Pretty Good Phone Privacy

09/18/2020
by   Paul Schmitt, et al.
0

A fundamental property of today's cellular architecture—in order to receive service, phones uniquely identify themselves to towers and thus to operators—is now a cause of major privacy violations. Over the past two years it has become clear that operators have sold and leaked identity and location data of hundreds of millions of mobile users. In this paper, we examine how to improve privacy in modern mobile networks. We take an end-to-end perspective on today's cellular architecture and find key points of decoupling that enable a new type of operator to offer privacy-enhanced service with no changes to physical infrastructure and without direct cooperation from existing operators. We describe Pretty Good Phone Privacy (PGPP) and demonstrate how our modified backend stack (EPC) works with real phones to provide ordinary yet privacy-preserving connectivity. We explore inherent privacy and efficiency tradeoffs in a simulation of a large metropolitan region. We show how PGPP maintains today's control overheads while significantly improving user identity and location privacy.

READ FULL TEXT

Please sign up or login with your details

Forgot password? Click here to reset