HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Valkyrie: A Generic Framework for Verifying Privacy Provisions in Wireless Networks

Guillaume Celosia 1 Mathieu Cunche 1
1 PRIVATICS - Privacy Models, Architectures and Tools for the Information Society
Inria Grenoble - Rhône-Alpes, CITI - CITI Centre of Innovation in Telecommunications and Integration of services
Abstract : Wireless communications integrated in connected devices can expose their users to tracking via the exposure of link layer identifiers (e.g. MAC addresses). To counter this threat, it has been proposed to replace those permanent identifiers with periodically changing random pseudonyms [16]. This practice, called address randomization has been progressively adopted by vendors [27, 36] and has even made its way to wireless standards [1, 35]. However, an effective implementation of address randomization requires more than periodically rotating the link layer identifier. Indeed, several works [7, 10, 11, 15, 26, 27, 36] identified issues with address randomization implementation, where in-frames counters and identifiers can undermine the anti-tracking measure. In this paper, we address the problem of verifying the correctness of an address randomization implementation. To this end, we introduce an approach to identify issues based on a capture of the traffic generated by a device. This approach relies on rules specifying requirements for a correct implementation of address randomization. Then, we prototype Valkyrie (Verification of Addresses LinKabilitY in address Randomization ImplemEntations), a software tool that, based on a set of rules, verifies that a given sequence of frames generated by a device does not compromise the address randomization scheme. Finally, we evaluate this tool on a corpus of frame captures corresponding to 60 devices implementing address randomization for Wi-Fi and Bluetooth Low Energy (BLE).
Document type :
Conference papers
Complete list of metadata

Cited literature [39 references]  Display  Hide  Download

Contributor : Guillaume Celosia Connect in order to contact the contributor
Submitted on : Friday, May 29, 2020 - 4:23:07 PM
Last modification on : Wednesday, March 9, 2022 - 3:30:43 PM


Files produced by the author(s)



Guillaume Celosia, Mathieu Cunche. Valkyrie: A Generic Framework for Verifying Privacy Provisions in Wireless Networks. WiSec 2020 - 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Jul 2020, Linz, Austria. pp.278-283, ⟨10.1145/3395351.3399340⟩. ⟨hal-02651398⟩



Record views


Files downloads