Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Privacy-Preserving and Post-Quantum Counter Denial of Service Framework for Wireless Networks

Saleh Darzi, Attila Altay Yavuz

TL;DR

The paper tackles DoS, location privacy, and long-term security in spectrum management under quantum threats by proposing PACDoSQ, a holistic framework that combines Private Spectrum Bastions with fault-tolerant multi-server PIR and PQ-secure Tor. It enables private retrieval of spectrum availability and PQ puzzle data, uses hash-based PoW tokens for DoS mitigation, and applies post-quantum cryptographic primitives (Kyber, Dilithium) and AES-256 within an onion-routing TLS-like setup. The authors provide formal security guarantees (including $t$-private $k$-out-of-$\u211c$ PIR and Byzantine robustness) and comprehensive performance evaluations showing feasibility across computational, communication, and storage dimensions. This framework advances practical, privacy-preserving, and PQ-resilient spectrum management with provable security and demonstrable overheads suitable for implementing in next-generation SAS environments.

Abstract

As network services progress and mobile and IoT environments expand, numerous security concerns have surfaced for spectrum access systems. The omnipresent risk of Denial-of-Service (DoS) attacks and raising concerns about user privacy (e.g., location privacy, anonymity) are among such cyber threats. These security and privacy risks increase due to the threat of quantum computers that can compromise long-term security by circumventing conventional cryptosystems and increasing the cost of countermeasures. While some defense mechanisms exist against these threats in isolation, there is a significant gap in the state of the art on a holistic solution against DoS attacks with privacy and anonymity for spectrum management systems, especially when post-quantum (PQ) security is in mind. In this paper, we propose a new cybersecurity framework PACDoSQ, which is (to the best of our knowledge) the first to offer location privacy and anonymity for spectrum management with counter DoS and PQ security simultaneously. Our solution introduces the private spectrum bastion (database) concept to exploit existing architectural features of spectrum management systems and then synergizes them with multi-server private information retrieval and PQ-secure Tor to guarantee a location-private and anonymous acquisition of spectrum information together with hash-based client-server puzzles for counter DoS. We prove that PACDoSQ achieves its security objectives, and show its feasibility via a comprehensive performance evaluation.

Privacy-Preserving and Post-Quantum Counter Denial of Service Framework for Wireless Networks

TL;DR

The paper tackles DoS, location privacy, and long-term security in spectrum management under quantum threats by proposing PACDoSQ, a holistic framework that combines Private Spectrum Bastions with fault-tolerant multi-server PIR and PQ-secure Tor. It enables private retrieval of spectrum availability and PQ puzzle data, uses hash-based PoW tokens for DoS mitigation, and applies post-quantum cryptographic primitives (Kyber, Dilithium) and AES-256 within an onion-routing TLS-like setup. The authors provide formal security guarantees (including -private -out-of- PIR and Byzantine robustness) and comprehensive performance evaluations showing feasibility across computational, communication, and storage dimensions. This framework advances practical, privacy-preserving, and PQ-resilient spectrum management with provable security and demonstrable overheads suitable for implementing in next-generation SAS environments.

Abstract

As network services progress and mobile and IoT environments expand, numerous security concerns have surfaced for spectrum access systems. The omnipresent risk of Denial-of-Service (DoS) attacks and raising concerns about user privacy (e.g., location privacy, anonymity) are among such cyber threats. These security and privacy risks increase due to the threat of quantum computers that can compromise long-term security by circumventing conventional cryptosystems and increasing the cost of countermeasures. While some defense mechanisms exist against these threats in isolation, there is a significant gap in the state of the art on a holistic solution against DoS attacks with privacy and anonymity for spectrum management systems, especially when post-quantum (PQ) security is in mind. In this paper, we propose a new cybersecurity framework PACDoSQ, which is (to the best of our knowledge) the first to offer location privacy and anonymity for spectrum management with counter DoS and PQ security simultaneously. Our solution introduces the private spectrum bastion (database) concept to exploit existing architectural features of spectrum management systems and then synergizes them with multi-server private information retrieval and PQ-secure Tor to guarantee a location-private and anonymous acquisition of spectrum information together with hash-based client-server puzzles for counter DoS. We prove that PACDoSQ achieves its security objectives, and show its feasibility via a comprehensive performance evaluation.
Paper Structure (17 sections, 4 theorems, 2 figures, 2 tables, 1 algorithm)

This paper contains 17 sections, 4 theorems, 2 figures, 2 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Related Work
  3. Our Contribution
  4. Preliminaries and Building Blocks
  5. The Proposed System & Framework: ${\texttt{PACDoSQ}{\xspace}}$
  6. PACDoSQ Architecture and Initial Setup
  7. $$ PACDoSQ Framework
  8. PSBs - Puzzle Management and Private Spectrum Service
  9. Client's Private Availability Information and Quantum-Safe Puzzle Retrieval
  10. PoW & Token Creation
  11. Access Requests
  12. Security Analysis
  13. Performance Evaluation
  14. Metrics, Selection Rationale, and Configurations
  15. Experimental Results
  16. ...and 2 more sections

Key Result

Lemma 1

${\texttt{PACDoSQ}{\xspace}}$ ensures $\textit{t-private k-out-of-}\ell$ information-theoretically secure location privacy and computationally secure anonymity via onion routing.

Figures (2)

  • Figure 1: A high-level representation of the proposed architecture and workflow.
  • Figure 2: End-to-End delay of ${\texttt{PACDoSQ}{\xspace}}$ for increasing clients.

Theorems & Definitions (8)

  • Lemma 1
  • proof
  • Corollary 1
  • proof
  • Corollary 2
  • proof
  • Lemma 2
  • proof