Formal Verification of Privacy Properties in Electric Vehicle Charging

  • Marouane Fazouane
  • Henning Kopp
  • Rens W. van der Heijden
  • Daniel Le Métayer
  • Frank Kargl
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8978)

Abstract

Electric vehicles are an up-and-coming technology that provides significant environmental benefits. A major challenge of these vehicles is their somewhat limited range, requiring the deployment of many charging stations. To effectively deliver electricity to vehicles and guarantee payment, a protocol was developed as part of the ISO 15118 standardization effort. A privacy-preserving variant of this protocol, POPCORN, has been proposed in recent work, claiming to provide significant privacy for the user, while maintaining functionality. In this paper, we outline our approach for the verification of privacy properties of the protocol. We provide a formal model of the expected privacy properties in the applied Pi-Calculus and use ProVerif to check them. We identify weaknesses in the protocol and suggest improvements to address them.

Keywords

privacy formal verification electric vehicle charging 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Antignac, T., Le Métayer, D.: Privacy by Design: From Technologies to Architectures. In: Preneel, B., Ikonomou, D. (eds.) APF 2014. LNCS, vol. 8450, pp. 1–17. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  2. 2.
    Backes, M., Dürmuth, M., Karjoth, G.: Unification in Privacy Policy Evaluation - Translating EPAL into Prolog. In: POLICY, pp. 185–188 (2004)Google Scholar
  3. 3.
    Barth, A., Mitchell, J.C., Datta, A., Sundaram, S.: Privacy and Utility in Business Processes. In: CSF, pp. 279–294 (2007)Google Scholar
  4. 4.
    Becker, M.Y., Malkis, A., Bussard, L.: A Practical Generic Privacy Language. In: Jha, S., Mathuria, A. (eds.) ICISS 2010. LNCS, vol. 6503, pp. 125–139. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  5. 5.
    Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. In: Proceedings of the 20th Annual IEEE Symposium on Logic in Computer Science, LICS 2005, pp. 331–340. IEEE (2005)Google Scholar
  6. 6.
    Blanchet, B., Smyth, B.: Proverif 1.85: Automatic cryptographic protocol verifier, user manual and tutorial (2011)Google Scholar
  7. 7.
    Brusó, M., Chatzikokolakis, K., Etalle, S., den Hartog, J.: Linking Unlinkability. In: Palamidessi, C., Ryan, M.D. (eds.) TGC 2012. LNCS, vol. 8191, pp. 129–144. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  8. 8.
    Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 21–30. ACM (2002)Google Scholar
  9. 9.
    Delaune, S., Kremer, S., Ryan, M.D.: Verifying Privacy-type Properties of Electronic Voting Protocols. Journal of Computer Security 17(4), 435–487 (2009), http://www.lsv.ens-cachan.fr/Publis/PAPERS/PDF/DKR-jcs08.pdf Google Scholar
  10. 10.
    Dwork, C.: Differential Privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  11. 11.
    Dwork, C.: A firm foundation for private data analysis. Commun. ACM 54(1), 86–95 (2011)CrossRefGoogle Scholar
  12. 12.
    Glasgow, J., MacEwen, G., Panangaden, P.: A logic for reasoning about security. In: Proc. of the 3rd Computer Security Foundations Workshop, pp. 2–13 (1990)Google Scholar
  13. 13.
    Halpern, J.Y., Pucella, R.: Dealing with Logical Omniscience. In: Proc. of the 11th Conf. on Th. Aspects of Rationality and Knowl., pp. 169–176. ACM, USA (2007), http://doi.acm.org/10.1145/1324249.1324273 CrossRefGoogle Scholar
  14. 14.
    Höfer, C., Petit, J., Schmidt, R., Kargl, F.: POPCORN: privacy-preserving charging for eMobility. In: Proceedings of the 2013 ACM Workshop on Security, Privacy & Dependability for Cyber Vehicles, pp. 37–48. ACM (2013)Google Scholar
  15. 15.
    ISO: Road vehicles - Vehicle-to-Grid Communication Interface - Part 1: General information and use-case definition. ISO 15118, International Organization for Standardization, Geneva, Switzerland (2012)Google Scholar
