Skip to main content
SpringerLink
Log in

Formal Verification of Privacy Properties in Electric Vehicle Charging

  • Conference paper
Engineering Secure Software and Systems (ESSoS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8978))

Included in the following conference series:

Abstract

Electric vehicles are an up-and-coming technology that provides significant environmental benefits. A major challenge of these vehicles is their somewhat limited range, requiring the deployment of many charging stations. To effectively deliver electricity to vehicles and guarantee payment, a protocol was developed as part of the ISO 15118 standardization effort. A privacy-preserving variant of this protocol, POPCORN, has been proposed in recent work, claiming to provide significant privacy for the user, while maintaining functionality. In this paper, we outline our approach for the verification of privacy properties of the protocol. We provide a formal model of the expected privacy properties in the applied Pi-Calculus and use ProVerif to check them. We identify weaknesses in the protocol and suggest improvements to address them.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Antignac, T., Le Métayer, D.: Privacy by Design: From Technologies to Architectures. In: Preneel, B., Ikonomou, D. (eds.) APF 2014. LNCS, vol. 8450, pp. 1–17. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  2. Backes, M., Dürmuth, M., Karjoth, G.: Unification in Privacy Policy Evaluation - Translating EPAL into Prolog. In: POLICY, pp. 185–188 (2004)

    Google Scholar 

  3. Barth, A., Mitchell, J.C., Datta, A., Sundaram, S.: Privacy and Utility in Business Processes. In: CSF, pp. 279–294 (2007)

    Google Scholar 

  4. Becker, M.Y., Malkis, A., Bussard, L.: A Practical Generic Privacy Language. In: Jha, S., Mathuria, A. (eds.) ICISS 2010. LNCS, vol. 6503, pp. 125–139. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  5. Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. In: Proceedings of the 20th Annual IEEE Symposium on Logic in Computer Science, LICS 2005, pp. 331–340. IEEE (2005)

    Google Scholar 

  6. Blanchet, B., Smyth, B.: Proverif 1.85: Automatic cryptographic protocol verifier, user manual and tutorial (2011)

    Google Scholar 

  7. Brusó, M., Chatzikokolakis, K., Etalle, S., den Hartog, J.: Linking Unlinkability. In: Palamidessi, C., Ryan, M.D. (eds.) TGC 2012. LNCS, vol. 8191, pp. 129–144. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  8. Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 21–30. ACM (2002)

    Google Scholar 

  9. Delaune, S., Kremer, S., Ryan, M.D.: Verifying Privacy-type Properties of Electronic Voting Protocols. Journal of Computer Security 17(4), 435–487 (2009), http://www.lsv.ens-cachan.fr/Publis/PAPERS/PDF/DKR-jcs08.pdf

    Google Scholar 

  10. Dwork, C.: Differential Privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  11. Dwork, C.: A firm foundation for private data analysis. Commun. ACM 54(1), 86–95 (2011)

    Article  Google Scholar 

  12. Glasgow, J., MacEwen, G., Panangaden, P.: A logic for reasoning about security. In: Proc. of the 3rd Computer Security Foundations Workshop, pp. 2–13 (1990)

    Google Scholar 

  13. Halpern, J.Y., Pucella, R.: Dealing with Logical Omniscience. In: Proc. of the 11th Conf. on Th. Aspects of Rationality and Knowl., pp. 169–176. ACM, USA (2007), http://doi.acm.org/10.1145/1324249.1324273

    Chapter  Google Scholar 

  14. Höfer, C., Petit, J., Schmidt, R., Kargl, F.: POPCORN: privacy-preserving charging for eMobility. In: Proceedings of the 2013 ACM Workshop on Security, Privacy & Dependability for Cyber Vehicles, pp. 37–48. ACM (2013)

    Google Scholar 

  15. ISO: Road vehicles - Vehicle-to-Grid Communication Interface - Part 1: General information and use-case definition. ISO 15118, International Organization for Standardization, Geneva, Switzerland (2012)

    Google Scholar 

  16. ISO: Road vehicles - Vehicle-to-Grid Communication Interface - Part 2: Technical protocol description and Open Systems Interconnections (OSI) layer requirements. ISO 15118, International Organization for Standardization, Geneva, Switzerland (2012)

    Google Scholar 

  17. Jafari, M., Fong, P.W.L., Safavi-Naini, R., Barker, K., Sheppard, N.P.: Towards defining semantic foundations for purpose-based privacy policies. In: CODASPY, pp. 213–224 (2011)

