• disruption-tolerant networking (DTN);
  • anonymity;
  • wireless;
  • pervasive;
  • privacy


Disruption-tolerant networking holds a great deal of potential for making communications easier and more flexible in pervasive assistive environments. However, security and privacy must be addressed to make these communications acceptable with respect to protecting patient privacy. We propose EnPassant, a system for using disruption-tolerant networking in privacy-preserving way. EnPassant uses concepts from anonymous communications, re-routing messages through groups of peer nodes to hide the relation between the sources and destinations. We describe a set of protocols that explore a practical range of tradeoffs between privacy and communication costs by modifying how closely the protocol adheres to the optimal predicted path. We also describe the cryptographic tools needed to facilitate changes in-group membership. Finally, we present the results of extensive trace-based simulation experiments that allow us to both compare between our proposed protocols and observe the costs of increasing the number of groups and intermediate nodes in a path. Copyright © 2010 John Wiley & Sons, Ltd.