BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature - PowerPoint PPT Presentation

blindlocation supporting user location privacy in mobile database using blind signature n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature PowerPoint Presentation
Download Presentation
BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature

play fullscreen
1 / 15
BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature
134 Views
Download Presentation
hop-foreman
Download Presentation

BlindLocation : Supporting User Location Privacy in Mobile Database Using Blind Signature

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. BlindLocation: Supporting User Location Privacy in Mobile Database Using Blind Signature Source: Journal of Computer Science and Technology, reviewing Imact Factor: 0.632 Presenter: Yung-Chih Lu (呂勇志) Date: 2010/12/31

  2. Outline • Introduction • Related work • Proposed Scheme • Security Analysis • Performance Evaluation • Conclusion • Comment

  3. Introduction (1/3) • Mobile Database

  4. Introduction (2/3) • Location Privacy Location-dependent queries Ex: find a restaurant Database User The answer depends on user’s location.

  5. Introduction (3/3) • Goal • BlindLocation • Mutual Authentication • Prevention • Insiders Attacks • Outsiders Attacks • Low computation time

  6. Related work Min-Shinang Hwang and Pei-Chen Sung, "A study of micro-payment based on one-way hash chain," International Journal of Network Security, vol.2, no.2, pp.81-90, 2006. • ECC Blind signature

  7. Proposed Scheme (1/2) • Acquiring the anonymous token User Database calculate x = h(Q) HMAC(c(x), t, ksh) Verify SB(S’B(c(x)))?=c(x) calculate S’B(x)=c’(S’B(c(x))) A, t, c(x), HMAC(c(x), t, Ksh) Verify HMAC(C(x), t, ksh) ?= HMAC(C(x), t, ksh) calculate S’B(c(x)) S’B(c(x)) A: User’s ID t: timestamp Ksh: secret shared key Q: Location based query S’B : DB’s private key c(.): blind signature

  8. Proposed Scheme (2/2) • Anonymous authentication using the token User Database calculateSB(S’B(Result,S’B(x))) S’B(x) ,Q Verify SB(S’B(x))? = h(Q) S’B(Result,S’B(x)) A: User’s ID t: timestamp Ksh: secret shared key Q: Location based query S’B : DB’s private key c(.): blind signature

  9. Security Analysis (1/2) • Insiders Attacks • Location privacy violation • Solution: Psc = 1/m! • Embedding a known symbol • Solution: verification • Information theft • Solution: meaningless • Impersonation attack: • Solution: secret shared key

  10. Security Analysis (2/2) • Outsiders Attacks • Denial of Services (DOS) attack • Solutions • memory : stateless • CPU: limit the number of valid token requests • Replay attack: • Solution: timestamp • Snooping attack: • Solution: blind signature & encryption • Man-In-The-Middle • Solution: verification

  11. Performance Evaluation (1/2) • Computation time

  12. Performance Evaluation (2/2) • Comparison summaries

  13. Conclusion • Solve the location privacy problem • The quality of service is not forfeited

  14. Comment (1/2) • 本文主要貢獻簡述: • 提供一個機率上有效的location privacy • 優點: • 適切的應用blind signature, 達到location privacy又不損資料庫提供查詢服務的能力 • 缺點: • 在Computation time中未與它篇論文比較

  15. Comment (2/2) • 明顯錯誤(含typos): • 第5頁表1,reslut應改成result. • 第19頁表3,符號Q定義混淆. • 論文架構有誤, Related work應移至Introduction之後. • 論文章節未標示清楚