Abstract
We propose a framework for formal analysis of privacy in location based services such as anonymous electronic toll collection. We give a formal definition of privacy, and apply it to the VPriv scheme for vehicular services. We analyse the resulting model using the ProVerif tool, concluding that our privacy property holds only if certain conditions are met by the implementation. Our analysis includes some novel features such as the formal modelling of privacy for a protocol that relies on interactive zero-knowledge proofs of knowledge and list permutations.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: Proc. 28th ACM Symposium on Principles of Programming Languages (POPL 2001), pp. 104–115. ACM Press, New York (2001)
Abadi, M., Gordon, A.: A calculus for cryptographic protocols: The spi calculus. In: Proc. 4th ACM Conference on Computer and Communications Security, Zurich, Switzerland, pp. 36–47. ACM Press, New York (1997)
Arapinis, M., Chothia, T., Ritter, E., Ryan, M.: Analysing unlinkability and anonymity using the applied pi calculus. In: Proc. 23rd IEEE Computer Security Foundations Symposium (CSF 2010), pp. 107–121. IEEE Computer Society Press, Los Alamitos (2010)
Backes, M., Maffei, M., Unruh, D.: Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In: Proc. Symposium on Security and Privacy (S&P 2008), pp. 202–215. IEEE Computer Society Press, Los Alamitos (2008)
Blanchet, B.: Cryptographic Protocol Verifier User Manual (2004), http://www.di.ens.fr/~blanchet/crypto/proverif-manual.ps.gz
Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming 75(1), 3–51 (2008)
Blumberg, A.J., Balakrishnan, H., Popa, R.: VPriv: Protecting privacy in location-based vehicular services. In: Proc. 18th Usenix Security Symposium (2009)
Bruso, M., Chatzikokolakis, K., den Hartog, J.: Formal verification of privacy for RFID systems. In: Proc. 23rd IEEE Computer Security Foundations Symposium (CSF 2010). IEEE Computer Society Press, Los Alamitos (2010)
Cortier, V., Delaune, S.: A method for proving observational equivalence. In: Proc. 22nd IEEE Computer Security Foundations Symposium (CSF 2009), Port Jefferson, NY, USA, pp. 266–276. IEEE Computer Society Press, Los Alamitos (2009)
Dahl, M., Delaune, S., Steel, G.: Formal analysis of privacy for vehicular mix-zones. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 55–70. Springer, Heidelberg (2010)
Delaune, S., Ryan, M.D., Smyth, B.: Automatic verification of privacy properties in the applied pi-calculus. In: Proc. 2nd Joint iTrust and PST Conferences on Privacy, Trust Management and Security (IFIPTM 2008). IFIP Conference Proceedings, vol. 263, pp. 263–278. Springer, Heidelberg (2008)
Dikaiakos, M.D., Iqbal, S., Nadeem, T., Iftode, L.: VITP: an information transfer protocol for vehicular computing. In: Proc. 2nd International Workshop on Vehicular Ad Hoc Networks (VANET 2005), pp. 30–39 (2005)
Goldreich, O.: The Foundations of Cryptography, vol. 1. Cambridge University Press, Cambridge (2001)
IEEE. IEEE standard. IEEE Trial-Use Standard for Wireless Access in Vehicular Environments – Security Services for Applications and Management Messages, approved (June 8, 2006)
Kremer, S., Ryan, M.D.: Analysis of an Electronic Voting Protocol in the Applied Pi Calculus. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 186–200. Springer, Heidelberg (2005)
Lawson, N.: Highway to hell: Hacking toll systems. Presentation at Blackhat (2008), slides http://rdist.root.org/2008/08/07/fastrak-talk-summary-and-slides/
Milner, R.: A Calculus of Communication Systems. LNCS, vol. 92. Springer, Heidelberg (1980)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dahl, M., Delaune, S., Steel, G. (2012). Formal Analysis of Privacy for Anonymous Location Based Services. In: Mödersheim, S., Palamidessi, C. (eds) Theory of Security and Applications. TOSCA 2011. Lecture Notes in Computer Science, vol 6993. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27375-9_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-27375-9_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27374-2
Online ISBN: 978-3-642-27375-9
eBook Packages: Computer ScienceComputer Science (R0)