隨著穿戴式電子設備的蓬勃發展，人們得以將傳統的無線感測網路與之結合，成
為新式的訊息分享網路，稱為穿戴式物聯網。但在如此新穎的觀念背後，卻隱藏
著不容忽視的風險與危機。穿戴式設備可以透過設備內的感測裝置來收集使用者
周圍的環境訊息與包含隱私的資訊，因此，隱私洩漏的問題便顯得相當嚴重。其
中，又以位置隱私最為重要，因為位置隱私的洩漏可能危害人身安全。在這種分
散式且以人為主的資料收集架構中，必須要確認資料收集者的身分合法性並嚴加
保護，才能確定資料的可信度。除了隱私問題，針對有不良行為的使用者，系統
也必須能夠追溯其身分並加以處置。本論文針對行動群眾感測中的資料可信度與
隱私保護問題，提出利用條件匿名環簽章在行動群眾感測中同時確保訊息的認證
性、匿名性、使用者隱私與追溯性的解決方法。因應穿戴式設備運算能力不足的
問題，我們利用手機作為穿戴式設備與應用伺服器間的中繼裝置，來執行條件匿
名環簽章這種非對稱式密碼學的計算程序。此外，本論文對於條件匿名環簽章的
公鑰分配，提出了高效且具彈性的基於地域之金鑰管理。此方式是將使用者依據
所屬的地區來分群，可增進條件匿名環簽章的效率並保護位置隱私。另外，我們
將條件匿名環簽章實作在不同的智慧裝置上以確認其執行效率。我們也作了行動
群眾感測中基於地域之金鑰管理的模擬，模擬結果指出，基於地域之金鑰管理是
有效且便利的。另外，我們也對於區分區域的數量進行分析，並試著找出能夠將
金鑰更新次數最小化的最佳區域數量。

With the development of wearable electronic devices, people combine the traditional wireless sensor networks(WSNs) with these personal devices to create a new information sharing network named Wearable Internet of Things (WIoT). However, this
novel network is hidden in risk and crisis that can not be ignored. Wearable devices
can collect the surroundings and the own sensitive information of users. In such a
people-centric and participatory data collection network, the identity of the data collector must be ensured and well-protected. In this case, privacy leakage problems
are particularly important, especially the leakage of location privacy which could
make users in the real-world crisis. Besides, the user traceability is also a critical requirement in WIoT because there are lots of misbehaving users no matter they are intentional or not. As a result, the need for a mechanism that is able to preserve location privacy, authenticate user identity, and provide user traceability is obvious.
This paper will focus on privacy and authentication problems in Wearable IoT. We
propose to use a kind of anonymous digital signature, conditionally anonymous ring
signature (CARS), as a practical solution because CARS can achieve authentication,
anonymity, location privacy, and traceability in WIoT. For the reason that the
computing power of the wearable device is weak, we propose to use the smartphone as the intermediate device between the wearable device and application server to compute CARS which is an asymmetrical cryptography. In the aspect of public keys distribution of CARS we propose to use an efficient and flexible method called ”region-based” to group the mobile users to ensure the location privacy and the stable ring size. Moreover, we also implement conditionally anonymous ring signature on multiple mobile devices to evaluate the security and efficiency and conduct simulation experiments to investigate the performance of proposed region-based key management from the perspectives of ring updating overhead. The simulation results show that the region-based key management method is effective and efficient. Moreover, the optimal number of regions for the minimization of ring updating overhead is suggested.

[1] E. A. Lee, “CPS foundations,” in Proc. ACM/IEEE DAC 2010, June 2010, pp.
737–742.
[2] L. Atzori, A. Iera, and G. Morabito, “The Internet of Things: A survey,”
Computer networks, vol. 54, no. 15, pp. 2787–2805, Oct. 2010.
[3] S. Hiremath, G. Yang, and K. Mankodiya, “Wearable Internet of Things: Concept,
architectural components and promises for person-centered healthcare,”
in IEEE Mobihealth 2014, Nov. 2014, pp. 304–307.
[4] B. Guo, Z. Yu, X. Zhou, and D. Zhang, “From participatory sensing to mobile
crowd sensing,” in Proc. IEEE PERCOM 2014, Mar. 2014, pp. 593–598.
[5] C. Cornelius, A. Kapadia, D. Kotz, D. Peebles, M. Shin, and N. Triandopoulos,
“AnonySense: Privacy-aware people-centric sensing,” in Proc. ACM MobiSys
2008, June 2008, pp. 211–224.
[6] K. L. Huang, S. S. Kanhere, and W. Hu, “Preserving privacy in participatory
sensing systems,” Comput. Commun., vol. 33, no. 11, pp. 1266–1280, July 2010.
[7] J. Shi, R. Zhang, Y. Liu, and Y. Zhang, “Prisense: Privacy-preserving data
aggregation in people-centric urban sensing systems,” in Proc. IEEE Infocom
2010, Mar. 2010, pp. 758–766.
