Yang Yang (School of Computing and Information Systems, Singapore Management University, Singapore), Robert H. Deng (School of Computing and Information Systems, Singapore Management University, Singapore), Guomin Yang (School of Computing and Information Systems, Singapore Management University, Singapore), Yingjiu Li (Department of Computer Science, University of Oregon, USA), HweeHwa Pang (School of Computing and Information Systems,…

Service discovery is essential in wireless communications. However, existing service discovery protocols provide no or very limited privacy protection for service providers and clients, and they often leak sensitive information (e.g., service type, client’s identity and mobility pattern), which leads to various network-based attacks (e.g., spoofing, man-in-the-middle, identification and tracking). In this paper, we propose a private service discovery protocol, called PriSrv, which allows a service provider and a client to respectively specify a fine-grained authentication policy that the other party must satisfy before a connection is established. PriSrv consists of a private service broadcast phase and an anonymous mutual authentication phase with bilateral control, where the private information of both parties is hidden beyond the fact that a mutual match to the respective authentication policy occurred. As a core component of PriSrv, we introduce the notion of anonymous credential-based matchmaking encryption (ACME), which exerts dual-layer matching in one step to simultaneously achieve bilateral flexible policy control, selective attribute disclosure and multi-show unlinkability. As a building block of ACME, we design a fast anonymous credential (FAC) scheme to provide constant size credentials and efficient show/verification mechanisms, which is suitable for privacy-enhanced and highly usable service discovery in wireless networks.

We present a concrete PriSrv protocol that is interoperable with popular wireless communication protocols, such as Wi-Fi Extensible Authentication Protocol (EAP), mDNS, BLE and Airdrop, to offer privacy-enhanced protection. We present formal security proof of our protocol and evaluate its performance on multiple hardware platforms: desktop, laptop, mobile phone and Raspberry Pi. PriSrv accomplishes private discovery and secure connection in less than 0.973 s on the first three platforms, and in less than 2.712 s on Raspberry Pi 4B. We also implement PriSrv into IEEE 802.1X in the real network to demonstrate its practicality.

View More Papers

WIP: Security Vulnerabilities and Attack Scenarios in Smart Home...

Haoqiang Wang (Chinese Academy of Sciences, University of Chinese Academy of Sciences, Indiana University Bloomington), Yichen Liu (Indiana University Bloomington), Yiwei Fang, Ze Jin, Qixu Liu (Chinese Academy of Sciences, University of Chinese Academy of Sciences, Indiana University Bloomington), Luyi Xing (Indiana University Bloomington)

Read More

Evaluating Disassembly Ground Truth Through Dynamic Tracing (abstract)

Lambang Akbar (National University of Singapore), Yuancheng Jiang (National University of Singapore), Roland H.C. Yap (National University of Singapore), Zhenkai Liang (National University of Singapore), Zhuohao Liu (National University of Singapore)

Read More

Certificate Transparency Revisited: The Public Inspections on Third-party Monitors

Aozhuo Sun (Institute of Information Engineering, Chinese Academy of Sciences), Jingqiang Lin (School of Cyber Science and Technology, University of Science and Technology of China), Wei Wang (Institute of Information Engineering, Chinese Academy of Sciences), Zeyan Liu (The University of Kansas), Bingyu Li (School of Cyber Science and Technology, Beihang University), Shushang Wen (School of…

Read More

WIP: Body Posture Analysis as an Objective Measurement for...

Cherin Lim, Tianhao Xu, Prashanth Rajivan (University of Washington)

Read More