1 / 15

BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature

BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature. Source: Journal of Computer Science and Technology, reviewing Imact Factor: 0.632 Presenter: Yung-Chih Lu ( 呂勇志 ) Date: 2010/12/31. Outline. Introduction Related work Proposed Scheme

hop-foreman
Télécharger la présentation

BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. BlindLocation: Supporting User Location Privacy in Mobile Database Using Blind Signature Source: Journal of Computer Science and Technology, reviewing Imact Factor: 0.632 Presenter: Yung-Chih Lu (呂勇志) Date: 2010/12/31

  2. Outline • Introduction • Related work • Proposed Scheme • Security Analysis • Performance Evaluation • Conclusion • Comment

  3. Introduction (1/3) • Mobile Database

  4. Introduction (2/3) • Location Privacy Location-dependent queries Ex: find a restaurant Database User The answer depends on user’s location.

  5. Introduction (3/3) • Goal • BlindLocation • Mutual Authentication • Prevention • Insiders Attacks • Outsiders Attacks • Low computation time

  6. Related work Min-Shinang Hwang and Pei-Chen Sung, "A study of micro-payment based on one-way hash chain," International Journal of Network Security, vol.2, no.2, pp.81-90, 2006. • ECC Blind signature

  7. Proposed Scheme (1/2) • Acquiring the anonymous token User Database calculate x = h(Q) HMAC(c(x), t, ksh) Verify SB(S’B(c(x)))?=c(x) calculate S’B(x)=c’(S’B(c(x))) A, t, c(x), HMAC(c(x), t, Ksh) Verify HMAC(C(x), t, ksh) ?= HMAC(C(x), t, ksh) calculate S’B(c(x)) S’B(c(x)) A: User’s ID t: timestamp Ksh: secret shared key Q: Location based query S’B : DB’s private key c(.): blind signature

  8. Proposed Scheme (2/2) • Anonymous authentication using the token User Database calculateSB(S’B(Result,S’B(x))) S’B(x) ,Q Verify SB(S’B(x))? = h(Q) S’B(Result,S’B(x)) A: User’s ID t: timestamp Ksh: secret shared key Q: Location based query S’B : DB’s private key c(.): blind signature

  9. Security Analysis (1/2) • Insiders Attacks • Location privacy violation • Solution: Psc = 1/m! • Embedding a known symbol • Solution: verification • Information theft • Solution: meaningless • Impersonation attack: • Solution: secret shared key

  10. Security Analysis (2/2) • Outsiders Attacks • Denial of Services (DOS) attack • Solutions • memory : stateless • CPU: limit the number of valid token requests • Replay attack: • Solution: timestamp • Snooping attack: • Solution: blind signature & encryption • Man-In-The-Middle • Solution: verification

  11. Performance Evaluation (1/2) • Computation time

  12. Performance Evaluation (2/2) • Comparison summaries

  13. Conclusion • Solve the location privacy problem • The quality of service is not forfeited

  14. Comment (1/2) • 本文主要貢獻簡述: • 提供一個機率上有效的location privacy • 優點: • 適切的應用blind signature, 達到location privacy又不損資料庫提供查詢服務的能力 • 缺點: • 在Computation time中未與它篇論文比較

  15. Comment (2/2) • 明顯錯誤(含typos): • 第5頁表1,reslut應改成result. • 第19頁表3,符號Q定義混淆. • 論文架構有誤, Related work應移至Introduction之後. • 論文章節未標示清楚

More Related