User anonymity in wireless network

Abstract

User privacy and user anonymity have become paramount platforms in protecting sensitive and private data in a wireless network. The research has tapped into the prior studies believed to have established approaches towards establishment of user anonymity. Some of the approaches take note of an anonymous network, mixing and anonymization schemes, which have been developed over the years. However, the research narrowed down to the RFID model, which is known for establishing the communication between the tag and the reader. Within the RFID model, the research has noted the use of the YATRAP, 1 pass and 2 pass protocols. Among the protocols, user privacy can only be compromised when one tag secret is compromised.

Keywords: RFID protocols, tag anonymity, untraceability, anonymous network, tag secret, security protocol

Introduction

Resistance to traffic analysis as well anonymity are two interesting areas and almost problematic as far as computer networking is considered. Across the modern networks, communication peers would inherently take note of the sources as well as destinations of traffic linked to the ancillary servers, gateways and routers. It should be noted most of the systems fond of the network traffic anonymity would be attracted to the wide area network topologies while exploiting infeasibility of the eavesdropping. The approach is however considered inappropriate in most cases especially when handling high security wireless networks. Despite restrictions on the application of user anonymity, numerous schemes have already been developed over the years. Most of them are attached to variants on mixed networks where traffic is said to be routed across the participants noted in the network. However, most of the schemes developed over the years are tied to the assumption that they constantly operate within the scopes of a wide area network that carries with it multiple links. Based on this, the discussion intends to explore on relevant work, establish and extrapolate the RFID model and conduct a security and performance analysis on RFID before establishing user anonymity within a wireless network.

Whatsapp

Related work

Provision of anonymity to users across the routes is commonly considered especially when moving from passive eavesdroppers to wireless ad hoc. Venkitasubramaniam and Tong (2008) noted that the Shannon’s equivocation can be applied as a theoretic measure of the scalable anonymity with schedule strategies used in designing the wireless nodes. However, the whole idea of substantially hiding the routing details is regarded classical and it has found a special place in internet traffic as preferred against the wired network. Internet applications would commonly facilitate anonymity with the help of a common concept referred to as Mixing, which is said to have been pioneered by Chaum. Notably, a Mix would refer to a special node, or sometimes a server, known for collecting packets and from different users before transmitting after the contents have been modified. This makes it hard to match either an outgoing or an incoming packet. Following Chaum’s contributions, most of the network developers have been improving on the batching strategies, which can be designed to take care of numerous traffic analysis attacks (Yoon et al. 2011). The mix-based approach is more useful especially for most of the internet applications like web browsing as well as anonymous remailers.

Apart from mixing, Sen (2011) asserts that there is increased attention towards the anonymous authentication as well as communication protocol as far as wireless mesh networks are concerned. The Wireless Mesh Networks (WMNs) are regarded as a significant technology for the succeeding generations of wireless broadband networks. They are even becoming more pertinent when it comes to neighborhood networking, community and home networking among others. The imperative design of the WMNs has attracted the efficiency of the resource management protocols. However, vulnerabilities have equally exposed the networks to attacks who aim at degrading the performance. The attacking scenarios are due to lack of a central administrative point, which makes security a significant tool. Based on this, Sen (2011) proposed a novel security protocol meant for mesh routers as well as mesh client nodes.

In addition, protection of user privacy was also highly recommended in the face of a secure authentication framework. User privacy suggests an anonymization scheme which seeks the help of the Rivest group signature scheme. The proposed security protocol can only be complemented using a privacy protocol that prompts user anonymity as well as privacy. Nevertheless, the authentication server utilized for security protocol can equally be applied in managing distribution of the key for privacy preservation. In this case, the existence of the symmetric encryption algorithm E is always presumed in the sense for any key, the function E is always a permutation across the b-bit strings. In the course of confirming user anonymity, the server is convinced that the relevant ring signature is as a result of one of the anticipated users. If the seed K cannot be revealed, then it means that the server will fail to determine the user identity. It is worth noting that the strength of the user anonymity relies on the security behind the generation of the pseudorandom number.

