PriSrv+: Privacy and Usability-Enhanced Wireless Service Discovery with Fast and Expressive Matchmaking Encryption
Yang Yang
Network and Distributed System Security (NDSS) Symposium 2026 · Day 3 · Connectivity & Privacy
Wireless service discovery protocols -- used in **Wi-Fi**, **mDNS**, **DNS-SD**, **BLE advertisements**, and **AirDrop-like workflows** -- are fundamentally leaky by design. They rely on cleartext broadcasts with weak or no authentication, enabling tracking, presence detection, session linkability, and identity exposure. Attackers can also inject spoofed messages for man-in-the-middle and denial-of-service attacks. This talk presents **PriSrv+**, a privacy-preserving service discovery protocol that replaces the core cryptographic primitive of its predecessor **PriServ (NDSS 2024)** with a new construction called **FeME (Fast and Expressive Matchmaking Encryption)**. FeME supports expressive **monotonic Boolean formula** policies over arbitrary string attributes while achieving **87% smaller ciphertexts**, approximately **7.7x faster broadcast**, **3.32x faster mutual authentication**, and **4.05x faster end-to-end performance** compared to the previous system. The improvements make the protocol practical for resource-constrained devices in BLE and mDNS environments.
AI review
A cryptographic construction for privacy-preserving wireless service discovery that achieves significant performance improvements over its predecessor. Solid applied cryptography, but purely defensive with no offensive security content and limited near-term practical impact given adoption barriers.