Active Linking Attacks

Schnoor, Henning; Woizekowski, Oliver

doi:10.1007/978-3-662-48054-0_46

Henning Schnoor¹⁶ &
Oliver Woizekowski¹⁶

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 9235))

Included in the following conference series:

International Symposium on Mathematical Foundations of Computer Science

902 Accesses

Abstract

We study linking attacks on communication protocols. We observe that an active attacker is strictly more powerful in this setting than previously-considered passive attackers. We introduce a formal model to reason about active linking attacks, formally define security against these attacks and give conditions for both security and insecurity of protocols. In addition, we introduce a composition-like technique that allows to obtain security proofs by only studying small components of a protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
The purpose of the value t is only to give the adversary complete information about his actions in the protocol run so far in the function \( view \left( .\right) \) (see below).
2.
Whether wait is available does not follow from \( view \left( s,\sigma \right) \). We can extend \( view \left( s,\sigma \right) \) with a flag for the availability of wait, for simplification we omit this.
3.
One can without loss of generality assume that there is no variable x and an edge \(x\rightarrow g\) for the output node g of a flat protocol.

References

Aho, A.V., Beeri, C., Ullman, J.D.: The theory of joins in relational databases. ACM Trans. Database Syst. 4(3), 297–314 (1979)
Article Google Scholar
Arapinis, M., Chothia, T., Ritter, E., Ryan, M.: Analysing unlinkability and anonymity using the applied pi calculus. In: CSF, pp. 107–121. IEEE Computer Society (2010)
Google Scholar
Bhargavan, K., Corin, R., Fournet, C., Gordon, A.D.: Secure sessions for web services. ACM Trans. Inf. Syst. Secur. 10(2) (2007)
Google Scholar
Backes, M., Maffei, M., Pecina, K., Reischuk, R.M.: G2C: cryptographic protocols from goal-driven specifications. In: Mödersheim, S., Palamidessi, C. (eds.) TOSCA 2011. LNCS, vol. 6993, pp. 57–77. Springer, Heidelberg (2012)
Chapter Google Scholar
Biryukov, A., Pustogarov, I., Weinmann, R.-P.: TorScan: tracing long-lived connections and differential scanning attacks. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 469–486. Springer, Heidelberg (2012)
Chapter Google Scholar
Dong, N., Jonker, H., Pang, J.: Formal analysis of privacy in an ehealth protocol. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 325–342. Springer, Heidelberg (2012)
Chapter Google Scholar
Eigner, F., Maffei, M.: Differential privacy by typing in security protocols. In: CSF, pp. 272–286. IEEE (2013)
Google Scholar
Maier, D., Mendelzon, A.O., Sagiv, Y.: Testing implications of data dependencies. ACM Trans. Database Syst. 4(4), 455–469 (1979)
Article Google Scholar
Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: IEEE Symposium on Security and Privacy, pp. 111–125. IEEE Computer Society (2008)
Google Scholar
Rusinowitch, M., Turuani, M.: Protocol insecurity with a finite number of sessions, composed keys is NP-complete. Theoret. Comput. Sci. 1–3(299), 451–475 (2003)
Article MathSciNet MATH Google Scholar
Schnoor, H., Woizekowski, O.: Active linkability attacks. CoRR, abs/1311.7236 (2014)
Google Scholar
Sweeney, L.: Achieving \(k\)-anonymity privacy protection using generalization and suppression. Int. J. Fuzziness Knowl. Based Syst. 10(5), 571–588 (2002)
Article MathSciNet MATH Google Scholar
Veeningen, M., de Weger, B., Zannone, N.: Symbolic privacy analysis through linkability and detectability. In: Fernández-Gago, C., Martinelli, F., Pearson, S., Agudo, I. (eds.) Trust Management VII. IFIP AICT, vol. 401, pp. 1–16. Springer, Heidelberg (2013)
Chapter Google Scholar
Vollmer, H.: Introduction to Circuit Complexity - A Uniform Approach. Texts in theoretical computer science. Springer, Heidelberg (1999)
Book MATH Google Scholar

Download references

Author information

Authors and Affiliations

Institut Für Informatik, Christian-Albrechts-Universität Kiel Olshausenstraße 40, 24098, Kiel, Germany
Henning Schnoor & Oliver Woizekowski

Authors

Henning Schnoor
View author publications
You can also search for this author in PubMed Google Scholar
Oliver Woizekowski
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Henning Schnoor .

Editor information

Editors and Affiliations

University of Rome "Tor Vergata", Rome, Italy
Giuseppe F. Italiano
Università degli Studi di Milano, Milan, Italy
Giovanni Pighizzini
University of Edinburgh, Edinburgh, United Kingdom
Donald T. Sannella

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Schnoor, H., Woizekowski, O. (2015). Active Linking Attacks. In: Italiano, G., Pighizzini, G., Sannella, D. (eds) Mathematical Foundations of Computer Science 2015. MFCS 2015. Lecture Notes in Computer Science(), vol 9235. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-48054-0_46

Download citation

DOI: https://doi.org/10.1007/978-3-662-48054-0_46
Published: 11 August 2015
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-48053-3
Online ISBN: 978-3-662-48054-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics