Strangers Sets: Preserving Drones' Location Privacy while Avoiding Invasions of Critical Infrastructures

Preserving the location privacy of drones while allowing Critical Infrastructures (CIs) to detect invasions represents a significant challenge. To allow for the detection of such invasions, the current standard by the Federal Aviation Administration mandates drones to disclose their location (in cleartext). However, such a strategy provides malicious entities with significant possibilities for tracking and profiling, thus jeopardizing drones' privacy. A recent proposal suggested using geo-indistinguishability to sanitize drones’ locations while allowing CIs to detect invasions. However, due to the statistical nature of the approach, the risk of false invasion detection is inversely proportional to the privacy guarantees of drones. In this paper, we propose Privacy Preserving Invasion Detection (PPID), a novel approach based on a private set intersection algorithm to simultaneously protect drones' location privacy and allow CIs to detect invasions while avoiding the problem of false invasion detection. We propose two versions of the protocol: i) PPID, which uses an elliptic curve-based private set intersection to detect the co-presence of drone and CI in a given area, and ii) e-PPID, which extends the protocol with an approximation of the future location of the drone, to predict possible future invasions. To validate our proposal, we implement our protocols and deployed them on a proof of concept involving resource-constrained devices. We compute performance in terms of security, execution time, communication cost, and memory overhead. Our results show that PPID and e-PPID provide accurate results about an invasion requiring approx. 52ms and 84ms, respectively, in the worst-case scenario (i.e., the highest possible number of messages exchanged) and for a 256 bits security level.