberg (2005)
Deng, Y., Palamidessi, C., Pang, J.: Weak probabilistic anonymity. In: Proceedings of the 3rd Workshop on Security Issues in Concurrency, vol. 180 of ENTCS, pp. 55–76 (2007)
Chen, X., Pang, J.: Measuring query privacy in location-based services. In: Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy, pp. 49–60. ACM Press (2012)
Chen, X., Pang, J.: Protecting query privacy in location-based services. GeoInformatica (2013, To appear)
Delaune, S., Kremer, S., Ryan, M.D.: Verifying privacy-type properties of electronic voting protocols. J. Comput. Secur. 17(4), 435–487 (2009)
Jonker, H.L., Mauw, S., Pang, J.: A formal framework for quantifying voter-controlled privacy. J. Algorithm Cogn. Inf. Logic 64(2–3), 89–105 (2009)
Luo, Z., Cai, X., Pang, J., Deng, Y.: Analyzing an electronic cash protocol using applied pi calculus. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 87–103. Springer, Heidelberg (2007)
Yan, L., Sere, K., Zhou, X., Pang, J.: Towards an integrated architecture for peer-to-peer and ad hoc overlay network applications. In: Proceedings of the 10th Workshop on Future Trends in Distributed Computing Systems, pp. 312–318. IEEE CS (2004)
Chothia, T.: Analysing the MUTE anonymous file-sharing system using the pi-calculus. In: Najm, E., Pradat-Peyre, J.-F., Donzeau-Gouge, V.V. (eds.) FORTE 2006. LNCS, vol. 4229, pp. 115–130. Springer, Heidelberg (2006)
Dong, N., Jonker, H., Pang, J.: Formal analysis of privacy in an eHealth protocol. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 325–342. Springer, Heidelberg (2012)
Kawabe, Y., Mano, K., Sakurada, H., Tsukada, Y.: Theorem-proving anonymity of infinite state systems. Inform. Process. Lett. 101(1), 46–51 (2007)
Nipkow, T., Paulson, L.C., Wenzel, M.T. (eds.): Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002)
Li, Y., Pang, J.: An inductive approach to provable anonymity. In: Proceedings of the 6th Conference on Availability, Reliability and Security, pp. 454–459. IEEE CS (2011)
Javier Thayer, F., Herzog, J.C., Guttman, J.D.: Strand spaces: why is a security protocol correct? In: Proceedings of the 19th IEEE Symposium on Security and Privacy, pp. 96–109. IEEE CS (1998)
Thayer, J.F., Herzog, J.C., Guttman, J.D.: Strand spaces: proving security protocols correct. J. Comput. Secur. 7(1), 191–230 (1999)
Li, Y., Pang, J.: An inductive approach to strand spaces. Formal Aspects Comput. 25(4), 465–501 (2013)
Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding routing information. In: Anderson, R. (ed.) Information Hiding. LNCS, vol. 1774, pp. 137–150. Springer, Heidelberg (1996)
Syverson, P.F., Goldschlag, D.M., Reed, M.G.: Anonymous connections and onion routing. In: Proceedings of the 18th IEEE Symposium on Security and Privacy, pp. 44–54. IEEE (1997)
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(12), 198–208 (1983)
Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: the second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium, pp. 303–320 (2004)
Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)
Acknowledgments
The first author, Yongjian Li, was supported by a grant 61170073 from the National Natural Science Foundation of China.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Li, Y., Pang, J. (2014). A Strand Space Approach to Provable Anonymity. In: Artho, C., Ölveczky, P. (eds) Formal Techniques for Safety-Critical Systems. FTSCS 2013. Communications in Computer and Information Science, vol 419. Springer, Cham. https://doi.org/10.1007/978-3-319-05416-2_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-05416-2_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-05415-5
Online ISBN: 978-3-319-05416-2
eBook Packages: Computer ScienceComputer Science (R0)