[8] M. Shin, C. Cornelius, D. Peebles, A. Kapadia, D. Kotz, and N. Triandopoulos,
“AnonySense: A system for anonymous opportunistic sensing,” Perva. Mobile
Comput, vol. 7, no. 1, pp. 16–30, Jan. 2011.
[9] K. Vu, R. Zheng, and J. Gao, “Efficient algorithms for k-anonymous location
privacy in participatory sensing,” in Proc. IEEE Infocom 2012, Mar. 2010, pp.
2399–2407.
[10] T. Dimitriou, I. Krontiris, and A. Sabouri, “PEPPeR: A querier’s Privacy
Enhancing Protocol for PaRticipatory sensing,” in MobiSec. Springer, June
2012, vol. 107, pp. 93–106.
36
[11] H. Ning, H. Liu, and L. T. Yang, “Cyberentity security in the Internet of
Things,” IEEE Comput., no. 4, pp. 46–53, Apr. 2013.
[12] S. Gao, J. Ma, W. Shi, G. Zhan, and C. Sun, “TrPF: A trajectory privacypreserving
framework for participatory sensing,” IEEE Trans. Inf. Forensics
Security, vol. 8, no. 6, pp. 874–887, June 2013.
[13] E. D. Cristofaro and C. Soriente, “Extended capabilities for a privacy-enhanced
participatory sensing infrastructure (PEPSI),” IEEE Trans. Inf. Forensics Security,
vol. 8, no. 12, pp. 2021–2033, Dec. 2013.
[14] Y. Jiang, Y. Ji, and T. Liu, “An anonymous communication scheme based on
ring signature in VANETs,” arXiv preprint arXiv:1410.1639, Oct. 2014.
[15] B. Kantarci and H. Mouftah, “Trustworthy sensing for public safety in cloudcentric
Internet of Things,” vol. 1, no. 4, pp. 360–368, Oct. 2014.
[16] R. Shokri, G. Theodorakopoulos, P. Papadimitratos, E. Kazemi, and J. P.
Hubaux, “Hiding in the mobile crowd: Location privacy through collaboration,”
IEEE Trans. Dependable Secure Comput., vol. 11, no. 3, pp. 266–279, June 2014.
[17] D. Tang and J. Ren, “A novel delay-aware and privacy preserving (DAPP) data
forwarding scheme for urban sensing network,” IEEE Trans. Veh. Technol.,
accepted for publication.
[18] G. Strazdins and H. Wang, “Open security and privacy challenges for the Internet
of Things,” in Proc.IEEE ICICS 2015, Dec. 2015, pp. 1–4.
[19] J. H. Abawajy, M. I. H. Ninggal, and T. Herawan, “Privacy preserving social
network data publication,” IEEE Commun. Surveys Tuts., vol. 18, no. 3, pp.
1974–1997, Mar. 2016.
[20] Y. Gong, L. Wei, Y. Guo, C. Zhang, and Y. Fang, “Optimal task recommendation
for mobile crowdsourcing with privacy control,” vol. 3, no. 5, pp. 745–756,
Oct. 2016.
37
[21] P. Porambage, M. Ylianttila, C. Schmitt, P. Kumar, A. Gurtov, and A. Vasilakos,
“The quest for privacy in the Internet of Things,” IEEE Cloud Comput.,
vol. 3, no. 2, pp. 36–45, May 2016.
[22] M. Sun, W. P. Tay, and X. He, “Towards information privacy for the Internet
of Things,” arXiv preprint arXiv:1611.04254, Nov. 2016.
[23] W. Wang and Q. Zhang, “Privacy preservation for context sensing on smartphone,”
IEEE/ACM Trans. Netw., vol. 24, no. 6, pp. 3235–3247, Jan. 2016.
[24] M. Alsheikh, Y. Jiao, D. Niyato, P. Wang, D. Leong, and Z. Han, “The
accuracy-privacy tradeoff of mobile crowdsensing,” arXiv preprint arXiv:
1702.04565, Feb. 2017.
[25] J. Lin, W. Yu, N. Zhang, X. Yang, H. Zhang, and W. Zhao, “A survey on
Internet of Things: architecture, enabling technologies, security and privacy,
and applications,” Apr. 2017.
[26] Y. Yang, L. Wu, G. Yin, L. Li, and H. Zhao, “A survey on security and privacy
issues in Internet-of-Things,” Apr. 2017.
[27] S. Zeng, Y. Huang, and X. Liu, “Privacy-preserving communication for
VANETs with conditionally anonymous ring signature,” International Journal
of Network Security, vol. 17, no. 2, pp. 135–141, Mar. 2015.
[28] N. D. Lane, E. Miluzzo, H. Lu, D. Peebles, and A. T. Campbell, “A survey of
mobile phone sensing,” IEEE Commun. Mag., vol. 10, no. 9, pp. 140–150, Sept.
2010.
[29] J. Burke, D. Estrin, M. Hansen, A. Parker, N. Ramanathan, S. Reddy, and
M. B. Srivastava, “Participatory sensing,” in Proc. WSW 2006, Oct. 2006, pp.
117–137.
