GameSec 2010 November 22, Berlin Mathias Humbert, Mohammad Hossein Manshaei, Julien Freudiger and Jean-Pierre Hubaux EPFL - Laboratory for Computer communications and Applications (LCA1)

P2P Wireless Communications  Smartphones equipped with advanced communication capabilities (WiFi & Bluetooth) => enable P2P communication between mobile users  Application examples: 2 Vehicular networksMobile social networks

Location Privacy Problem  Identifiers of mobile devices unveiled  Cryptographic credentials  MAC addresses  External eavesdropper can monitor users’ identifiers and track them 3 Local Adversary

Countermeasure: Mix Zones 4 A B D C E F I J K G Change identifiers in regions called mix zones [1] Public/private keys used to sign messages MAC addresses 2 types of mix zones Active mix zone (M): temporal + spatial decorrelations Passive mix zone (P): temporal decorrelation [2] Temporal decorrelation: change identifiers Spatial decorrelation: remain silent (necessary only if the adversary installed an eavesdropping station at the same place) [1] Beresford, A.R., Stajano, F.: Location privacy in pervasive computing. IEEE Pervasive Computing (2003) [2] Buttyán, L. et al.: On the effectiveness of changing pseudonyms to provide location privacy in VANETs. Security and Privacy in Ad-hoc and Sensor Networks (2007)

Mixing Effectiveness 5 4  At some intersection i: p i 13 p i 12 p i 14 p i 24 p i 21 p i 23 p i 32 p i 34 3 entering roads 4 exiting roads Number of vehicles per hour  Normalized entropy-based metric [3]: p i 13 = 3/( ) p i 12 = 593/( ) p i 14 = 38/( ) R i 1 = 3 R i 2 = 3 R i 3 = 2 k: entering roads j: exiting roads Normalized traffic intensity of entering road k Passive mix zones: m i = 0 if adversary at same place m i = 1 if no adversary [3] Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. PET 2002

Tracking Games Placement of active/passive mix zones versus placement of eavesdropping stations 6 : Eavesdropping station (E) : Active mix zone (M): Passive mix zone (P) Strategic behaviors of attacker and defenders => game theory to model the interactions between players and predict their best strategies 2 knowledge levels complete information incomplete info.

Game Model 7  Road network with K intersections  2 players: {mobile nodes, adversary}  Nodes’ strategies s n,i (intersection i):  Active mix zone (cost = c i m )  c i m = c i p + c i q = pseudonyms cost + silence cost  Passive mix zone (cost = c i p )  Abstain  Adversary’s strategies s a,i :  Eavesdrop (cost = c s )  Abstain  Payoffs: Eavesdrop (E)Abstain (A) Active mix zone (M)(λ i m i -c i p -c i q ; λ i (1-m i )-c s )(λ i -c i p -c i q ; 0) Passive mix zone (P)(-c i p ; λ i -c s )(λ i - c i p ; 0) Abstain (A)(0 ; λ i -c s )(0 ; 0) 0 ≤ λ i, m i, c i m, c s ≤ 1 Adversary Nodes m i ->1 if efficient mixing m i ->0 if weak mixing can be represented by a urban/central authority

Analytical Results Complete Information Game 8 One intersection Either one pure Nash equilibrium (NE) or one mixed NE Depending on traffic parameters m i, λ i and players’ costs c i m, c i p and c s 4 possible pure NE: (M, E), (P, A), (A, E) and (A,A) 2 pure NE never appear: (M, A) and (P, E) K intersections with limited number of eavesdropping stations Algorithm deriving a single Nash equilibrium Union of NE at K intersections (supergame [4]) Removal of exceeding eavesdropping stations Update of nodes’ best response [4] Friedman, J.W.: A non-cooperative equilibrium for supergames. The Review of Economic Studies (1971)

Analytical Results Incomplete and Asymmetric Information Game: Incomplete and Asymmetric Information Game: - Nodes do not know the adversary’s power => nodes’ belief on this power modeled as a probability distribution f(θ) [5] 9 One intersection Existence of a pure Bayesian Nash equilibrium (BNE) Depending on traffic parameters m i, λ i, players’ costs c i m, c i p, c s and accuracy of nodes’ belief f(θ) on adversary’s type All possible pure BNE: (M, E), (P, A), (A, E), (A, A), (M, A) and (P, E) K intersections with limited number of eavesdropping stations Algorithm deriving a single Bayesian Nash equilibrium Similar steps as the algorithm for complete information game Nodes do not know adversary’s strategy (eavesdropping stations placement) => have to “guess” it based on their belief [5] Harsanyi, J.: Games with incomplete information played by Bayesian players. Management science (1967)

Numerical Results Real traffic data of Downtown Lausanne 10 Low costs for both players 17 (M, E) 6 (A, E) 0 (P, A) 0 Mixed-strategy 2 (M, E) 3 (A, E) 18 (P, A) 0 Mixed-strategy 2 (M, E) 3 (A, E) 5 (P, A) 13 Mixed-strategy 2 (M, E) 3 (A, E) 18 (P, A) 0 Mixed-strategy Unlimited number (Γ=23) of eavesdropping stations Adversary’s higher cost Limited number (Γ=5) of eavesdropping stations

Numerical Results Incomplete Information Game: Probability density functions f(θ) of nodes’ belief on adversary’s cost c s : U(0,1) or β(2,5) 11 Scenario\Bayesian NE(M, E)(P, E)(A, E)(M, A)(P, A)(A, A) U(0,1); c s = 0.2; Γ= U(0,1); c s = 0.2; Γ= β(2,5); c s = 0.2; Γ= β(2,5); c s = 0.2; Γ= β(2,5); c s = 0.5; Γ= β(2,5); c s = 0.5; Γ= E = Eavesdrop A = Abstain M = Active mix zone P = Passive mix zone A = Abstain Adversary’s strategies Nodes’ strategies

Conclusion  Possible to predict the best response of mobile users with respect to a local adversary strategy  2 algorithms to reach (Bayesian) NE in both complete and incomplete information games  In incomplete information game, nodes’ lack of information about the adversary’s strategy leading to a significant decrease in the achievable location privacy level or a needless cost increase  Concrete application on a real city network  Adversary and mobile nodes adopting complementary strategies  Future work  Enrich the analysis by including the spatial interdependencies between the different road intersections  Evaluate the interactions between the attacker and defenders by using repeated games 12

Backup slides – NE at one intersection 13

Backup slides – K intersections 14

Backup slides – Algorithm 1 15

Backup slides – Bayesian Game 16 where

Backup slides – Bayesian NE 17

Backup slides – Algorithm 2 18