-
Addressing Privacy Concerns in Joint Communication and Sensing for 6G Networks: Challenges and Prospects
Authors:
Prajnamaya Dass,
Sonika Ujjwal,
Jiri Novotny,
Yevhen Zolotavkin,
Zakaria Laaroussi,
Stefan Köpsell
Abstract:
The vision for 6G extends beyond mere communication, incorporating sensing capabilities to facilitate a diverse array of novel applications and services. However, the advent of joint communication and sensing (JCAS) technology introduces concerns regarding the handling of sensitive personally identifiable information (PII) pertaining to individuals and objects, along with external third-party data…
▽ More
The vision for 6G extends beyond mere communication, incorporating sensing capabilities to facilitate a diverse array of novel applications and services. However, the advent of joint communication and sensing (JCAS) technology introduces concerns regarding the handling of sensitive personally identifiable information (PII) pertaining to individuals and objects, along with external third-party data and disclosure. Consequently, JCAS-based applications are susceptible to privacy breaches, including location tracking, identity disclosure, profiling, and misuse of sensor data, raising significant implications under the European Union's general data protection regulation (GDPR) as well as other applicable standards. This paper critically examines emergent JCAS architectures and underscores the necessity for network functions to enable privacy-specific features in the 6G systems. We propose an enhanced JCAS architecture with additional network functions and interfaces, facilitating the management of sensing policies, consent information, and transparency guidelines, alongside the integration of sensing-specific functions and storage for sensing processing sessions. Furthermore, we conduct a comprehensive threat analysis for all interfaces, employing security threat model STRIDE and privacy threat model LINDDUN. We also summarise the identified threats using standard common weakness enumeration (CWE). Finally, we suggest the security and privacy controls as the mitigating strategies to counter the identified threats stemming from the JCAS architecture.
△ Less
Submitted 15 June, 2024; v1 submitted 2 May, 2024;
originally announced May 2024.
-
Improving unlinkability in C-ITS: a methodology for optimal obfuscation
Authors:
Yevhen Zolotavkin,
Yurii Baryshev,
Vitalii Lukichov,
Jannik Mähn,
Stefan Köpsell
Abstract:
In this paper, we develop a new methodology to provide high assurance about privacy in Cooperative Intelligent Transport Systems (C-ITS). Our focus lies on vehicle-to-everything (V2X) communications enabled by Cooperative Awareness Basic Service. Our research motivation is developed based on the analysis of unlinkability provision methods indicating a gap. To address this, we propose a Hidden Mark…
▽ More
In this paper, we develop a new methodology to provide high assurance about privacy in Cooperative Intelligent Transport Systems (C-ITS). Our focus lies on vehicle-to-everything (V2X) communications enabled by Cooperative Awareness Basic Service. Our research motivation is developed based on the analysis of unlinkability provision methods indicating a gap. To address this, we propose a Hidden Markov Model (HMM) to express unlinkability for the situation where two cars are communicating with a Roadside Unit (RSU) using Cooperative Awareness Messages (CAMs). Our HMM has labeled states specifying distinct origins of the CAMs observable by a passive attacker. We then demonstrate that a high assurance about the degree of uncertainty (e.g., entropy) about labeled states can be obtained for the attacker under the assumption that he knows actual positions of the vehicles (e.g., hidden states in HMM). We further demonstrate how unlinkability can be increased in C-ITS: we propose a joint probability distribution that both drivers must use to obfuscate their actual data jointly. This obfuscated data is then encapsulated in their CAMs. Finally, our findings are incorporated into an obfuscation algorithm whose complexity is linear in the number of discrete time steps in HMM.
△ Less
Submitted 10 January, 2023;
originally announced January 2023.
-
Weak-Key Analysis for BIKE Post-Quantum Key Encapsulation Mechanism
Authors:
Mohammad Reza Nosouhi,
Syed W. Shah,
Lei Pan,
Yevhen Zolotavkin,
Ashish Nanda,
Praveen Gauravaram,
Robin Doss
Abstract:
The evolution of quantum computers poses a serious threat to contemporary public-key encryption (PKE) schemes. To address this impending issue, the National Institute of Standards and Technology (NIST) is currently undertaking the Post-Quantum Cryptography (PQC) standardization project intending to evaluate and subsequently standardize the suitable PQC scheme(s). One such attractive approach, call…
▽ More
The evolution of quantum computers poses a serious threat to contemporary public-key encryption (PKE) schemes. To address this impending issue, the National Institute of Standards and Technology (NIST) is currently undertaking the Post-Quantum Cryptography (PQC) standardization project intending to evaluate and subsequently standardize the suitable PQC scheme(s). One such attractive approach, called Bit Flip** Key Encapsulation (BIKE), has made to the final round of the competition. Despite having some attractive features, the IND-CCA security of the BIKE depends on the average decoder failure rate (DFR), a higher value of which can facilitate a particular type of side-channel attack. Although the BIKE adopts a Black-Grey-Flip (BGF) decoder that offers a negligible DFR, the effect of weak-keys on the average DFR has not been fully investigated. Therefore, in this paper, we first perform an implementation of the BIKE scheme, and then through extensive experiments show that the weak-keys can be a potential threat to IND-CCA security of the BIKE scheme and thus need attention from the research community prior to standardization. We also propose a key-check algorithm that can potentially supplement the BIKE mechanism and prevent users from generating and adopting weak keys to address this issue.
△ Less
Submitted 13 July, 2022; v1 submitted 29 April, 2022;
originally announced April 2022.