Abstract
Sharing a spectrum is an emerging paradigm to increase spectrum utilization and thus address the unabated increase in mobile data consumption. The paradigm allows the “unused” spectrum bands of licensed primary users to be shared with secondary users, as long as the allocated spectrum to the secondary users does not cause any harmful interference to the primary users. However, such shared spectrum paradigms pose serious privacy risks to the participating entities, e.g., the secondary users may be sensitive about their locations and usage patterns. This paper presents a privacy-preserving protocol for the shared spectrum allocation problem in a crowdsourced architecture, wherein spectrum allocation to secondary users is done based on real-time sensing reports from geographically distributed and crowdsourced spectrum sensors. Such an architecture is highly desirable since it obviates the need to assume a propagation model, and facilitates estimation based on real-time propagation conditions and high granularity data via inexpensive means.
We design our protocol by leveraging the efficiency and generality of recently developed fast and secure two-party computation (\(\mathrm {S2PC}\)) protocols. We show that this approach leads to practical solutions that outperform the state-of-the-art in terms of both efficiency as well as functionality. To achieve the desired computational efficiency, we optimize the spectrum allocation algorithm to select a small number of relevant reports based on certain parameters. This results in a faster RAM program for power allocation which, under suitable adjustments to underlying arithmetic operations, can be efficiently implemented using \(\mathrm {S2PC}\). We use the standard “ideal/real paradigm” to define the security of spectrum allocation and prove security of our protocol (in the semi-honest model). We also provide data from extensive simulations to demonstrate the accuracy, as well as computational and communication efficiency of our schemes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
FlightFeeder for Android, FlightAware. http://flightaware.com/adsb/android
Full version. https://www.cs.stonybrook.edu/~hgupta/procsa.pdf
Andrews, J., et al.: What will 5G be? IEEE JSAC 32, 1065–1082 (2014)
Ben-David, A., Nisan, N., Pinkas, B.: FairplayMP: a system for secure multi-party computation. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 257–266. ACM (2008)
Buescher, N., Weber, A., Katzenbeisser, S.: Towards practical RAM based secure computation. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11099, pp. 416–437. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98989-1_21
Calvo-Palomino, R. Giustiniano, D., Lenders, V., Fakhreddine, A.: Crowdsourcing spectrum data decoding. In: IEEE INFOCOM 2017 - IEEE Conference on Computer Communications (2017)
Chakraborty, A., Rahman, M.S., Gupta, H., Das, S.R.: SpecSense: crowdsensing for efficient querying of spectrum occupancy. In IEEE INFOCOM 2017 - IEEE Conference on Computer Communications (2017)
Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: Proceedings of 36th Annual Symposium on Foundations of Computer Science, pp. 41–50. IEEE (1995)
Clark, M.A., Psounis, K.: Trading utility for privacy in shared spectrum access systems. IEEE/ACM Trans. Netw. 26, 259–273 (2017)
Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_38
Demmler, D., Schneider, T., Zohner, M.: ABY-a framework for efficient mixed-protocol secure two-party computation. In: NDSS (2015)
Ding, G., Song, F., Wu, Q., Zou, Y., Zhang, L., Feng, S., Wang, J.: Robust spectrum sensing with crowd sensors. In: IEEE VTC (2014)
Doerner, J., Shelat, A.: Scaling ORAM for secure computation. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 523–535. ACM (2017)
Dou, Y., Zeng, K.C., Li, H., Yang, Y., Gao, B., Ren, K., Li, S.: P2-SAS: privacy-preserving centralized dynamic spectrum access system. IEEE J. Sel. Areas Commun. 35(1), 173–187 (2017)
Drocella, E., Richards, J., Sole, R., Najmy, F., Lundy, A., McKenna, P.: 3.5 GHz exclusion zone analyses and methodology. Technical report (2015)
Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. Commun. ACM 28(6), 637–647 (1985)
Fan, B., Andersen, D.G, Kaminsky, M., Mitzenmacher, M.D.: Cuckoo filter: practically better than bloom. In: Proceedings of the 10th ACM International on Conference on emerging Networking Experiments and Technologies, pp. 75–88. ACM (2014)
U. FCC: Longley-rice methodology for evaluating TV coverage and interference. OET Bulletin, 69 (2004)
Gao, Z., Zhu, H., Liu, Y., Li, M., Cao, Z.: Location privacy in database-driven cognitive radio networks: attacks and countermeasures. In: 2013 Proceedings of IEEE INFOCOM, pp. 2751–2759. IEEE (2013)
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, pp. 169–178. ACM (2009)
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, pp. 218–229. ACM (1987)
Gordon, S.D., et al.: Secure two-party computation in sublinear (amortized) time. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 513–524. ACM (2012)
Grissa, M., Hamdaoui, B., Yavuza, A.A.: Location privacy in cognitive radio networks: a survey. IEEE Commun. Surv. Tutor. 19, 1726–1760 (2017)
Grissa, M., Yavuz, A., Hamdaoui, B.: LPOS: location privacy for optimal sensing in cognitive radio networks. In: 2015 IEEE Global Communications Conference (GLOBECOM), pp. 1–6. IEEE (2015)
Grissa, M., Yavuz, A., Hamdaoui, B.: An efficient technique for protecting location privacy of cooperative spectrum sensing users. In: 2016 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 915–920. IEEE (2016)
Grissa, M., Yavuz, A.A., Hamdaoui, B.: Preserving the location privacy of secondary users in cooperative spectrum sensing. IEEE Trans. Inf. Forensics Secur. 12(2), 418–431 (2017)
Hoang, A.T., Liang, Y., Islam, M.H.: Power control and channel allocation in cognitive radio networks with primary users’ cooperation. IEEE Trans. Mob. Comput. 9, 348–360 (2010)
Ishwar, P., Kumar, A., Ramchandran, K.: Distributed sampling for dense sensor networks: a “Bit-Conservation Principle”. In: Zhao, F., Guibas, L. (eds.) IPSN 2003. LNCS, vol. 2634, pp. 17–31. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36978-3_2
Jin, X., Zhang, R., Chen, Y., Li, T., Zhang, Y.: DPSense: differentially private crowdsourced spectrum sensing. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 296–307. ACM (2016)
Kasiri, B., Lambadaris, I., Yu, F.R., Tang, H.: Privacy-preserving distributed cooperative spectrum sensing in multi-channel cognitive radio MANETs. In: 2015 IEEE International Conference on Communications (ICC), pp. 7316–7321. IEEE (2015)
Kolesnikov, V., Schneider, T.: Improved garbled circuit: free XOR gates and applications. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008. LNCS, vol. 5126, pp. 486–498. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70583-3_40
Kreuter, B., Shelat, A., Shen, C.-H.: Billion-gate secure computation with malicious adversaries. In: USENIX Security Symposium, vol. 12, pp. 285–300 (2012)
Li, H., Pei, Q., Zhang, W.: Location privacy-preserving channel allocation scheme in cognitive radio networks. Int. J. Distrib. Sens. Netw. 12(7), 3794582 (2016)
Li, S., Zhu, H., Gao, Z., Guan, X., Xing, K., Shen, X.: Location privacy preservation in collaborative spectrum sensing. In: 2012 Proceedings of IEEE INFOCOM, pp. 729–737. IEEE (2012)
Mao, Y., Chen, T., Zhang, Y., Wang, T., Zhong, S.: Protecting location information in collaborative sensing of cognitive radio networks. In: Proceedings of the 18th ACM International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems, pp. 219–226. ACM (2015)
Medeisis, A., Kajackas, A.: On the use of the universal Okumura-Hata propagation prediction model in rural areas. In: 2000 IEEE 51st Vehicular Technology Conference Proceedings, VTC 2000-Spring Tokyo, vol. 3, pp. 1815–1818. IEEE (2000)
Ostrovsky, R., Shoup, V.: Private information storage. In: STOC, vol. 97, pp. 294–303. Citeseer (1997)
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16
Rabin, M.O.: How to exchange secrets with oblivious transfer. IACR Cryptology ePrint Archive 2005, 187 (2005)
Rajkarnikar, N., Peha, J.M., Aguiar, A.: Location privacy from dummy devices in database-coordinated spectrum sharing. In: 2017 IEEE International Symposium on Dynamic Spectrum Access Networks (DySPAN), pp. 1–10. IEEE (2017)
Rindal, P.: Ivory (2018). https://github.com/ladnir/Ivory-Runtime
Seybold, J.: Introduction to RF Propagation. Wiley, New York (2005)
Stefanov, E., et al.: Path ORAM: an extremely simple oblivious ram protocol. In: Proceedings of the 2013 ACM SIGSAC conference on Computer and Communications Security, pp. 299–310. ACM (2013)
Sweeney, L.: k-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl. Based Syst. 10(05), 557–570 (2002)
Tragos, E.Z., Zeadally, S., Fragkiadakis, A.G., Siris, V.A.: Spectrum assignment in cognitive radio networks: a comprehensive survey. IEEE Commun. Surv. Tutor. 15(3), 1108–1135 (2013)
Wang, W., Zhang, Q.: Privacy-preserving collaborative spectrum sensing with multiple service providers. IEEE Trans. Wirel. Commun. 14(2), 1011–1019 (2015)
Wang, X., Chan, H., Shi, E.: Circuit ORAM: on tightness of the Goldreich-Ostrovsky lower bound. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 850–861. ACM (2015)
Wang, X.S., Huang, Y., Chan, T.H., Shelat, A., Shi, E.: SCORAM: oblivious ram for secure computation. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 191–202. ACM (2014)
Yao, A.C.-C.: How to generate and exchange secrets. In: 27th Annual Symposium on Foundations of Computer Science, pp. 162–167. IEEE (1986)
Ying, X., Kim, C.W., Roy, S.: Revisiting TV coverage estimation with measurement-based statistical interpolation (2015)
Zahur, S., et al.: Revisiting square-root ORAM: efficient random access in multi-party computation. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 218–234. IEEE (2016)
Zhang, L., Fang, C., Li, Y., Zhu, H., Dong, M.: Optimal strategies for defending location inference attack in database-driven CRNs. In: 2015 IEEE International Conference on Communications (ICC), pp. 7640–7645. IEEE (2015)
Zhang, T., Leng, N., Banerjee, S.: A vehicle-based measurement framework for enhancing whitespace spectrum databases. In: Proceedings of ACM Mobicom (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Security Proof
A Security Proof
Theorem 1
(Security of Protocol 1). Protocol 1 is a secure multi-party computation implementation of the plaintext algorithm shown in Sect. 3.1 with respect to semi-honest adversaries which do not corrupt \(\mathrm{SM}_0\) and \(\mathrm{SM}_1\) at the same time.
Proof
(Sketch; see [4] for a detailed proof). We need to show a simulator for different combinations of views for all possible subset \(I \subseteq \{\mathrm {S_i}, \mathrm{SM}_0, \mathrm{SM}_1, \mathrm{PNs} \}\) such that I does not contain \(\mathrm{SM}_0 \) and \(\mathrm{SM}_1 \) at the same time (Recall that we assume they do not collude). For Protocol 1, we claim that it will be sufficient if we can construct a simulator for each party separately (which is not necessarily true for general MPC protocols). This is because both \(\mathrm {S_i} \) (except for its final output \(t_i\)) and \(\mathrm{PNs} \) receive no message during the execution of \(\varPi \). Simulators for them can be constructed in a “dummy” way by just outputting the input/output of \(\mathrm {S_i} \) and \(\mathrm{PNs} \). So the essential part of Protocol 1 is actually a \(\mathrm {S2PC}\) protocol between \(\mathrm{SM}_0 \) and \(\mathrm{SM}_1 \). And it is not hard to verify that once \(\mathrm{SM}_0 \) and \(\mathrm{SM}_1 \) are not corrupted at the same time, the simulator for a spectrum manager can be composed with the aforementioned “dummy” simulators of \(\mathrm {S_i} \) and \(\mathrm{PNs} \) arbitrarily, to get a whole simulator for any corrupted set I that goes through the security proof. Therefore, we only need to construct a simulator for \(\mathrm{SM}_0\) (\(\mathrm{SM}_1\)’s role is symmetric to that of \(\mathrm{SM}_0\)).
Notice that for each of the 6 subprotocols described in Protocol 1, the input/output of \(\mathrm{SM}_0\) are secret shares of some data. Due to the security of the secret-sharing scheme, those shares is (purely) random. So if we substitute each subprotocols by invoking the corresponding simulator on a random string, we will get the final simulator for \(\mathrm{SM}_0\). A formal proof involves a sequence of hybrids where we substitute each subprotocol (with its simulator) in order and proves indistinguishability in a careful but standard way.
We remark that the existence of simulators for subprotocols \(\varPi _{\mathsf {off}}\), \(\varPi _{\mathsf {slct}}\), \(\varPi _{\mathsf {alloc}}\) and \(\varPi _{\mathsf {update}}\) is guaranteed by the \(\mathrm {S2PC}\) protocols used to implement them. We still need to show simulators for \(\varPi _{\mathsf {read}}\) and \(\varPi _{\mathsf {write}}\). The read algorithm (Fig. 3) involves two \(\mathrm {S2PC}\) protocols and one oblivious transfer, where all the input/output are random secret shares. So a simulator can be constructed in a straightforward way. The write algorithm (Fig. 4) consists of a \(\mathrm {S2PC}\) protocol followed by four message exchanges, which look random. So a simulator for it can also be easily constructed. This completes the proof for Theorem 1. \(\square \)
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Curran, M., Liang, X., Gupta, H., Pandey, O., Das, S.R. (2019). ProCSA: Protecting Privacy in Crowdsourced Spectrum Allocation. In: Sako, K., Schneider, S., Ryan, P. (eds) Computer Security – ESORICS 2019. ESORICS 2019. Lecture Notes in Computer Science(), vol 11735. Springer, Cham. https://doi.org/10.1007/978-3-030-29959-0_27
Download citation
DOI: https://doi.org/10.1007/978-3-030-29959-0_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-29958-3
Online ISBN: 978-3-030-29959-0
eBook Packages: Computer ScienceComputer Science (R0)