loading page

On the Security of “P2AE: Preserving privacy, accuracy, and efficiency in location-dependent mobile crowdsensing”
  • Fucai Luo
Fucai Luo
Zhejiang Gongshang University

Corresponding Author:[email protected]

Author Profile

Abstract

Mobile crowdsensing (MCS) is a promising sensing paradigm  which allows users to outsource a range of sensing tasks to a crowd of mobile workers with mobile devices. Location-dependent MCS, as the name implies, is a geographically-dependent sensing paradigm in which service requestors outsource location-specific tasks to many workers with mobile devices, and the workers accepting the tasks collect data at a particular location by physically arriving at the desired locations. Many efforts have been devoted to protecting location privacy of the tasks and the workers accepting the tasks while ensuring task allocation accuracy and efficiency. In 2021, Jiang et al. proposed P2AE, a privacy-preserving protocol for location-dependent MCS. To achieve the privacy-preserving task release and task allocation, they designed a location based symmetric key generator, which enables the service requestor and workers with mobile devices in the task area to generate the same key themselves without disclosing the location information to the service provider. The privacy they claimed to achieve includes the locations of workers, task location, and task content. However, in this paper, we demonstrate that P2AE is vulnerable to brute force attacks. Specifically, we show that with brute force attacks, the service provider can obtain the locations of workers, task location, and task content with a high probability, which completely breaches the security of P2AE. We hope that by identifying the security issue, similar errors can be avoided in future designs of privacy-preserving protocol for location-dependent MCS.