Degree Name

Doctor of Philosophy


School of Information Technology and Computer Science


The Internet has become an indispensable tool in our life, rather than merely used as a means of communication channel. Accessing the Internet services such as web pages and emails nowadays is as easy as dialling a telephone number. With the advent of the wireless network, a growth of telecommunication technology, and a massive reduction of the computer’s size, a need to access the Internet service anytime, anywhere without interruption, is prominent. Nonetheless, allowing the device to move anytime and anywhere means that the location of the device must be reachable by the network all the time. Hence, the location information is always revealed to an entity who is in charge, such as the service provider. In addition, the IP protocol itself reveals the communication information through both packets’ header and payload and header cannot be disclosed, since it is required for routing. Therefore, it is a challenging topic to provide a mobility system that equipped with a location privacy property.

In this thesis, we aim at providing some solutions to the security threats that are caused by the mobility requirement in the IP-based network, particularly the location privacy problem. In the first part of the thesis, we focus on the existing protocol that is commonly used, namely the Mobile IPv4. We select this protocol since this protocol has been widely adopted by many people and this will make our work more applicable in practice. We will not only present the security issues specific to location privacy, but we will also study another threat that is caused by the use of Mobile IPv4, namely in our stolen laptop scenario.

In the second part of the thesis, we focus on the location privacy problem and aim to provide a formal approach to study this problem. The results from the Mobile IPv4 in the first part show that to provide location privacy, the scheme needs to be based on the over-lay network concept. This is similar to low-latency anonymous communication networks and so we use the low-latency anonymous communication system as a building block in our framework. We introduce the notions of mobility,anonymity and location privacy in this framework.

We show that when mobility, anonymity and location privacy are required concurrently, existing low-latency systems can be enhanced with the mobility property to construct a mobility system. Nonetheless, a mobility system that provides location privacy does not provide anonymity. Similarly, an enhanced mobility system that is built on top of the low-latency anonymous communication system does not provide location privacy.

Since our solution heavily relies on the low-latency anonymous system, we also study one particular type of attack on low-latency systems, namely a low cost attack. The attack is considered very harmful since it can be performed in the low-latency anonymous system without being a global adversary. Our aim is to derive some restrictions so that when we incorporate any low-latency anonymous system as our building block, these cautions need to be exercised to avoid this particular type of attack.

Our work will contribute to the design of mobility systems that provide location privacy and will enable users to use the Internet without the need to sacrifice their privacy.