Scientific knowledge map · Paper #3
PEUC-WiN: Privacy Enhancement by User Cooperation in Wireless Networks
2006 · Second IEEE Workshop on Secure Network Protocols (NPSec)
- Applied
- protocol
Research question
What does the paper try to establish?
Can WLAN users rotate link- and network-layer identifiers to resist access-point tracking without repeatedly reassociating, terminating TCP connections, or accepting the throughput loss of prior silent-period approaches?
Central answer
What is the proposed answer?
PEUC-WiN synchronizes a group of users behind an untrusted access point so they permute a shared pool of IP/MAC pairs, while a trusted Privacy Enhancer proxies stable external connections and remaps them across each address rotation.
Evidence profile
Six dimensions, kept separate
The chart summarizes documented evidence and process. It is not a correctness probability, confidence score, or ranking, and no composite score is calculated.
LowMediumHighN/A = not assessed
A smaller value means less documented support for that dimension, not that the paper is false or unimportant.
- Epistemic evidence Medium
-
The paper specifies the protocol and threat boundaries and supplies comparative simulation plus limited timing measurements, but lacks a formal proof, working implementation, public traces, and independent reproduction.
Join, leave, update, address permutation, and proxy operation Security analysis and anonymity conditions Performance model, implementation barrier, and simulation setup NC-TUns throughput comparison - Auditability High
-
A fixed, author-origin full text is checked in with page count and hash, making the claims and stated evidence directly inspectable; no executable artifact is available.
Author-copy provenance NC-TUns throughput comparison - Production provenance Medium
-
Named authorship, manuscript provenance, and official publication metadata are documented; roles, revision/effort history, tool use, and simulation-artifact lineage are not.
Author-copy provenance Official publication metadata - External scrutiny Medium
-
The work has an official workshop publication record; review reports, reproduction, corrections, and independent security analysis were not located.
Official publication metadata - Reception Low
-
A dated exact-title scholarly-web search did not yield a transparent verified citation count in this environment. Under the author's rule, zero located citations maps to low; this is not a claim that the paper has no citations.
Citation search attempted - Contribution significance Medium
-
The protocol makes a concrete privacy/performance tradeoff and anticipates practical transport-state continuity, but its trusted proxy and unimplemented driver requirements constrain the supported reach.
Problem and claimed contribution Join, leave, update, address permutation, and proxy operation Performance model, implementation barrier, and simulation setup
Assessment: Ai draft author review pending · 2026-07-11 · rubric 0.2. These dimensions describe documented support and process, not truth, correctness, or a universal ranking. No composite score is calculated.
Top-down and bottom-up view
Hierarchical knowledge map
Collapse a branch for a top-level reading, or follow its source links and child nodes to audit the evidence and boundaries underneath it.
PEUC-WiN
A cooperative WLAN location-privacy protocol that rotates users through a shared address pool while a trusted proxy preserves their external transport connections.
Problem and claimed contribution Official publication metadata-
question Research question
research questionCan identifier rotation reduce tracking by an untrusted access point without forcing repeated reassociation and TCP restart?
Problem and claimed contribution -
contribution Central answer
proposed and simulatedCoordinate simultaneous IP/MAC permutations within an anonymity group and terminate stable external connections at a Privacy Enhancer that remaps traffic after every rotation.
Join, leave, update, address permutation, and proxy operation NC-TUns throughput comparison -
scope Threat model and trust assumptions explicitly scoped
Users registered at one malicious access point cooperate with a trusted Privacy Enhancer; the access point can observe all group traffic, while upper-layer payloads and control messages rely on public-key, signature, group-key, and IPsec protection.
Group, adversary, keys, and trusted Privacy Enhancer Security analysis and anonymity conditions-
assumption Anonymity-set condition
necessary conditionPrivacy requires more than one participating user; the anonymity level grows with group cardinality, while shorter rotation slots reduce tracking time at the cost of more switching overhead.
Group, adversary, keys, and trusted Privacy Enhancer Security analysis and anonymity conditions
-
-
protocol Cooperative address-rotation protocol specified
The protocol maintains group membership, distributes an address table and hash-chain seed, synchronizes rotations, and maps each user to a collision-free address pair for each variable-length time slot.
