Privacy-Preserving Optimal Meeting Location Determination on Mobile Devices Igor Bilogrevic, Member, IEEE, Murtuza Jadliwala, Member, IEEE, Vishal Joneja,

Slides:

Advertisements

Similar presentations

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.

Advertisements

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Secure Multiparty Computations on Bitcoin

Data Security 1 El_Gamal Cryptography. Data Security2 Introduction El_Gamal is a public-key cryptosystem technique El_Gamal is a public-key cryptosystem.

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Paper by: Craig Gentry Presented By: Daniel Henneberger.

Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks Einar Mykletun, Joao Girao, Dirk Westhoff IEEE ICC 2006, /06.

RCDA: Recoverable Concealed Data Aggregation for Data Integrity in Wireless Sensor Networks Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, Hung-Ming Sun.

Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.

SRIRAM KRISHNAMACHARI MEHRDAD NOJOUMIAN KEMAL AKKAYA SOUTHERN ILLINOIS UNIVERSITY CARBONDALE FLORIDA ATLANTIC UNIVERSITY FLORIDA INTERNATIONAL UNIVERSITY.

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

School of Computer Science and Engineering Finding Top k Most Influential Spatial Facilities over Uncertain Objects Liming Zhan Ying Zhang Wenjie Zhang.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

Vishal Patil Paresh Rawat Pratik Nikam Satish Patil By: Under The Guidance Of Prof.Rucha Samant.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Team Wolf Distributed, Consistent and Secure USB Hub Sean Busch Matt Dube Eddie Lai Zhou Zheng.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

1 Identity-Based Encryption form the Weil Pairing Author ： Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date ：

Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.

A Local Facility Location Algorithm Supervisor: Assaf Schuster Denis Krivitski Technion – Israel Institute of Technology.

Triple Patterning Aware Detailed Placement With Constrained Pattern Assignment Haitong Tian, Yuelin Du, Hongbo Zhang, Zigang Xiao, Martin D.F. Wong.

ASYMMETRIC CIPHERS.

Joint Histogram Based Cost Aggregation For Stereo Matching Dongbo Min, Member, IEEE, Jiangbo Lu, Member, IEEE, Minh N. Do, Senior Member, IEEE IEEE TRANSACTION.

A.C. Chen ADL M Zubair Rafique Muhammad Khurram Khan Khaled Alghathbar Muddassar Farooq The 8th FTRA International Conference on Secure and.

Privacy Preserving Query Processing in Cloud Computing Wen Jie

Cryptography Lecture 8 Stefan Dziembowski

Brian Padalino Sammy Lin Arnold Perez Helen Chen

An Efficient Identity-based Cryptosystem for

Wireless and Security CSCI 5857: Encoding and Encryption.

Optimizing Mixing in Pervasive Networks: A Graph-Theoretic Perspective

EPPA: An Efficient and Privacy-Preserving Aggregation Scheme for Secure Smart Grid Communications Rongxing Lu, Xiaohui Liang, Xu Li, Xiaodong Lin, Xuemin.

DATA DYNAMICS AND PUBLIC VERIFIABILITY CHECKING WITHOUT THIRD PARTY AUDITOR GUIDED BY PROJECT MEMBERS: Ms. V.JAYANTHI M.E Assistant Professor V.KARTHIKEYAN.

1 Experimental Evidence on Partitioning in Parallel Data Warehouses Pedro Furtado Prof. at Univ. of Coimbra & Researcher at CISUC DEI/CISUC-Universidade.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

Providing Transparent Security Services to Sensor Networks Hamed Soroush, Mastooreh Salajegheh and Tassos Dimitriou IEEE ICC 2007 Reporter ：呂天龍 1.

1 Lect. 13 : Public Key Encryption RSA ElGamal. 2 Shamir Rivest Adleman RSA Public Key Systems  RSA is the first public key cryptosystem  Proposed in.

Chapter 4 Application Level Security in Cellular Networks.

Cryptanalysis and Improvement of an Access Control in User Hierarchy Based on Elliptic Curve Cryptosystem Reporter : Tzer-Long Chen Information Sciences.

Tao Lin Chris Chu TPL-Aware Displacement- driven Detailed Placement Refinement with Coloring Constraints ISPD ‘15.

1 Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data Peishun Wang, Huaxiong Wang, and Josef Pieprzyk: SDM LNCS, vol.

1 Efficient Obstacle-Avoiding Rectilinear Steiner Tree Construction Chung-Wei Lin, Szu-Yu Chen, Chi-Feng Li, Yao-Wen Chang, Chia-Lin Yang National Taiwan.

Enhanced secure anonymous authentication scheme for roaming service in global mobility networks Hyeran Mun, Kyusuk Han, Yan Sun Lee, Chan Yeob Yeun, Hyo.

