Privacy through Pseudonymity in Mobile Telephony Systems
Download: Paper (PDF)
Date: 22 Feb 2014
Document Type: Briefing Papers
Additional Documents: Slides
Associated Event: NDSS Symposium 2014
We show that real implementations of the pseudonym changing mechanism do not achieve the intended privacy goals and that it is possible to exploit the TMSI reallocation procedure to track mobile telephony users. We propose countermeasures to tackle the exposed vulnerabilities and formally prove a sufficient condition to provide unlinkability.