1 / 27

P2-SAS: Privacy-Preserving Centralized Dynamic Spectrum Access System

P2-SAS is a centralized system that provides spectrum access while preserving user privacy through computing on encrypted data and secure computation processes.

palacio
Télécharger la présentation

P2-SAS: Privacy-Preserving Centralized Dynamic Spectrum Access System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Yanzhi Dou Kexiong Zeng He Li Yaling Yang Bo Gao Chaowen Guan Kui Ren Shaoqian Li P2-SAS: Privacy-Preserving Centralized Dynamic Spectrum Access System

  2. Background • Dynamic Spectrum Access (DSA) is acrucial solution to mitigate the spectrum scarcityproblem. Source: [Akyildiz06]

  3. Background • One key form of DSA: Federal-Commercialspectrum sharing [PCAST12] • Realize the full potential of government-held spectrum • Spectrum Access System (SAS) [PCAST12, FCC12] • A centralized system to govern the spectrum sharing

  4. Motivation • New challenge: Privacy • IUs’ operation information is often classified data. • SUs’ operation information may also be commercial secret. • SAS is not necessarily trust-worthy. • SAS may be operated by some commercial third partiesto enhance its efficiency and scalability. [PCAST12, FCC12] Single point of vulnerability

  5. Question: Provide SAS Service & Preserve User’s Privacy

  6. YES!

  7. P2-SAS Provide SAS Service & Preserve User’s Privacy

  8. Computing on Encrypted Data P2-SAS Provide SAS Service & Preserve User’s Privacy Securing SAS Process Tuning & Acceleration PerformanceEvaluation

  9. Homomorphic Encryption • Homomorphic encryption is an encryption scheme that allows computation on ciphertexts. • Consists of three functions.

  10. Homomorphic Encryption • Homomorphic encryption is an encryption scheme that allows computation on ciphertexts. • Consists of three functions.

  11. Homomorphic Encryption Paillier Cryptosystem

  12. Computing on Encrypted Data Securing SAS Process P2-SAS Provide SAS Service & Preserve User’s Privacy Tuning & Acceleration PerformanceEvaluation

  13. Key Distribution IU IU IU SAS Server Key Distributor SUb SUa

  14. Group Paillierpk: pkG P2-SAS Design Overview Group Pailliersk: skG SU a’s Paillierpk: pka SU a’s Pailliersk: ska IU SU b’s Paillierpk: pkb SU b’s Pailliersk: skb Interference Calculation IU KeyConversionService IU SAS Server Key Distributor SUb SUa

  15. Identifying Private Input Data • Interference Calculation • Longley-Rice Model, 13 input parameters [NTIA82, FCC12] • Private Input Data

  16. Input Data Format • IU i’s input • SU b’s input • SAS Server maintains an interference map

  17. Disintegrating SAS Process • 1. SAS Server creates an interference budget matrix

  18. DisintegratingSAS Process • 2. SAS Server makes spectrum allocation decision based on SU operation data . • D • d (Deny access) (Approve access) Certificate

  19. Secure Computation of SAS Process Integer Encoding Secure Integer Comparison • 1. SAS Server creates an interference budget matrix • 2. SAS Server makes spectrum allocation decision based on SU operation data • a. • b. • Certificate Key Conversion Service Secure Integer Comparison Radio operation’s observable nature + Digital signature’s integrity property Secure Digital Signature Generation

  20. Computing on Encrypted Data P2-SAS Provide SAS Service & Preserve User’s Privacy Disintegrating SAS Process Tuning & Acceleration PerformanceEvaluation

  21. Tuning of Quantization Granularity • Interference underestimation • Should be strictly forbidden • Interference overestimation • Underutilization of spectrum • Undesirable yet tolerable • Tradeoff between interference overestimation error and computation overhead.

  22. Acceleration • Factoring • Precomputing • Ciphertext Packing • Parallelization

  23. Computing on Encrypted Data P2-SAS Provide SAS Service & Preserve User’s Privacy Disintegrating SAS Process Tuning & Acceleration PerformanceEvaluation

  24. Evaluation 112-bit security level • Implementation • Paillier Cryptosystem, n=2048 bits • 24 threads on 3 desktops, Intel i7-3770 CPU @ 3.40GHz and 12GB RAM • Evaluation Settings • Washington D.C., 154.82 km2

  25. Evaluation • Accuracy • Error rates of the spectrum allocation decisions • Ground truth: traditional SAS implementation • False positives and false negatives False positive rate=0 False negative rate=2.72%

  26. Evaluation • Efficiency • Comparison with Traditional SAS implementation • Per spectrum access request • 6.96 seconds vs. 0.13 seconds • 3.97 MB vs. 6.04 KB

  27. Formal security definition & proof • Secure computation of the tricky parts • Mitigation of inference attack • Details of acceleration methods • Future work More in the paper

More Related