{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,30]],"date-time":"2025-12-30T03:16:11Z","timestamp":1767064571052,"version":"3.28.0"},"reference-count":0,"publisher":"Privacy Enhancing Technologies Symposium Advisory Board","issue":"1","license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["PoPETs"],"abstract":"<jats:p>In this paper, we investigate whether the privacy mechanism of periodically changing the pseudorandom identities of Bluetooth Low Energy (BLE) beacons is sufficient to ensure privacy. We consider a new natural privacy notion for BLE broadcasting beacons which we call ``Timed-sequence- indistinguishability'' of beacons. This new privacy definition is stronger than the well-known indistinguishability, since it considers not just the advertisements' content, but also the advertisements' broadcasting times which are observable in the physical world. We then prove that beacons with periodically changing pseudorandom identities do not achieve timed-sequence- indistinguishability. We do this by presenting a novel privacy attack against BLE beacons, which we call the ``Battery Insertion Attack.'' This new time-based privacy attack can be executed by merely inserting or reinserting the beacon's battery at the adversary's chosen time. We performed this attack against an actually deployed beacon. To mitigate the ``Battery Insertion Attack'' and other attacks associated with periodic signaling, we propose a new countermeasure involving quasi-periodic randomized scheduling of identity changes. We prove that our countermeasure ensures timed-sequence indistinguishability for beacons, thereby enhancing the beacon's privacy. Additionally, we show how to integrate this countermeasure in the attacked system while essentially preserving its feasibility and utility, which is crucial for practical industrial adoption.<\/jats:p>","DOI":"10.56553\/popets-2025-0037","type":"journal-article","created":{"date-parts":[[2024,11,10]],"date-time":"2024-11-10T19:21:16Z","timestamp":1731266476000},"page":"707-719","source":"Crossref","is-referenced-by-count":2,"title":["The Battery Insertion Attack: Is Periodic Pseudo-randomization Sufficient for Beacon Privacy?"],"prefix":"10.56553","volume":"2025","author":[{"given":"Liron","family":"David","sequence":"first","affiliation":[{"name":"Weizmann Institute of Science and Google Research"}]},{"given":"Avinatan","family":"Hassidim","sequence":"additional","affiliation":[{"name":"Bar-Ilan University and Google Research"}]},{"given":"Yossi","family":"David","sequence":"additional","affiliation":[{"name":"Tel-Aviv University and Google Research"}]},{"given":"Moti","family":"Yung","sequence":"additional","affiliation":[{"name":"Columbia University and Google Privacy, Security, and Safety Research"}]}],"member":"35752","published-online":{"date-parts":[[2025,1]]},"container-title":["Proceedings on Privacy Enhancing Technologies"],"original-title":[],"deposited":{"date-parts":[[2024,11,13]],"date-time":"2024-11-13T19:21:02Z","timestamp":1731525662000},"score":1,"resource":{"primary":{"URL":"https:\/\/petsymposium.org\/popets\/2025\/popets-2025-0037.php"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,1]]},"references-count":0,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,1]]}},"alternative-id":["10.56553\/popets-2025-0037"],"URL":"https:\/\/doi.org\/10.56553\/popets-2025-0037","relation":{},"ISSN":["2299-0984"],"issn-type":[{"type":"electronic","value":"2299-0984"}],"subject":[],"published":{"date-parts":[[2025,1]]}}}