Blindlocation supporting user location privacy in mobile database using blind signature
This presentation is the property of its rightful owner.
Sponsored Links
1 / 15

BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature PowerPoint PPT Presentation


  • 75 Views
  • Uploaded on
  • Presentation posted in: General

BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature. Source: Journal of Computer Science and Technology, reviewing Imact Factor: 0.632 Presenter: Yung-Chih Lu ( 呂勇志 ) Date: 2010/12/31. Outline. Introduction Related work Proposed Scheme

Download Presentation

BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Blindlocation supporting user location privacy in mobile database using blind signature

BlindLocation: Supporting User Location Privacy in Mobile Database Using Blind Signature

Source: Journal of Computer Science and Technology, reviewing

Imact Factor: 0.632

Presenter: Yung-Chih Lu (呂勇志)

Date: 2010/12/31


Outline

Outline

  • Introduction

  • Related work

  • Proposed Scheme

  • Security Analysis

  • Performance Evaluation

  • Conclusion

  • Comment


Introduction 1 3

Introduction (1/3)

  • Mobile Database


Introduction 2 3

Introduction (2/3)

  • Location Privacy

Location-dependent queries

Ex: find a restaurant

Database

User

The answer depends on user’s location.


Introduction 3 3

Introduction (3/3)

  • Goal

    • BlindLocation

    • Mutual Authentication

    • Prevention

      • Insiders Attacks

      • Outsiders Attacks

    • Low computation time


Related work

Related work

Min-Shinang Hwang and Pei-Chen Sung, "A study of micro-payment based on one-way hash chain," International Journal of Network Security, vol.2, no.2, pp.81-90, 2006.

  • ECC Blind signature


Proposed scheme 1 2

Proposed Scheme (1/2)

  • Acquiring the anonymous token

User

Database

calculate

x = h(Q)

HMAC(c(x), t, ksh)

Verify

SB(S’B(c(x)))?=c(x)

calculate

S’B(x)=c’(S’B(c(x)))

A, t, c(x), HMAC(c(x), t, Ksh)

Verify

HMAC(C(x), t, ksh)

?=

HMAC(C(x), t, ksh)

calculate

S’B(c(x))

S’B(c(x))

A: User’s ID t: timestamp Ksh: secret shared key

Q: Location based query S’B : DB’s private key c(.): blind signature


Proposed scheme 2 2

Proposed Scheme (2/2)

  • Anonymous authentication using the token

User

Database

calculateSB(S’B(Result,S’B(x)))

S’B(x) ,Q

Verify

SB(S’B(x))? = h(Q)

S’B(Result,S’B(x))

A: User’s ID t: timestamp Ksh: secret shared key

Q: Location based query S’B : DB’s private key c(.): blind signature


Security analysis 1 2

Security Analysis (1/2)

  • Insiders Attacks

    • Location privacy violation

      • Solution: Psc = 1/m!

    • Embedding a known symbol

      • Solution: verification

    • Information theft

      • Solution: meaningless

    • Impersonation attack:

      • Solution: secret shared key


Security analysis 2 2

Security Analysis (2/2)

  • Outsiders Attacks

    • Denial of Services (DOS) attack

      • Solutions

        • memory : stateless

        • CPU: limit the number of valid token requests

    • Replay attack:

      • Solution: timestamp

    • Snooping attack:

      • Solution: blind signature & encryption

    • Man-In-The-Middle

      • Solution: verification


Performance evaluation 1 2

Performance Evaluation (1/2)

  • Computation time


Performance evaluation 2 2

Performance Evaluation (2/2)

  • Comparison summaries


Conclusion

Conclusion

  • Solve the location privacy problem

  • The quality of service is not forfeited


Comment 1 2

Comment (1/2)

  • 本文主要貢獻簡述:

    • 提供一個機率上有效的location privacy

  • 優點:

    • 適切的應用blind signature, 達到location privacy又不損資料庫提供查詢服務的能力

  • 缺點:

    • 在Computation time中未與它篇論文比較


Comment 2 2

Comment (2/2)

  • 明顯錯誤(含typos):

    • 第5頁表1,reslut應改成result.

    • 第19頁表3,符號Q定義混淆.

    • 論文架構有誤, Related work應移至Introduction之後.

    • 論文章節未標示清楚


  • Login