1. Field
The present invention generally relates to communications, and more particularly, to protecting a user's privacy in communication systems.
2. Background
As modern devices become capable of communicating with arbitrary application servers, there is a need for such communications to be authenticated and secured. In asymmetric or public key systems, the device (or “user”) may present a public key to an application server (or “application”), while keeping a separate private key confidential. In shared or symmetric key systems, the user may conduct communications with an application using a user identity, which might be “anonymous” in that the user identity may not reveal who the user actually is. Upon receiving this user identity, the application can then obtain a key linked to that user identity to engage in encrypted communications with the user. The key may be one previously known to the application, or it may be fetched from a key server, e.g., a third party that is trusted by both the user and the application.
There are certain ways in which user privacy might be compromised in these systems, even when an “anonymous” user identity is used. For example, if a user exchanges the same user identity with an application over multiple sessions, the application might infer private information about the user by linking the user's sessions to each other. This is referred to as a “linkability attack.” For example, in a wireless network, using one identity to access several base stations could lead to a user being tracked across the network. Alternatively, if a user accesses several different applications using the same user identity, then a third party might ascertain which applications the user has accessed, and when the user has accessed them, by passively eavesdropping on the communication of user identity between the application and the key server. This potentially reveals private information about the user's preferences. The same information might be obtained by a third party directly querying the accessed applications.