Join, leave, update, address permutation, and proxy operation-
component Membership and synchronization
specifiedSigned and encrypted join/leave messages let the Privacy Enhancer update group size, address table, seed, and time base; timers handle departures that are not explicitly announced.
Join, leave, update, address permutation, and proxy operation -
component Address permutation
specifiedAll members derive the same time-slot hash value and use offset indices to permute the table of active IP/MAC pairs without collisions; a hash-derived variable slot length counters fixed-period timing correlation.
Join, leave, update, address permutation, and proxy operation -
component Privacy Enhancer proxy
specifiedThe proxy exposes a stable permanent address to correspondent nodes, tracks both legs of each connection, and adjusts IP addresses, sequence numbers, acknowledgments, and windows as users exchange address pairs.
Join, leave, update, address permutation, and proxy operation
-
-
claim group Principal claims mixed
The paper gives an informal privacy analysis and simulation evidence about throughput disruption; it does not provide a formal security proof.
Security analysis and anonymity conditions NC-TUns throughput comparison-
claim Upper-layer tracking resistance
informally arguedAgainst an observer limited to layer 2 and above, synchronized address permutation prevents straightforward identifier linkage, conditional on encrypted communications, uncompromised group secrets, and the stated registration assumptions.
Security analysis and anonymity conditions -
claim Lower disruption than reassociation
simulation supportedThe NC-TUns comparison reports that PEUC-WiN retains TCP connections across address changes and therefore avoids the repeated handshakes, slow starts, and longer outages of reassociation-based rotation.
Performance model, implementation barrier, and simulation setup NC-TUns throughput comparison
-
-
evidence group Evidence
simulation and measurementThe authors measured interface-switch time on Linux laptops and simulated five cooperative users, two correspondent-path delay regimes, and comparative TCP throughput in NC-TUns 3.0.
Performance model, implementation barrier, and simulation setup NC-TUns throughput comparison -
limitation group Trusted boundary and limitations material
The design depends on a trusted, available proxy and group secrets, excludes physical-layer tracking, and was simulated because commodity Wi-Fi drivers did not expose sequence-number control needed for implementation.
Security analysis and anonymity conditions Performance model, implementation barrier, and simulation setup-
limitation Member compromise and former-member leakage
explicitly vulnerableA malicious member that joins or is compromised learns the address schedule and can track members; forward-secure group-key refresh is suggested but left out of scope.
Security analysis and anonymity conditions -
limitation Traffic analysis and proxy bottleneck
unresolvedThe proxy address can reveal group affiliation, triangular routing can degrade throughput, and the proxy is a bottleneck and single point of failure unless replicated.
Security analysis and anonymity conditions Performance model, implementation barrier, and simulation setup
-
-
artifact Artifacts
paper available no codeA fixed local copy of the archived author manuscript is available; no simulator configuration, code, packet traces, or implementation artifact was located.
Author-copy provenance Performance model, implementation barrier, and simulation setup -
scrutiny Scrutiny and lineage
peer reviewedThe protocol appeared at NPSec 2006 and contrasts its transport continuity with earlier disposable-identifier and silent-period proposals; no independent reproduction or later adversarial analysis was located.
Problem and claimed contribution Official publication metadata
Audit trail
Source index
Locators state the depth of the current audit. PDF page numbers, where present, are one-based file pages; metadata-, summary-, and abstract-bounded records explicitly identify their limitations.
- Problem and claimed contribution Abstract and Section 1, PDF page 1 (printed page 38)
- Group, adversary, keys, and trusted Privacy Enhancer Section 3, PDF pages 2-3 (printed pages 39-40)
- Join, leave, update, address permutation, and proxy operation Section 3, PDF pages 3-4 (printed pages 40-41)
- Security analysis and anonymity conditions Section 4, PDF page 4 (printed page 41)
- Performance model, implementation barrier, and simulation setup Section 5, PDF pages 4-5 (printed pages 41-42)
- NC-TUns throughput comparison Section 5 and Figures 1-2, PDF pages 5-6 (printed pages 42-43)
- Conclusion and future work Section 6, PDF page 6 (printed page 43)
- Author-copy provenance Internet Archive capture 2015-07-03
- Official publication metadata DOI 10.1109/NPSEC.2006.320345
- Citation search attempted Exact-title search, 2026-07-11; no verified count retrieved