[30] G. Chatzimilioudis, A. Konstantinidis, C. Laoudias, and D. Zeinalipour-Yazti,
“Crowdsourcing with smartphones,” IEEE Int
[31] Y. Hao, Y. Cheng, and K. Ren, “Distributed key management with protection
against RSU compromise in group signature based VANETs,” in Proc. IEEE
GLOBECOM 2008, Dec. 2008, pp. 1–5.
[32] A. F. Skarmeta, J. L. Hernandez-Ramos, and M. V. Moreno, “A decentralized
approach for security and privacy challenges in the Internet of Things,” in Proc.
IEEE WF-IoT 2014, Mar. 2014, pp. 67–72.
[33] Y. Yao, T. Yang, and N. Xiong, “Anonymity-based privacy-preserving data
reporting for participatory sensing,” vol. 2, no. 5, pp. 381–390, Sept. 2015.
[34] D. He, S. Chan, and M. Guizani, “User privacy and data trustworthiness in
mobile crowd sensing,” IEEE Wireless Commun. Mag., vol. 22, no. 1, pp. 28–
34, Feb. 2015.
[35] L. Pournajaf, D. A. Garcia-Ulloa, L. Xiong, and V. Sunderam, “Participant
privacy in mobile crowd sensing task management: a survey of methods and
challenges,” ACM SIGMOD, vol. 44, no. 4, pp. 23–34, Dec. 2016.
[36] D. He, S. Chan, and M. Guizani, “Privacy and incentive mechanisms in peoplecentric
sensing networks,” IEEE Commun. Mag., vol. 53, no. 10, pp. 200–206,
2015.
[37] L. Sweeney, “k-anonymity: A model for protecting privacy,” Int. J. Uncertainty,
Fuzziness Knowl., Based Syst., vol. 10, no. 5, pp. 557–570, Oct. 2002.
[38] A. Shamir, “Identity-based cryptosystems and signature schemes,” in Proc.
Adv. Cryptology - Crypto, Springer LNCS, vol. 196, Aug. 1984, pp. 47–53.
[39] D. Boneh and M. franklin, “Identity-based encryption from the weil pairing,”
in Proc. Adv. Cryptology - Crypto, Springer LNCS, vol. 2139, Aug. 2001, pp.
213–229.
[40] R. L. Rivest, A. Shamir, and Y. Tauman, “How to leak a secret,” in ASIACRYPT
2001, Dec. 2001, pp. 552–565.
[41] D. Chaum and E. Van Heyst, “Group signatures,” in Advances in Cryptology
—EUROCRYPT 91. Springer, Apr. 1991, pp. 257–265.
39
[42] D. Boneh, X. Boyen, and H. Shacham, “Short group signatures,” in Proc. Adv.
Cryptology - CRYPTO 2004, Oct. 2004, pp. 41–55.
[43] X. Li, H. Liu, F. Wei, J. Ma, and W. Yang, “A lightweight anonymous authentication
protocol using k-pseudonym set in wireless networks,” IEEE Globe-com
2016.
[44] P. P. Tsang, V. K. Wei, T. K. Chan, M. H. Au, J. K. Liu, and D. S. Wong,
“Separable linkable threshold ring signatures,” in International Conference on
Cryptology in India. Springer, Dec. 2004, pp. 384–398.
[45] X. Bultel and P. Lafourcade, “k-times full traceable ring signature,” in Proc.
IEEE ARES 2016, Aug. 2016, pp. 39–48.
[46] S. Zeng, S. Jiang, and Z. Qin, “A new conditionally anonymous ring signature,”
in International Computing and Combinatorics Conference. Springer, Nov.
2011, pp. 479–491.
[47] ——, “An efficient conditionally anonymous ring signature in the random oracle
model,” Theoretical Computer Science, vol. 461, pp. 106–114, Nov. 2012.
[48] K. Mehta, D. Liu, and M. Wright, “Protecting location privacy in sensor networks
against a global eavesdropper,” IEEE Trans. Mobile Comput., vol. 11,
no. 2, pp. 320–336, Feb. 2012.
[49] “OpenCellID.” [Online]. Available: http://www.opencellid.org/
[50] C.-H. Lee, C.-Y. Shih, and Y.-S. Chen, “Stochastic geometry based models for
modeling cellular networks in urban areas,” Wireless networks, vol. 19, no. 6,
pp. 1063–1072, June 2013.
[51] J. G. Andrews, F. Baccelli, and R. K. Ganti, “A tractable approach to coverage
and rate in cellular networks,” IEEE Trans. Commun., vol. 59, no. 11, pp. 3122–
3134, Nov. 2011.
[52] C. Bettstetter, G. Resta, and P. Santi, “The node distribution of the random
waypoint mobility model for wireless ad hoc networks,” IEEE Trans. Mobile
Comput., vol. 2, no. 3, pp. 257–269, Sept. 2003.
40
[53] “Walking.” [Online]. Available: https://en.wikipedia.org/wiki/Walking