Abstract
We study linking attacks on communication protocols. We observe that an active attacker is strictly more powerful in this setting than previously-considered passive attackers. We introduce a formal model to reason about active linking attacks, formally define security against these attacks and give conditions for both security and insecurity of protocols. In addition, we introduce a composition-like technique that allows to obtain security proofs by only studying small components of a protocol.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The purpose of the value t is only to give the adversary complete information about his actions in the protocol run so far in the function \( view \left( .\right) \) (see below).
- 2.
Whether wait is available does not follow from \( view \left( s,\sigma \right) \). We can extend \( view \left( s,\sigma \right) \) with a flag for the availability of wait, for simplification we omit this.
- 3.
One can without loss of generality assume that there is no variable x and an edge \(x\rightarrow g\) for the output node g of a flat protocol.
References
Aho, A.V., Beeri, C., Ullman, J.D.: The theory of joins in relational databases. ACM Trans. Database Syst. 4(3), 297–314 (1979)
Arapinis, M., Chothia, T., Ritter, E., Ryan, M.: Analysing unlinkability and anonymity using the applied pi calculus. In: CSF, pp. 107–121. IEEE Computer Society (2010)
Bhargavan, K., Corin, R., Fournet, C., Gordon, A.D.: Secure sessions for web services. ACM Trans. Inf. Syst. Secur. 10(2) (2007)
Backes, M., Maffei, M., Pecina, K., Reischuk, R.M.: G2C: cryptographic protocols from goal-driven specifications. In: Mödersheim, S., Palamidessi, C. (eds.) TOSCA 2011. LNCS, vol. 6993, pp. 57–77. Springer, Heidelberg (2012)
Biryukov, A., Pustogarov, I., Weinmann, R.-P.: TorScan: tracing long-lived connections and differential scanning attacks. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 469–486. Springer, Heidelberg (2012)
Dong, N., Jonker, H., Pang, J.: Formal analysis of privacy in an ehealth protocol. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 325–342. Springer, Heidelberg (2012)
Eigner, F., Maffei, M.: Differential privacy by typing in security protocols. In: CSF, pp. 272–286. IEEE (2013)
Maier, D., Mendelzon, A.O., Sagiv, Y.: Testing implications of data dependencies. ACM Trans. Database Syst. 4(4), 455–469 (1979)
Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: IEEE Symposium on Security and Privacy, pp. 111–125. IEEE Computer Society (2008)
Rusinowitch, M., Turuani, M.: Protocol insecurity with a finite number of sessions, composed keys is NP-complete. Theoret. Comput. Sci. 1–3(299), 451–475 (2003)
Schnoor, H., Woizekowski, O.: Active linkability attacks. CoRR, abs/1311.7236 (2014)
Sweeney, L.: Achieving \(k\)-anonymity privacy protection using generalization and suppression. Int. J. Fuzziness Knowl. Based Syst. 10(5), 571–588 (2002)
Veeningen, M., de Weger, B., Zannone, N.: Symbolic privacy analysis through linkability and detectability. In: Fernández-Gago, C., Martinelli, F., Pearson, S., Agudo, I. (eds.) Trust Management VII. IFIP AICT, vol. 401, pp. 1–16. Springer, Heidelberg (2013)
Vollmer, H.: Introduction to Circuit Complexity - A Uniform Approach. Texts in theoretical computer science. Springer, Heidelberg (1999)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Schnoor, H., Woizekowski, O. (2015). Active Linking Attacks. In: Italiano, G., Pighizzini, G., Sannella, D. (eds) Mathematical Foundations of Computer Science 2015. MFCS 2015. Lecture Notes in Computer Science(), vol 9235. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-48054-0_46
Download citation
DOI: https://doi.org/10.1007/978-3-662-48054-0_46
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-48053-3
Online ISBN: 978-3-662-48054-0
eBook Packages: Computer ScienceComputer Science (R0)