Moreover, there have been growing concerns of a symmetric cryptosystem and key agreement scheme in the face of anonymous user. Jung et al. (2016) argued that WSN are commonly introduced to an unattended environment with sensor nodes almost having limited resources. Most of the researchers are currently putting more efforts on a design that can be more secure, as well as the one that yield an effective user authentication process. Among other designs is that Lamport, which was introduced in the year 1981. The design was based on remote password authentication protocol which could be applied to insecure channels. In the year 2006, Wong and his colleagues worked on a password based user authentication scheme which had a light computational overhead (Xu et al. 2011). However, the Wong’s model could not resist the forgery attacks as well as replays, which meant that a more enhanced scheme was needed. The introduction of the Chen’s model was somehow promising because it relied more on the user authentication scheme. The latter could withstand the card loss attacks, stolen verifier attacks and even replay attacks (Yoon et al. 2011). Other attacks that could be resisted by the scheme included the impersonation attacks, privilege insider attacks as well as password guessing attacks. A further security analysis of the scheme led to realization of its vulnerability due to susceptibility to service attacks and smart card loss attacks. Chen’s model could not also uphold user anonymity given that the identity of the user is in plaintext from. Among the recommendations proposed Jung et al. (2016), user anonymity was at the top of the list with key-exchange performing three rounds before computing the secret session key. In this case, the user is believed to be safer when compared to both the Wong and Chen’s model.

User anonymity, therefore, can take different versions and tap into different models depending on the type of the network and security characteristics to be adopted. More researchers and developers are into realization of an anonymous network and anonymous users, who can be less vulnerable to attackers once in the system. Wayner (2009) discussed more about PipeNet said to have been created by Wei Dai. The network relied on route encrypted packets. The solution barred any omniscient attacker from spying on the flow of packets. The strict process introduced by Wei Dai ensures that every link carries similar amounts of information with data moving in a chain. Further research on hacking web intelligence points at online anonymity. In this case, multiple nodes are introduced I the network used in passing data packets. The 12P client has the 12 routers with both outbound and inbound tunnels. This means that every client has separate outgoing and incoming points. Content passed over the 12P uses the layered encryption, which lies between the starting node at the sending end and the end node at the receiving end (Xu and Feng, 2009). Subsequent moves towards user anonymity have equally led to data hiding with the help of the encryption techniques. The invention of the dark web constitutes publicly available websites that have hidden identity with servers running on anonymous networks such as 12P and TOR among others.

For one to access a website on a dark web, the anonymous network becomes the unavoidable landing point. For instance, an anonymous website that uses TOR can significantly be accessed by users on the TOR network. Apart from the anonymous networks, Blaze et al. (2009) noted that developers are attracted to the adversary model, which is commonly used in monitoring the traffic while hiding the identity of the sender for every radiogram. Two types of adversaries include the Byzantine adversary and the listening adversary. The listening adversary can easily monitor the secret keys, the computations and randomness. The Byzantine adversary is believed to be stronger when compared to the listening one. Byzantine adversary can make stations to behave in an arbitrary manner as well as maliciously control t stations within a parameter of t. Security goals for adversaries is to ensure that the originator remains anonymous in cases where the target is believed to be corrupted. Target anonymity is also made possible in some cases where the target does not show signs of being corrupted.

Order Now

Model

For most developers, it is always a challenge to establish the convenient model for user anonymity. This case presents an RFID model, which showcase how one can achieve user anonymity in a wireless network. There is always communication between tags ad readers which is commonly facilitated through a wireless network. A protocol party can either be R ϵ Readers or ד ϵ Tags. The protocol sessions yield interactions between tags and readers where at the end of it, he party outs.

Accept if the party feels that the protocol executed normally with the correct parties. The party output can also prompt Execute (R, ד, i) query. In this case, the adversary A can get access towards honest execution of the session I through eavesdropping. The output can as well be Send (U1, U2, m) query. The query commonly models active attacks thereby allowing the adversary to impersonate reader U1 in a protocol session I while sending message m of instant tag U2. The output can be Corrupt (ד, K) where the query gives room for the adversary to learn as well as store the secret K linked to tag ד. This query attracts the idea of forward privacy or forward security.

Across this model, security definition attracts key concepts of authentication, untraceability, unlinkability and availability. For the system to achieve user anonymity, then it has to make sure that the user is untraceable. In a Gtrace, the adversary has to look for a tag T. In a tracing step, A is given room to interact with every tag and reader. This game is expressed via the mode

|Prob [A correct] -1/2| in which

[Prob [A correct] = Prob [A = yes | T = T’] + Prob [A = no| T =/ T’]

When Prob [T = T’] = ½, then untraceability advAtrace is negligible

Then it follows that anonymous RFID tapes into the YA-TRAP, which is a trivial authentication protocol. The timeline is usually divided into relatively small periods. If the reader R tends to activate T, then it is likely to broadcast current timestamp tsys. In case tsys is greater than tmax , then it follows that T is likely to broadcast pseudorandom string. In the unlikely event, T can broadcast h = HK(tsys). This allows it to set ttag = tsys. This means that the server S will go ahead and try to find the key used by T in h from the look up table.

