Paper 2024/1783
PriSrv: Privacy-Enhanced and Highly Usable Service Discovery in Wireless Communications
Abstract
Service discovery is essential in wireless communications. However, existing service discovery protocols provide no or very limited privacy protection for service providers and clients, and they often leak sensitive information (e.g., service type, client’s identity and mobility pattern), which leads to various network-based attacks (e.g., spoofing, man-in-the-middle, identification and tracking). In this paper, we propose a private service discovery protocol, called PriSrv, which allows a service provider and a client to respectively specify a fine-grained authentication policy that the other party must satisfy before a connection is established. PriSrv consists of a private service broadcast phase and an anonymous mutual authentication phase with bilateral control, where the private information of both parties is hidden beyond the fact that a mutual match to the respective authentication policy occurred. As a core component of PriSrv, we introduce the notion of anonymous credential-based matchmaking encryption (ACME), which exerts dual-layer matching in one step to simultaneously achieve bilateral flexible policy control, selective attribute disclosure and multi-show unlinkability. As a building block of ACME, we design a fast anonymous credential (FAC) scheme to provide constant size credentials and efficient show/verification mechanisms, which is suitable for privacy-enhanced and highly usable service discovery in wireless networks. We present a concrete PriSrv protocol that is interoperable with popular wireless communication protocols, such as Wi-Fi Extensible Authentication Protocol (EAP), mDNS, BLE and Airdrop, to offer privacy-enhanced protection. We present formal security proof of our protocol and evaluate its performance on multiple hardware platforms: desktop, laptop, mobile phone and Raspberry Pi. PriSrv accomplishes private discovery and secure connection in less than 0.973 s on the first three platforms, and in less than 2.712 s on Raspberry Pi 4B. We also implement PriSrv into IEEE 802.1X in the real network to demonstrate its practicality.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Major revision. Network and Distributed System Security (NDSS) Symposium 2024
- DOI
- 10.14722/ndss.2024.24174
- Keywords
- Service discoverymatchmaking encryptionanonymous credential
- Contact author(s)
- yang yang research @ gmail com
- History
- 2024-11-04: approved
- 2024-11-01: received
- See all versions
- Short URL
- https://ia.cr/2024/1783
- License
-
CC BY-NC
BibTeX
@misc{cryptoeprint:2024/1783, author = {Yang Yang and Robert H. Deng and Guomin Yang and Yingjiu Li and HweeHwa Pang and Minming Huang and Rui Shi and Jian Weng}, title = {{PriSrv}: Privacy-Enhanced and Highly Usable Service Discovery in Wireless Communications}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/1783}, year = {2024}, doi = {10.14722/ndss.2024.24174}, url = {https://eprint.iacr.org/2024/1783} }