Location-based Services (LBSs) provide valuable services, with convenient features for mobile users. However, the location and other information disclosed through each query to the LBS erodes user privacy. This is a concern especially because LBS providers can be honest-but-curious, collecting queries and tracking users whereabouts and infer sensitive user data. This motivated both centralized and decentralized location privacy protection schemes for LBSs: anonymizing and obfuscating LBS queries to not disclose exact information, while still getting useful responses. Decentralized schemes overcome disadvantages of centralized schemes, eliminating anonymizers, and enhancing users control over sensitive information. However, an insecure decentralized system could create serious risks beyond private information leakage. More so, attacking an improperly designed decentralized LBS privacy protection scheme could be an effective and low-cost step to breach user privacy. We address exactly this problem, by proposing security enhancements for mobile data sharing systems. We protect user privacy while preserving accountability of user activities, leveraging pseudonymous authentication with mainstream cryptography. We show our scheme can be deployed with off-the-shelf devices with an experimental result on automotive testbed.
Dynamic group key agreement protocols are cryptographic primitives to provide secure group communications in decentralized and dynamic networks. Such protocols provide additional operations to update the group key while adding new participants into the group and removing existing participants from the group without re-executing the protocol from the beginning. However, the lack of scalability emerges as one of the most significant issues of dynamic group key agreement protocols when the number of participants in the group increases. For instance, frequent participant join requests for large groups may cause an effect similar to a Distributed Denial of Service (DDoS) attack and violate the system availability due to the increase in group key update time. Therefore, analyzing the scalability of dynamic group key agreement protocols is crucial to detect conditions where the system becomes unavailable. In this paper, we propose an analytical performance model to evaluate the scalability of dynamic group key agreement protocols by using queueing models. We also extend our performance model for evaluating the scalability of secure file sharing systems that utilize group key agreement protocols. Moreover, we present a demonstrative use case to show the applicability of our performance model on an example group key agreement protocol and a secure file sharing system.