If the Trap becomes susceptible to future attacks, then a 2-Pass optimistic protocol becomes handy. In this protocol, a key hash of string 1, rtag, tsys) is send. The server is forced to worker harder while looking for key K, which keeps the user anonymous within the network. The adversary attacks can be moved from low complexity tags to the relevant server.

is concerned. With the RFID model in place, there is a significant use of the random numbers in every authentication request between the tag and the reader, which ensures that there is untraceability and anonymity of the tag. At the time when the tag is sending the hashed message to alert the server regarding its authenticity, the tag and the server seek to replace all the values attached to the tag, which is a process that upholds tag anonymity. Besides, timestamps are commonly applied for every message to purposefully check whether the messages belong to the same session or not. It is worth noting that all tag values are unique in every session and they would be replaced after every successful session thereby ensuring the highest level of privacy.

Notably, the hash chains, as noticed across the three protocols can update both the responses reflected on the readers and the internal states. The schemes are always required to produce two separate hash function values with one being used to update tag’s secret while the other one is applied in computing the response, which is usually transmitted to the reader upon tag identification.

The introduction of RFID protocols has led to the significant use of the Pseudonym Random Function with the first proposal landing on the YATRAP protocol. This needs a single pseudorandom function and a single key in a given tag. However, the model is prone to de-synchronization as well as denial of service attacks. This happens when the timestamps are manipulated. Perhaps, the introduction of 1 pass and 2 pass protocols aid the functionality of YATRAP as far as privacy preservation is put into consideration. Under each of the two schemes, the tag stores secret keys, which are believed to lie along the key-path. During the process of RFID identification, the tag only responds to values believed to have been computed by the group of the secret keys over the random challenge. However, the performance of these protocols can be reduced as a result of a compromise on one of the tag secret. This can ruin the anonymity of the rest of the tag secrets.

Conclusion

The struggle to attain user security in a wireless network has led to significant achievements over the recent years. The related work under observation has pointed out the achievement of user anonymity with introduction of an anonymous network. With the application of the RFID model, the research has found out that the communication between the tag and the reader can be of use in establishing user anonymity. This could be noticed in key search process in the YAPTRAP protocol, as well as the 1 pass and 2 pass protocols. The scale of application of these protocols depends on the nature of attacks.

Continue your exploration of Understanding the Complexities of Data Leakage in the Modern Era with our related content.

References

Blaze, M., Ioannidis, J., Keromytis, A.D., Malkin, T.G. and Rubin, A., 2009. Anonymity in wireless broadcast networks.

Jung, J., Kim, J., Choi, Y. and Won, D., 2016. An anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in wireless sensor networks. Sensors, 16(8), p.1299.

Sen, J., 2011, July. An anonymous authentication and communication protocol for wireless mesh networks. In International Conference on Advances in Computing and Communications (pp. 580-592). Springer, Berlin, Heidelberg.

Venkitasubramaniam, P. and Tong, L., 2008, April. Throughput anonymity trade-off in wireless networks under latency constraints. In IEEE INFOCOM 2008-The 27th Conference on Computer Communications (pp. 241-245). IEEE.

Yoon, E.J., Yoo, K.Y. and Ha, K.S., 2011. A user friendly authentication scheme with anonymity for wireless communications. Computers & Electrical Engineering, 37(3), pp.356-364.

Xu, J. and Feng, D., 2009. Security flaws in authentication protocols with anonymity for wireless environments. ETRI journal, 31(4), pp.460-462.

Xu, J., Zhu, W.T. and Feng, D.G., 2011. An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks. Computer Communications, 34(3), pp.319-325.

Place Your Assignment Request

and watch your grades improve...

  • 100K+ Satisfied Students.
  • Rated 4.9/5 based on
  • Overall Reviews.
Order Now
Sitejabber
Google Review
Yell

What Makes Us Unique

  • 24/7 Customer Support
  • 100% Customer Satisfaction
  • No Privacy Violation
  • Quick Services
  • Subject Experts

Dissertation Samples

Assignment/Essay Samples

Research Proposal Samples

It is observed that students take pressure to complete their assignments, so in that case, they seek help from Assignment Help, who provides the best and highest-quality Dissertation Help along with the Thesis Help. All the Assignment Help Samples available are accessible to the students quickly and at a minimal cost. You can place your order and experience amazing services.


DISCLAIMER : The assignment help samples available on website are for review and are representative of the exceptional work provided by our assignment writers. These samples are intended to highlight and demonstrate the high level of proficiency and expertise exhibited by our assignment writers in crafting quality assignments. Feel free to use our assignment samples as a guiding resource to enhance your learning.

Live Chat with Humans