Downlink Scheduling With Economic Considerations to Future Wireless Networks Bader Al-Manthari, Nidal Nasser, and Hossam Hassanein IEEE Transactions on.

Ahmed Osama Research Assistant. Presentation Outline Winc- Nile University- Privacy Preserving Over Network Coding 2  Introduction  Network coding 

The Paillier Cryptosystem

Zhuo Peng, Chaokun Wang, Lu Han, Jingchao Hao and Yiyuan Ba Proceedings of the Third International Conference on Emerging Databases, Incheon, Korea (August.

An Efficient Linear Time Triple Patterning Solver Haitong Tian Hongbo Zhang Zigang Xiao Martin D.F. Wong ASP-DAC’15.

Exploiting Group Recommendation Functions for Flexible Preferences.

Privacy Preserving Payments in Credit Networks By: Moreno-Sanchez et al from Saarland University Presented By: Cody Watson Some Slides Borrowed From NDSS’15.

A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1.

多媒體網路安全實驗室 Practical Searching Over Encrypted Data By Private Information Retrieval Date： Reporter: Chien-Wen Huang 出處: GLOBECOM 2010, 2010 IEEE.

Improved Census Transforms for Resource-Optimized Stereo Vision

Security Analysis of a Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption Scheme.

Implementing Secure IRC App with Elgamal By Hyungki Choi ID : Date :

Introduction to Elliptic Curves CSCI 5857: Encoding and Encryption.

Auditing Information Leakage for Distance Metrics Yikan Chen David Evans TexPoint fonts used in EMF. Read the TexPoint manual.

1 MEVAL: A Practically Efficient System for Secure Multi-party Statistical Analysis Koki Hamada NTT Secure Platform Laboratories.

Optimizing the Location Obfuscation in Location-Based Mobile Systems Iris Safaka Professor: Jean-Pierre Hubaux Tutor: Berker Agir Semester Project Security.

ONLINE INTRUSION ALERT AGGREGATION WITH GENERATIVE DATA STREAM MODELING.

1 Using Network Coding for Dependent Data Broadcasting in a Mobile Environment Chung-Hua Chu, De-Nian Yang and Ming-Syan Chen IEEE GLOBECOM 2007 Reporter.

Introduction to Elliptic Curve Cryptography CSCI 5857: Encoding and Encryption.

Encryption Encryption: Transforms Message so that Interceptor Cannot Read it –Plaintext (original message) Not necessarily text; Can be graphics, etc.

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

Track Me If You Can: On the Effectiveness of Context-based Identifier Changes in Deployed Mobile Networks. Authors: Laurent Bindschaedler, Murtuza Jadliwala,

Center for E-Business Technology Seoul National University Seoul, Korea Private Queries in Location Based Services: Anonymizers are not Necessary Gabriel.

Network Security Design Fundamentals Lecture-13

RSA and El Gamal Cryptosystems

Presented By Siddartha Ailuri Graduate Student, EECS 04/07/17

Dingding Liu* Yingen Xiong† Linda Shapiro* Kari Pulli†

Privacy Protection for E-Health Systems by

Presentation transcript:

Privacy-Preserving Optimal Meeting Location Determination on Mobile Devices Igor Bilogrevic, Member, IEEE, Murtuza Jadliwala, Member, IEEE, Vishal Joneja, Kübra Kalkan, Jean-Pierre Hubaux, Fellow, IEEE, and Imad Aad

Outline Introduction & Problem Definition Problem Formulation & System Architecture Proposed Solution Privacy Requirements & Definitions Privacy & Complexity Analysis Experimental Evaluation

Outline Introduction & Problem Definition Problem Formulation & System Architecture Proposed Solution Privacy Requirements & Definitions Privacy & Complexity Analysis Experimental Evaluation

Introduction Two popular feature of LBS : Location check-ins and location sharing Near 88% of 35 participants were not comfortable sharing their location information

Fair Rendez-Vous Point Problem To determine a location among the such that the maximum distance between this location and all other users’ locations is minimized

Fair Rendez-Vous Point Problem To determine a location among the such that the maximum distance between this location and all other users’ locations is minimized

k-center Problem To determine k locations from N candidate places for placing facilities such that the maximum distance from any place to its closest facility is minimized.

k-center Problem To determine k locations from N candidate places for placing facilities such that the maximum distance from any place to its closest facility is minimized.

Outline Introduction & Problem Definition Problem Formulation & System Architecture Proposed Solution Privacy Requirements & Definitions Privacy & Complexity Analysis Experimental Evaluation

System Architecture

C.-H. O. Chen et al., “GAnGS: Gather, authenticate’n group securely,”in Proc. 14th ACM Int. Conf. Mobile Computing Networking, 2008,pp. 92–103. Y.-H. Lin et al., “SPATE: Small-group PKI-less authenticated trust establishment,” in Proc. 7th Int. Conf. MobiSys, 2009, pp. 1–14.

System Architecture Privacy-Preserving Fair Rendez-Vous Point (PPFRVP) algorithm A InputOutput {E(L 1 )||E(L 2 )||…||E(L N )}E(L fair )=g(E(L 1 )||E(L 2 )||…||E(L N ))

System Architecture Privacy-Preserving Fair Rendez-Vous Point (PPFRVP) algorithm A InputOutput {E(L 1 )||E(L 2 )||…||E(L N )}E(L fair )=g(E(L 1 )||E(L 2 )||…||E(L N ))

System Architecture Privacy-Preserving Fair Rendez-Vous Point (PPFRVP) algorithm A InputOutput {E(L 1 )||E(L 2 )||…||E(L N )}E(L fair )=g(E(L 1 )||E(L 2 )||…||E(L N ))

Outline Introduction & Problem Definition Problem Formulation & System Architecture Proposed Solution Privacy Requirements & Definitions Privacy & Complexity Analysis Experimental Evaluation

Transformation Function f Boneh-Goh-Nissim (BGN) cryptosystems ElGamal and Paillier cryptosystems

About BGN-based Cryptosystem The cryptosystem devised by Boneh, Goh, and Nissim was the first to allow both additions and multiplications with a constant-size ciphertext. However, only one multiplication is permitted. One of the key ideas in the BGN system is to use elliptic curve groups whose order is a composite number n that is hard to factor. Homomorphic Encryption and the BGN Cryptosystem David Mandell Freeman November 18, 2011

Fairness Function g A. Distance Computation B. MAX Computation C. ARGMIN MAX Computation

Fairness Function g A. Distance Computation B. MAX Computation C. ARGMIN MAX Computation

Distance Computation(BGN) T is the modulus of the plaintext domain.

Distance Computation(BGN)

Distance Computation(E-P)

n is the modulus of the Pailliar cryptosystem.

Distance Computation(E-P)

Fairness Function g Distance Computation B. MAX Computation C. ARGMIN MAX Computation

MAX Computation For each index i, the LDS generates two random values (r i & s i ) to scale and shift the encrypted square distance between Li and other location preferences)

MAX Computation For each index i, the LDS generates two random values (r i & s i ) to scale and shift the encrypted square distance between Li and other location preferences)

ARGMIN MAX Computation For each index i, the LDS generates two random values (r i & s i ) to scale and shift the encrypted square distance between Li and other location preferences)

Finally… In Step C.3, each user knows which identifier corresponds to himself And the user whose preferred location has the minimum distance sends to all other users the fair rendezvous location in an anonymous way. After the last step, each user receives the final fair rendezvous location, but no other information regarding non-fair locations or distances is leaked

Outline Introduction & Problem Definition Problem Formulation & System Architecture Proposed Solution Privacy Requirements & Definitions Privacy & Complexity Analysis Experimental Evaluation

Privacy Requirements & Definitions

Challenge-Response Games

(weak) Identifiability Guess : u a chooses a value k’ ∈ {1,..., N} and sends it back to the challenger.

Distance-Linkability Guess : u a responds with a value s ∗ ∈ {0, 1}. u a wins the game if s ∗ = 0 and d j,k ≥ s, or if s ∗ = 1 and d j,k < s.

Coordinate-Linkability Guess : u a responds with a value r ∈ {0, 1} u a wins the game if r = 0 and b j ≤ b k, or if r = 1 and b j > b k.

Outline Introduction & Problem Definition Problem Formulation & System Architecture Proposed Solution Privacy Requirements & Definitions Privacy & Complexity Analysis Experimental Evaluation

Privacy Analysis Probability advantages under passive attack are 0s

Privacy Analysis(Active Attack) Collusion ( between the LDS and a participant) Fake Users Generated by the LDS Generated by a legitimate participant Unfair RV(Malicious modification or untruthful reporting of the maximum masked values)

Unfair RV even if a user falsely reports one of his values to be the maximum, this would cause the algorithm to select a non-fair rendez-vous location if and only if no other user selected a smaller value as the maximum distance.

Complexity Analysis

Outline Introduction & Problem Definition Problem Formulation & System Architecture Proposed Solution Privacy Requirements & Definitions Privacy & Complexity Analysis Experimental Evaluation

Complexity Analysis (LDS implementation is running on a standard Linux PC) (2 GHz CPU, 3 GB RAM, Ubuntu Linux). Dist ARGMIN MAX

Complexity Analysis (client application is implemented on Nokia N810) (ARM 400 MHz CPU, 256 MB RAM, Linux Maemo OS) Dist all MAX+ARGMIN

END