  16. 16.
    ISO: Road vehicles - Vehicle-to-Grid Communication Interface - Part 2: Technical protocol description and Open Systems Interconnections (OSI) layer requirements. ISO 15118, International Organization for Standardization, Geneva, Switzerland (2012)Google Scholar
  17. 17.
    Jafari, M., Fong, P.W.L., Safavi-Naini, R., Barker, K., Sheppard, N.P.: Towards defining semantic foundations for purpose-based privacy policies. In: CODASPY, pp. 213–224 (2011)Google Scholar
  18. 18.
    Le Métayer, D.: A Formal Privacy Management Framework. In: Degano, P., Guttman, J., Martinelli, F. (eds.) FAST 2008. LNCS, vol. 5491, pp. 162–176. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  19. 19.
    Le Métayer, D.: Privacy by Design: A Formal Framework for the Analysis of Architectural Choices. In: Proc. of the 3rd ACM Conference on Data and Application Security and Privacy, pp. 95–104. ACM, USA (2013), http://doi.acm.org/10.1145/2435349.2435361 Google Scholar
  20. 20.
    Li, L., Pang, J., Liu, Y., Sun, J., Dong, J.S.: Symbolic analysis of an electric vehicle charging protocol. In: Proc. 19th IEEE Conference on Engineering of Complex Computer Systems (ICECCS 2014). IEEE Computer Society (2014)Google Scholar
  21. 21.
    Li, N., Li, T., Venkatasubramanian, S.: t-Closeness: Privacy Beyond k-Anonymity and l-Diversity. In: IEEE 23rd International Conference on Data Engineering, pp. 106–115 (April 2007)Google Scholar
  22. 22.
    Li, N., Qardaji, W.H., Su, D.: Provably Private Data Anonymization: Or, k-Anonymity Meets Differential Privacy. CoRR abs/1101.2604 (2011)Google Scholar
  23. 23.
    Li, N., Yu, T., Antón, A.I.: A semantics based approach to privacy languages. Comput. Syst. Sci. Eng. 21(5) (2006)Google Scholar
  24. 24.
    Liu, J.K., Au, M.H., Susilo, W., Zhou, J.: Enhancing location privacy for electric vehicles (at the right time). In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 397–414. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  25. 25.
    Ma, Z., Kargl, F., Weber, M.: A location privacy metric for V2X communication systems. In: IEEE Sarnoff Symposium, pp. 1–6 (March 2009)Google Scholar
  26. 26.
    Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-Diversity: Privacy Beyond k-Anonymity. In: ICDE, p. 24 (2006)Google Scholar
  27. 27.
    May, M.J., Gunter, C.A., Lee, I.: Privacy APIs: Access Control Techniques to Analyze and Verify Legal Privacy Policies. In: CSFW, pp. 85–97 (2006)Google Scholar
  28. 28.
    McSherry, F.: Privacy integrated queries: an extensible platform for privacy-preserving data analysis. Commun. ACM 53(9), 89–97 (2010)CrossRefGoogle Scholar
  29. 29.
    McSherry, F., Talwar, K.: Mechanism Design via Differential Privacy. In: FOCS, pp. 94–103 (2007)Google Scholar
  30. 30.
    Milner, R.: Communicating and Mobile Systems: The Pi-calculus. Cambridge University Press, New York (1999)MATHGoogle Scholar
  31. 31.
    Pucella, R.: Deductive Algorithmic Knowledge. CoRR cs.AI/0405038 (2004)Google Scholar
  32. 32.
    Ryan, M.D., Smyth, B.: Applied pi calculus. In: Cortier, V., Kremer, S. (eds.) Formal Models and Techniques for Analyzing Security Protocols, ch. 6. IOS Press (2011), http://www.bensmyth.com/files/Smyth10-applied-pi-calculus.pdf
  33. 33.
    Sweeney, L.: k-Anonymity: A Model for Protecting Privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 10(5), 557–570 (2002)CrossRefMATHMathSciNetGoogle Scholar
  34. 34.
    Tschantz, M.C., Kaynar, D.K., Datta, A.: Formal Verification of Differential Privacy for Interactive Systems. CoRR abs/1101.2819 (2011)Google Scholar
  35. 35.
    Yu, T., Li, N., Antón, A.I.: A formal semantics for P3P. In: SWS, pp. 1–8 (2004)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Marouane Fazouane
    • 1
  • Henning Kopp
    • 2
  • Rens W. van der Heijden
    • 2
  • Daniel Le Métayer
    • 1
  • Frank Kargl
    • 2
  1. 1.InriaUniversity of LyonFrance
  2. 2.Ulm UniversityUlmGermany

Personalised recommendations