Abstract
Inspired by the literature on side-channel attacks against cryptographic implementations, we describe a framework for the analysis of location privacy. It allows us to revisit (continuous) re-identification attacks with a combination of information theoretic and security metrics. Our results highlight conceptual differences between re-identification attacks exploiting leakages that are internal or external to a pseudonymised database. They put forward the amount of data to collect in order to estimate a predictive model as an important – yet less discussed – dimension of privacy assessments. They finally leverage recent results on the security evaluations/certification of cryptographic implementations to connect information theoretic and security metrics, and to formally bound the risk of re-identification with external leakages.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The word “independent” does not refer to the fact that these observations are truly independent, but only to the fact that such observations are exploited assuming it.
- 2.
https://snap.stanford.edu/data/loc-brightkite.html (4/2008 - 10/2010).
- 3.
This data set is not publicly available (1/2010 - 2/2016).
- 4.
https://www.fordgobike.com/system-data (8/2013 - 8/2016).
- 5.
With c a small constant depending on \(\mathrm {H[U]}\) and the target success rate (e.g., \(c=\mathrm {H[U]}\) is a usual heuristic that corresponds to a success rate of approximately 80%).
- 6.
Note that the bound is here given for 1st-order independent models, as shown in the left part of the figure, the bound for the exshaustive models is stuck at \(\mathrm {H}[U]\).
References
Andrés, M.E., Bordenabe, N.E., Chatzikokolakis, K., Palamidessi, C.: Geo-indistinguishability: differential privacy for location-based systems. In: Sadeghi, A.-R., Gligor, V.D., Yung, M. (eds.), ACM SIGSAC, pp. 901–914. ACM (2013)
Beresford, A.R., Stajano, F.: Location privacy in pervasive computing. IEEE Pervasive Comput. 2(1), 46–55 (2003)
Bronchain, O., Hendrickx, J.M., Massart, C., Olshevsky, A., Standaert, F.-X.: Leakage certification revisited: Bounding model errors in side-channel security evaluations. IACR Cryptology ePrint Archive 2019:132 (2019)
Cho, E., Myers, S.A., Leskovec, J.: Friendship and mobility: user movement in location-based social networks. In: Apté, C., Ghosh, J., Smyth, P. (eds.) ACM SIGKDD, pp. 1082–1090. ACM (2011)
de Montjoye, Y.-A., Hidalgo, C.A., Verleysen, M., Blondel, V.: Unique in the crowd: the privacy bounds of human mobility. Nat. Sci. Rep. 3(1376), 5 (2013)
de Montjoye, Y.-A., Radaelli, L., Singh, V.K., Pentland, A.S.: Unique in the shopping mall: on the reidentifiability of credit card metadata. Science 347(6221), 536–539 (2015)
Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36467-6_5
Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 401–429. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_16
Durvaux, F., Standaert, F.-X., Pozo, S.M.D.: Towards easy leakage certification: extended version. J. Cryptographic Engineering 7(2), 129–147 (2017)
Durvaux, F., Standaert, F.-X., Veyrat-Charvillon, N.: How to certify the leakage of a chip? In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 459–476. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_26
Dwork, C.: Differential privacy: a survey of results. In: Agrawal, M., Du, D., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-79228-4_1
Fung, B.C.M., Wang, K., Chen, R., Yu, P.S.: Privacy-preserving data publishing: a survey of recent developments. ACM Comput. Surv. 42(4), 1–53 (2010)
Gambs, S., Killijian, M.-O., del Prado Cortez, M.N.: Next place prediction using mobility markov chains. In: Proceedings of the First Workshop on Measurement, Privacy, and Mobility, MPM 2012, pp. 3:1–3:6 (2012)
Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: L-diversity: privacy beyond k-anonymity. TKDD 1(1), 3 (2007)
Maouche, M., Ben Mokhtar, S., Bouchenak, S.: Ap-attack: a novel re-identification attack on mobility datasets. In: Kaafar, D., Zhou, G. (eds.) MobiQuitous. ACM (2017)
Oya, S., Troncoso, C., Pérez-González, F.: Is geo-indistinguishability what you are looking for? In: Thuraisingham, B.M., Lee, A.J. (eds.) Proceedings of the 2017 on Workshop on Privacy in the Electronic Society, pp. 137–140. ACM (2017)
Samarati, P., Sweeney, L.: Generalizing data to provide anonymity when disclosing information (abstract). In: Mendelzon, A.O., Paredaens, J. (eds.) ACM SIGACT-SIGMOD-SIGART, p. 188. ACM Press (1998)
Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Dingledine, R., Syverson, P. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36467-6_4
Shokri, R., Theodorakopoulos, G., Le Boudec, J.-Y., Hubaux, J.-P.: IEEE s&p. pp. 247–262. IEEE Computer Society (2011)
Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_26
Acknowledgments
François-Xavier Standaert is a Senior Research Associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). This work has been funded in parts by the ERC project SWORD (Consolidator Grant 724725).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Additional Figure
A Additional Figure
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Massart, C., Standaert, FX. (2019). Revisiting Location Privacy from a Side-Channel Analysis Viewpoint. In: Buchmann, J., Nitaj, A., Rachidi, T. (eds) Progress in Cryptology – AFRICACRYPT 2019. AFRICACRYPT 2019. Lecture Notes in Computer Science(), vol 11627. Springer, Cham. https://doi.org/10.1007/978-3-030-23696-0_17
Download citation
DOI: https://doi.org/10.1007/978-3-030-23696-0_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-23695-3
Online ISBN: 978-3-030-23696-0
eBook Packages: Computer ScienceComputer Science (R0)