Collaborative Research: SaTC: CORE: Medium: An Anti-tracking and Robocall-free Architecture for Next-G Mobile Networks
Project Description
Mobile networks have become integral to modern life, providing their users ubiquitous access to voice, text, and data services.
However, this reliance on mobile phones has raised serious privacy concerns, as mobile network operators (MNOs) have the ability to track and profile users.
While the 5G system offers some privacy protection through the use of concealed and temporary subscriber identifiers, those with access to MNO databases can still track and profile users. This project addresses this problem by developing a fully functional anonymous mobile access architecture that allows legitimate mobile subscribers to access the network without revealing their real identity. The architecture is designed to disable mobile tracking and profiling using anonymous identifiers ensuring that connections made by the same user at different times cannot be linked.
The design also supports critical incumbent mobile network functions, including the identification of a user equipment (UE) and recovery of its mobility history under legal intervention, while giving users control over the level of privacy they risk under their own mobile phone use contexts.
The research team aims to achieve the above goal by integrating decentralized identifiers (DID) and anonymous verifiable credential (VC) schemes into the 5G authentication and key agreement (5G-AKA) protocol.
Key research tasks to realize this anonymous mobile access architecture include developing a novel secure callee discovery mechanism leveraging DID to handle the voice call function,
supporting user accountability and ensuring compatibility with existing lawful interception requirements,
disabling robocall scams,
quantifying privacy risks and developing identifier refreshing strategies, and conducting experiments and validation.
Successful results for this research will enable anti-tracking capabilities while using mobile networks and offer a new way of thinking about privacy enhancement technologies in the digital world. The outcomes of this research will be made publicly available online, including tutorials, talks, publications, and open-source software.
The research team is committed to actively expanding the involvement of underrepresented groups.
Scientific Impact
This project promises to make significant contributions to mobile network security and privacy, particularly in the realms of anonymous communication, privacy-preserving authentication, robocall mitigation, and mobile tracking prevention. It stands out in enhancing user privacy and control by empowering users to block unwanted calls through innovative systems that utilize anonymous credentials and personalized policies, effectively mitigating spam and scam voice calls. Additionally, the development of the anonymous mobile access architecture represents a significant leap forward in ensuring that user identities remain protected even in a highly interconnected environment. This project provides robust mechanisms to prevent mobile tracking by MNOs, and this innovation could lead to a paradigm shift in how mobile networks authenticate users, moving away from traditional, identity-revealing methods to more secure, privacy-focused approaches, and push the boundaries of privacy-preserving technologies in mobile networks.
Broader Impact
- Solving mobile tracking and robocalls that have been plaguing our society
- Reducing the risk of surveillance and misuse of personal data by malicious actors or even state-sponsored entities
- Possible Transition-To-Practice: new privacy-preserving mobile virtual network operator (MVNO) service
Research Publications
UCBlocker - Blocking Unwanted Calls
Traditional telephony systems are plagued by the rampant growth of spam and scam calls, undermining user trust and utility. The prevalence of VoIP technology and caller ID spoofing has exacerbated these issues, making it difficult to identify legitimate calls. Existing solutions, while partially effective, often compromise usability or require significant infrastructure changes, leaving a gap in fully addressing the problem. To tackle this challenge, we present UCBlocker, an innovative system designed to block unwanted calls by leveraging anonymous credentials for caller authentication. UCBlocker empowers users to define and enforce personalized call policies, allowing legitimate calls while blocking unauthorized ones with minimal disruption to the existing telephony infrastructure. Our approach introduces a novel method of coupling caller authentication with call initiation, ensuring a seamless and secure user experience.
AAKA - An Anti-Tracking Cellular Authentication Scheme
As MNOs gather extensive location data, there is a growing risk of unauthorized tracking and profiling of subscribers. Unauthorized access to location data by third parties or cybercriminals has led to significant breaches, as evidenced by recent fines against major U.S. carriers for violating privacy regulations. To mitigate these privacy risks, we propose AAKA, an innovative cellular authentication scheme designed to prevent mobile tracking while maintaining network compatibility. AAKA leverages anonymous credentials to ensure that users can access mobile networks without exposing their permanent identifiers. Our approach also introduces a novel mechanism for lawful de-anonymization, enabling legal authorities to access necessary information under legal scrutiny.
- C. Du, H. Yu, Y. Xiao, W. Lou, C. Wang, R. Gazda, Y. T. Hou. "Mobile tracking in 5g and beyond networks: Problems, challenges, and new directions.'' In 2022 IEEE 19th International Conference on Mobile Ad Hoc and Smart Systems (MASS), pp. 426-434. 2022.
- C. Du, H. Yu, Y. Xiao, Y. T. Hou, A. Keromytis, W. Lou. "UCBlocker: Unwanted call blocking using anonymous authentication." In 32nd USENIX Security Symposium (USENIX Security 23), pp. 445-462. 2023.
- H. Yu, C. Du, Y. Xiao, A. Keromytis, C. Wang, R. Gazda, Y. T. Hou, W. Lou. "AAKA: An Anti-Tracking Cellular Authentication Scheme Leveraging Anonymous Credentials." In Network and Distributed System Security (NDSS) Symposium 2024.
Acknowledgment
This project is supported by NSF under awards #2247560, #2247561, #2247562.