    Google Scholar 

  18. Le Métayer, D.: A Formal Privacy Management Framework. In: Degano, P., Guttman, J., Martinelli, F. (eds.) FAST 2008. LNCS, vol. 5491, pp. 162–176. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  19. Le Métayer, D.: Privacy by Design: A Formal Framework for the Analysis of Architectural Choices. In: Proc. of the 3rd ACM Conference on Data and Application Security and Privacy, pp. 95–104. ACM, USA (2013), http://doi.acm.org/10.1145/2435349.2435361

    Google Scholar 

  20. Li, L., Pang, J., Liu, Y., Sun, J., Dong, J.S.: Symbolic analysis of an electric vehicle charging protocol. In: Proc. 19th IEEE Conference on Engineering of Complex Computer Systems (ICECCS 2014). IEEE Computer Society (2014)

    Google Scholar 

  21. Li, N., Li, T., Venkatasubramanian, S.: t-Closeness: Privacy Beyond k-Anonymity and l-Diversity. In: IEEE 23rd International Conference on Data Engineering, pp. 106–115 (April 2007)

    Google Scholar 

  22. Li, N., Qardaji, W.H., Su, D.: Provably Private Data Anonymization: Or, k-Anonymity Meets Differential Privacy. CoRR abs/1101.2604 (2011)

    Google Scholar 

  23. Li, N., Yu, T., Antón, A.I.: A semantics based approach to privacy languages. Comput. Syst. Sci. Eng. 21(5) (2006)

    Google Scholar 

  24. Liu, J.K., Au, M.H., Susilo, W., Zhou, J.: Enhancing location privacy for electric vehicles (at the right time). In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 397–414. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  25. Ma, Z., Kargl, F., Weber, M.: A location privacy metric for V2X communication systems. In: IEEE Sarnoff Symposium, pp. 1–6 (March 2009)

    Google Scholar 

  26. Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-Diversity: Privacy Beyond k-Anonymity. In: ICDE, p. 24 (2006)

    Google Scholar 

  27. May, M.J., Gunter, C.A., Lee, I.: Privacy APIs: Access Control Techniques to Analyze and Verify Legal Privacy Policies. In: CSFW, pp. 85–97 (2006)

    Google Scholar 

  28. McSherry, F.: Privacy integrated queries: an extensible platform for privacy-preserving data analysis. Commun. ACM 53(9), 89–97 (2010)

    Article  Google Scholar 

  29. McSherry, F., Talwar, K.: Mechanism Design via Differential Privacy. In: FOCS, pp. 94–103 (2007)

    Google Scholar 

  30. Milner, R.: Communicating and Mobile Systems: The Pi-calculus. Cambridge University Press, New York (1999)

    MATH  Google Scholar 

  31. Pucella, R.: Deductive Algorithmic Knowledge. CoRR cs.AI/0405038 (2004)

    Google Scholar 

  32. Ryan, M.D., Smyth, B.: Applied pi calculus. In: Cortier, V., Kremer, S. (eds.) Formal Models and Techniques for Analyzing Security Protocols, ch. 6. IOS Press (2011), http://www.bensmyth.com/files/Smyth10-applied-pi-calculus.pdf

  33. Sweeney, L.: k-Anonymity: A Model for Protecting Privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 10(5), 557–570 (2002)

    Article  MATH  MathSciNet  Google Scholar 

  34. Tschantz, M.C., Kaynar, D.K., Datta, A.: Formal Verification of Differential Privacy for Interactive Systems. CoRR abs/1101.2819 (2011)

    Google Scholar 

  35. Yu, T., Li, N., Antón, A.I.: A formal semantics for P3P. In: SWS, pp. 1–8 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Inria, University of Lyon, France

    Marouane Fazouane & Daniel Le Métayer

  2. Ulm University, Ulm, Germany

    Henning Kopp, Rens W. van der Heijden & Frank Kargl

Authors
  1. Marouane Fazouane
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Henning Kopp
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rens W. van der Heijden
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Daniel Le Métayer
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Frank Kargl
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. iMinds-DistriNet, KU Leuven, Belgium

    Frank Piessens

  2. IMDEA Software Institute, Campus de Montegancedo S/N, 28223, Pozuelo de Alarcón, Spain

    Juan Caballero

  3. Inria Sophia Antipolis – Mediterranee, 2004 route des Lucioles, B.P. 93, 06902, Sophia Antipolis Cedex, France

    Nataliia Bielova

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Fazouane, M., Kopp, H., van der Heijden, R.W., Le Métayer, D., Kargl, F. (2015). Formal Verification of Privacy Properties in Electric Vehicle Charging. In: Piessens, F., Caballero, J., Bielova, N. (eds) Engineering Secure Software and Systems. ESSoS 2015. Lecture Notes in Computer Science, vol 8978. Springer, Cham. https://doi.org/10.1007/978-3-319-15618-7_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-15618-7_2

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-15617-0

  • Online ISBN: 978-3-319-15618-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation