Abstract
We study linking attacks on communication protocols. We observe that an active attacker is strictly more powerful in this setting than previously-considered passive attackers. We introduce a formal model to reason about active linking attacks, formally define security against these attacks and give conditions for both security and insecurity of protocols. In addition, we introduce a composition-like technique that allows to obtain security proofs by only studying small components of a protocol.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The purpose of the value t is only to give the adversary complete information about his actions in the protocol run so far in the function \( view \left( .\right) \) (see below).
- 2.
Whether wait is available does not follow from \( view \left( s,\sigma \right) \). We can extend \( view \left( s,\sigma \right) \) with a flag for the availability of wait, for simplification we omit this.
- 3.
One can without loss of generality assume that there is no variable x and an edge \(x\rightarrow g\) for the output node g of a flat protocol.
References
Aho, A.V., Beeri, C., Ullman, J.D.: The theory of joins in relational databases. ACM Trans. Database Syst. 4(3), 297–314 (1979)
Arapinis, M., Chothia, T., Ritter, E., Ryan, M.: Analysing unlinkability and anonymity using the applied pi calculus. In: CSF, pp. 107–121. IEEE Computer Society (2010)
Bhargavan, K., Corin, R., Fournet, C., Gordon, A.D.: Secure sessions for web services. ACM Trans. Inf. Syst. Secur. 10(2) (2007)
Backes, M., Maffei, M., Pecina, K., Reischuk, R.M.: G2C: cryptographic protocols from goal-driven specifications. In: Mödersheim, S., Palamidessi, C. (eds.) TOSCA 2011. LNCS, vol. 6993, pp. 57–77. Springer, Heidelberg (2012)
Biryukov, A., Pustogarov, I., Weinmann, R.-P.: TorScan: tracing long-lived connections and differential scanning attacks. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 469–486. Springer, Heidelberg (2012)
Dong, N., Jonker, H., Pang, J.: Formal analysis of privacy in an ehealth protocol. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 325–342. Springer, Heidelberg (2012)
Eigner, F., Maffei, M.: Differential privacy by typing in security protocols. In: CSF, pp. 272–286. IEEE (2013)
Maier, D., Mendelzon, A.O., Sagiv, Y.: Testing implications of data dependencies. ACM Trans. Database Syst. 4(4), 455–469 (1979)
Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: IEEE Symposium on Security and Privacy, pp. 111–125. IEEE Computer Society (2008)
Rusinowitch, M., Turuani, M.: Protocol insecurity with a finite number of sessions, composed keys is NP-complete. Theoret. Comput. Sci. 1–3(299), 451–475 (2003)
Schnoor, H., Woizekowski, O.: Active linkability attacks. CoRR, abs/1311.7236 (2014)
Sweeney, L.: Achieving \(k\)-anonymity privacy protection using generalization and suppression. Int. J. Fuzziness Knowl. Based Syst. 10(5), 571–588 (2002)
Veeningen, M., de Weger, B., Zannone, N.: Symbolic privacy analysis through linkability and detectability. In: Fernández-Gago, C., Martinelli, F., Pearson, S., Agudo, I. (eds.) Trust Management VII. IFIP AICT, vol. 401, pp. 1–16. Springer, Heidelberg (2013)
Vollmer, H.: Introduction to Circuit Complexity - A Uniform Approach. Texts in theoretical computer science. Springer, Heidelberg (1999)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Schnoor, H., Woizekowski, O. (2015). Active Linking Attacks. In: Italiano, G., Pighizzini, G., Sannella, D. (eds) Mathematical Foundations of Computer Science 2015. MFCS 2015. Lecture Notes in Computer Science(), vol 9235. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-48054-0_46
Download citation
DOI: https://doi.org/10.1007/978-3-662-48054-0_46
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-48053-3
Online ISBN: 978-3-662-48054-0
eBook Packages: Computer ScienceComputer Science (R0)