C. Sendner. University of Würzburg, Master Thesis, (July 2020)
Abstract
Currently deployed contact discovery of mobile messengers is based on the transmission
of phone numbers to the service provider. This information is private and anonymized by
hashing them. In this work, we show, that this anonymization is pseudo-anonymous and
can easily be broken by an attacker.
For that, we develop two hash reversal techniques: one using brute-force approach and
another one using look-up databases. We provide generic architectures for each of the ap-
proaches. Additionally, we provide and compare two instantiations for each. Furthermore,
we evaluate and compare them to the third approach based on rainbow tables.
The evaluation shows near instant lookup-times of under 0.1 ms using in-memory lookup
databases, this approach is however costly in terms of memory – it would require over
10 TB RAM, which would be difficult to obtain. Our brute-force approach shows an
astonishing performance, being able to reverse any mobile number in under 100 seconds
using consumer-level hardware. The rainbow tables produce lookup-times of 4.5 minutes
with a success rate of over 99.99%.
The results of our evaluation demonstrate, that hash reversals of mobile phone numbers
are practical and near instant. Thus, an attacker can easily reverse hash digests of mobile
phone numbers and de-anonymize personally identifiable information – like phone numbers
transmitted to the service provider of mobile messenger apps.
%0 Thesis
%1 sendner2020contactdiscovery
%A Sendner, Christoph
%D 2020
%K Mobile_Privacy csendner sss-group thesis thesis_supervised_by_SSS_member thesis_supervised_by_sss_member
%T Evaluating the Privacy of Contact Discovery
%X Currently deployed contact discovery of mobile messengers is based on the transmission
of phone numbers to the service provider. This information is private and anonymized by
hashing them. In this work, we show, that this anonymization is pseudo-anonymous and
can easily be broken by an attacker.
For that, we develop two hash reversal techniques: one using brute-force approach and
another one using look-up databases. We provide generic architectures for each of the ap-
proaches. Additionally, we provide and compare two instantiations for each. Furthermore,
we evaluate and compare them to the third approach based on rainbow tables.
The evaluation shows near instant lookup-times of under 0.1 ms using in-memory lookup
databases, this approach is however costly in terms of memory – it would require over
10 TB RAM, which would be difficult to obtain. Our brute-force approach shows an
astonishing performance, being able to reverse any mobile number in under 100 seconds
using consumer-level hardware. The rainbow tables produce lookup-times of 4.5 minutes
with a success rate of over 99.99%.
The results of our evaluation demonstrate, that hash reversals of mobile phone numbers
are practical and near instant. Thus, an attacker can easily reverse hash digests of mobile
phone numbers and de-anonymize personally identifiable information – like phone numbers
transmitted to the service provider of mobile messenger apps.
@mastersthesis{sendner2020contactdiscovery,
abstract = {Currently deployed contact discovery of mobile messengers is based on the transmission
of phone numbers to the service provider. This information is private and anonymized by
hashing them. In this work, we show, that this anonymization is pseudo-anonymous and
can easily be broken by an attacker.
For that, we develop two hash reversal techniques: one using brute-force approach and
another one using look-up databases. We provide generic architectures for each of the ap-
proaches. Additionally, we provide and compare two instantiations for each. Furthermore,
we evaluate and compare them to the third approach based on rainbow tables.
The evaluation shows near instant lookup-times of under 0.1 ms using in-memory lookup
databases, this approach is however costly in terms of memory – it would require over
10 TB RAM, which would be difficult to obtain. Our brute-force approach shows an
astonishing performance, being able to reverse any mobile number in under 100 seconds
using consumer-level hardware. The rainbow tables produce lookup-times of 4.5 minutes
with a success rate of over 99.99%.
The results of our evaluation demonstrate, that hash reversals of mobile phone numbers
are practical and near instant. Thus, an attacker can easily reverse hash digests of mobile
phone numbers and de-anonymize personally identifiable information – like phone numbers
transmitted to the service provider of mobile messenger apps.},
added-at = {2021-07-16T12:17:00.000+0200},
author = {Sendner, Christoph},
biburl = {https://www.bibsonomy.org/bibtex/2c8eceb93ef865a7af7cba8ee6d8613af/sssgroup},
interhash = {fc1c71058ae879016b8c93f716e35612},
intrahash = {c8eceb93ef865a7af7cba8ee6d8613af},
keywords = {Mobile_Privacy csendner sss-group thesis thesis_supervised_by_SSS_member thesis_supervised_by_sss_member},
month = {July},
school = {University of Würzburg},
timestamp = {2023-07-21T14:27:09.000+0200},
title = {Evaluating the Privacy of Contact Discovery},
type = {Master Thesis},
year = 2020
}