Paper 2025/139

Path Privacy and Handovers: Preventing Insider Traceability Attacks During Secure Handovers

Rabiah Alnashwan, University of Sheffield
Benjamin Dowling, King's College London
Bhagya Wimalasiri, University of Sheffield
Abstract

The rise of 5G and IoT has shifted secure communication from centralized and homogeneous to a landscape of heterogeneous mobile devices constantly travelling between myriad networks. In such environments, it is desirable for devices to securely extend their connection from one network to another, often referred to as a handover. In this work we introduce the first cryptographic formalisation of secure handover schemes. We leverage our formalisation to propose path privacy, a novel security property for handovers that has hitherto remained unexplored. We further develop a syntax for secure handovers, and identify security properties appropriate for secure handover schemes. Finally, we introduce a generic handover scheme that captures all the strong notions of security we have identified, combining our novel path privacy concept with other security properties characteristic to existing handover schemes, demonstrating the robustness and versatility of our framework.

Note: This is the full version of the paper that has been accepted to appear at IEEE CSF 2025.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Major revision. CSF 2025 – 38th IEEE Computer Security Foundations Symposium
Keywords
Secure HandoverPath PrivacyFormalisationProvable SecurityProtocol Analysis
Contact author(s)
ralnashwan1 @ sheffield ac uk
benjamin dowling @ kcl ac uk
b m wimalasiri @ sheffield ac uk
History
2025-01-28: approved
2025-01-28: received
See all versions
Short URL
https://ia.cr/2025/139
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/139,
      author = {Rabiah Alnashwan and Benjamin Dowling and Bhagya Wimalasiri},
      title = {Path Privacy and Handovers: Preventing Insider Traceability Attacks During Secure Handovers},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/139},
      year = {2025},
      url = {https://eprint.iacr.org/2025/139}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.