Formal Analysis of Privacy for Anonymous Location Based Services

  • Morten Dahl
  • Stéphanie Delaune
  • Graham Steel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6993)


We propose a framework for formal analysis of privacy in location based services such as anonymous electronic toll collection. We give a formal definition of privacy, and apply it to the VPriv scheme for vehicular services. We analyse the resulting model using the ProVerif tool, concluding that our privacy property holds only if certain conditions are met by the implementation. Our analysis includes some novel features such as the formal modelling of privacy for a protocol that relies on interactive zero-knowledge proofs of knowledge and list permutations.


License Plate Evaluation Context Privacy Property Sanity Check Electronic Toll Collection 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: Proc. 28th ACM Symposium on Principles of Programming Languages (POPL 2001), pp. 104–115. ACM Press, New York (2001)Google Scholar
  2. 2.
    Abadi, M., Gordon, A.: A calculus for cryptographic protocols: The spi calculus. In: Proc. 4th ACM Conference on Computer and Communications Security, Zurich, Switzerland, pp. 36–47. ACM Press, New York (1997)Google Scholar
  3. 3.
    Arapinis, M., Chothia, T., Ritter, E., Ryan, M.: Analysing unlinkability and anonymity using the applied pi calculus. In: Proc. 23rd IEEE Computer Security Foundations Symposium (CSF 2010), pp. 107–121. IEEE Computer Society Press, Los Alamitos (2010)CrossRefGoogle Scholar
  4. 4.
    Backes, M., Maffei, M., Unruh, D.: Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In: Proc. Symposium on Security and Privacy (S&P 2008), pp. 202–215. IEEE Computer Society Press, Los Alamitos (2008)Google Scholar
  5. 5.
    Blanchet, B.: Cryptographic Protocol Verifier User Manual (2004),
  6. 6.
    Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming 75(1), 3–51 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Blumberg, A.J., Balakrishnan, H., Popa, R.: VPriv: Protecting privacy in location-based vehicular services. In: Proc. 18th Usenix Security Symposium (2009)Google Scholar
  8. 8.
    Bruso, M., Chatzikokolakis, K., den Hartog, J.: Formal verification of privacy for RFID systems. In: Proc. 23rd IEEE Computer Security Foundations Symposium (CSF 2010). IEEE Computer Society Press, Los Alamitos (2010)Google Scholar
  9. 9.
    Cortier, V., Delaune, S.: A method for proving observational equivalence. In: Proc. 22nd IEEE Computer Security Foundations Symposium (CSF 2009), Port Jefferson, NY, USA, pp. 266–276. IEEE Computer Society Press, Los Alamitos (2009)CrossRefGoogle Scholar
  10. 10.
    Dahl, M., Delaune, S., Steel, G.: Formal analysis of privacy for vehicular mix-zones. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 55–70. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Delaune, S., Ryan, M.D., Smyth, B.: Automatic verification of privacy properties in the applied pi-calculus. In: Proc. 2nd Joint iTrust and PST Conferences on Privacy, Trust Management and Security (IFIPTM 2008). IFIP Conference Proceedings, vol. 263, pp. 263–278. Springer, Heidelberg (2008)Google Scholar
  12. 12.
    Dikaiakos, M.D., Iqbal, S., Nadeem, T., Iftode, L.: VITP: an information transfer protocol for vehicular computing. In: Proc. 2nd International Workshop on Vehicular Ad Hoc Networks (VANET 2005), pp. 30–39 (2005)Google Scholar
  13. 13.
    Goldreich, O.: The Foundations of Cryptography, vol. 1. Cambridge University Press, Cambridge (2001)CrossRefzbMATHGoogle Scholar
  14. 14.
    IEEE. IEEE standard. IEEE Trial-Use Standard for Wireless Access in Vehicular Environments – Security Services for Applications and Management Messages, approved (June 8, 2006)Google Scholar
  15. 15.
    Kremer, S., Ryan, M.D.: Analysis of an Electronic Voting Protocol in the Applied Pi Calculus. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 186–200. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Lawson, N.: Highway to hell: Hacking toll systems. Presentation at Blackhat (2008), slides
  17. 17.
    Milner, R.: A Calculus of Communication Systems. LNCS, vol. 92. Springer, Heidelberg (1980)CrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Morten Dahl
    • 1
  • Stéphanie Delaune
    • 2
  • Graham Steel
    • 2
  1. 1.Department of Computer ScienceAalborg UniversityDenmark
  2. 2.LSVENS Cachan & CNRS & INRIA Saclay Île-deFrance

Personalised recommendations