Author(s): Myrto Arapinis, Loretta Ilaria Mancini, Eike Ritter, Mark Ryan

Download: Paper (PDF)

Date: 22 Feb 2014

Document Type: Briefing Papers

Additional Documents: Slides

Associated Event: NDSS Symposium 2014

Abstract:

We show that real implementations of the pseudonym changing mechanism do not achieve the intended privacy goals and that it is possible to exploit the TMSI reallocation procedure to track mobile telephony users. We propose countermeasures to tackle the exposed vulnerabilities and formally prove a sufficient condition to provide unlinkability.