PriSrv: Privacy-Enhanced and Highly Usable Service Discovery in Wireless Communications

Yang Yang; Robert H. Deng; Guomin Yang; Yingjiu Li; HweeHwa Pang; Minming Huang; Rui Shi; Jian Weng

Paper 2024/1783

PriSrv: Privacy-Enhanced and Highly Usable Service Discovery in Wireless Communications

Yang Yang

, Singapore Management University

Robert H. Deng, Singapore Management University

Guomin Yang, Singapore Management University

Yingjiu Li, University of Oregon

HweeHwa Pang, Singapore Management University

Minming Huang, Singapore Management University

Rui Shi, Beijing Electronic Science and Technology Institute

Jian Weng, Jinan University, Guangzhou, China

Abstract

Service discovery is essential in wireless communications. However, existing service discovery protocols provide no or very limited privacy protection for service providers and clients, and they often leak sensitive information (e.g., service type, client’s identity and mobility pattern), which leads to various network-based attacks (e.g., spoofing, man-in-the-middle, identification and tracking). In this paper, we propose a private service discovery protocol, called PriSrv, which allows a service provider and a client to respectively specify a fine-grained authentication policy that the other party must satisfy before a connection is established. PriSrv consists of a private service broadcast phase and an anonymous mutual authentication phase with bilateral control, where the private information of both parties is hidden beyond the fact that a mutual match to the respective authentication policy occurred. As a core component of PriSrv, we introduce the notion of anonymous credential-based matchmaking encryption (ACME), which exerts dual-layer matching in one step to simultaneously achieve bilateral flexible policy control, selective attribute disclosure and multi-show unlinkability. As a building block of ACME, we design a fast anonymous credential (FAC) scheme to provide constant size credentials and efficient show/verification mechanisms, which is suitable for privacy-enhanced and highly usable service discovery in wireless networks. We present a concrete PriSrv protocol that is interoperable with popular wireless communication protocols, such as Wi-Fi Extensible Authentication Protocol (EAP), mDNS, BLE and Airdrop, to offer privacy-enhanced protection. We present formal security proof of our protocol and evaluate its performance on multiple hardware platforms: desktop, laptop, mobile phone and Raspberry Pi. PriSrv accomplishes private discovery and secure connection in less than 0.973 s on the first three platforms, and in less than 2.712 s on Raspberry Pi 4B. We also implement PriSrv into IEEE 802.1X in the real network to demonstrate its practicality.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Published elsewhere. Major revision. Network and Distributed System Security (NDSS) Symposium 2024
DOI: 10.14722/ndss.2024.24174
Keywords: Service discovery matchmaking encryption anonymous credential
Contact author(s): yang yang research @ gmail com
History: 2024-11-04: approved; 2024-11-01: received; See all versions
Short URL: https://ia.cr/2024/1783
License: CC BY-NC

BibTeX

@misc{cryptoeprint:2024/1783,
      author = {Yang Yang and Robert H. Deng and Guomin Yang and Yingjiu Li and HweeHwa Pang and Minming Huang and Rui Shi and Jian Weng},
      title = {{PriSrv}: Privacy-Enhanced and Highly Usable Service Discovery in Wireless Communications},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1783},
      year = {2024},
      doi = {10.14722/ndss.2024.24174},
      url = {https://eprint.iacr.org/2024/1783}
}