New privacy issues in mobile telephony: Fix and Verification

Myrto Arapinis, Loretta Mancini, Eike Ritter, Mark Ryan, Nico Golde, Kevin Redon, Ravishankar Borgaonkar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

Mobile telephony equipment is daily carried by billions of subscribers everywhere they go. Avoiding linkability of subscribers by third parties, and protecting the privacy of those subscribers is one of the goals of mobile telecommunication protocols. We use formal methods to model and analyse the security properties of 3G protocols. We expose two novel threats to the user privacy in 3G telephony systems, which make it possible to trace and identify mobile telephony subscribers, and we demonstrate the feasibility of a low cost implementation of these attacks. We propose fixes to these privacy issues, which also take into account and solve other privacy attacks known from the literature. We successfully prove that our privacy-friendly fixes satisfy the desired unlinkability and anonymity properties using the automatic verification tool ProVerif.
Original languageEnglish
Title of host publicationProceedings of the 2012 ACM conference on Computer and communications security
Place of PublicationNew York, NY, USA
PublisherACM
Pages205-216
Number of pages12
ISBN (Print)978-1-4503-1651-4
DOIs
Publication statusPublished - 2012

Keywords / Materials (for Non-textual outputs)

  • anonymity, mobile telephony, proverif, unlinkability

Fingerprint

Dive into the research topics of 'New privacy issues in mobile telephony: Fix and Verification'. Together they form a unique fingerprint.

Cite this