Skip to Main content Skip to Navigation
Conference papers

Valkyrie: A Generic Framework for Verifying Privacy Provisions in Wireless Networks

Guillaume Celosia 1 Mathieu Cunche 1
1 PRIVATICS - Privacy Models, Architectures and Tools for the Information Society
Inria Grenoble - Rhône-Alpes, CITI - CITI Centre of Innovation in Telecommunications and Integration of services
Abstract : Wireless communications integrated in connected devices can expose their users to tracking via the exposure of link layer identifiers (e.g. MAC addresses). To counter this threat, it has been proposed to replace those permanent identifiers with periodically changing random pseudonyms [16]. This practice, called address randomization has been progressively adopted by vendors [27, 36] and has even made its way to wireless standards [1, 35]. However, an effective implementation of address randomization requires more than periodically rotating the link layer identifier. Indeed, several works [7, 10, 11, 15, 26, 27, 36] identified issues with address randomization implementation, where in-frames counters and identifiers can undermine the anti-tracking measure. In this paper, we address the problem of verifying the correctness of an address randomization implementation. To this end, we introduce an approach to identify issues based on a capture of the traffic generated by a device. This approach relies on rules specifying requirements for a correct implementation of address randomization. Then, we prototype Valkyrie (Verification of Addresses LinKabilitY in address Randomization ImplemEntations), a software tool that, based on a set of rules, verifies that a given sequence of frames generated by a device does not compromise the address randomization scheme. Finally, we evaluate this tool on a corpus of frame captures corresponding to 60 devices implementing address randomization for Wi-Fi and Bluetooth Low Energy (BLE).
Document type :
Conference papers
Complete list of metadatas

Cited literature [39 references]  Display  Hide  Download

https://hal.inria.fr/hal-02651398
Contributor : Guillaume Celosia <>
Submitted on : Friday, May 29, 2020 - 4:23:07 PM
Last modification on : Wednesday, July 8, 2020 - 12:43:31 PM

File

paper.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Guillaume Celosia, Mathieu Cunche. Valkyrie: A Generic Framework for Verifying Privacy Provisions in Wireless Networks. WiSec 2020 - 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Jul 2020, Linz, Austria. ⟨10.1145/3395351.3399340⟩. ⟨hal-02651398⟩

Share

Metrics

Record views

59

Files downloads

120