Abstract
In this paper we deal with the situation that in certain contexts vendors have no incentive to implement anonymous payments or that existing regulation prevents complete customer anonymity. While the paper discusses the problem also in a general fashion, we use the recharging of electric vehicles using public charging infrastructure as a working example. Here, customers leave rather detailed movement trails, as they authenticate to charge and the whole process is post-paid, i.e., are billed after consumption. In an attempt to enforce transparency and give customers the information necessary to dispute a bill they deem inaccurate, Germany and other European countries require to retain the ID of the energy meter used in each charging process. Similar information is also retained in other applications, where Point of Sales terminals are used. While this happens in the customers’ best interest, this information is a location bound token, which compromises customers’ locational privacy and thus allows for the creation of rather detailed movement profiles. We adapt a carefully chosen group signature scheme to match these legal requirements and show how modern cryptographic methods can reunite the, in this case, conflicting requirements of transparency on the one hand and locational privacy on the other. In our solution, the user’s identity is explicitly known during a transaction, yet the user’s location is concealed, effectively hindering the creation of a movement profile based on financial transactions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Andrew J. Blumberg and Peter Eckersley, On Locational Privacy, and How to Avoid Losing it Forever, technical report (Electronic Frontier Foundation, 2009), accessed February 4, 2013, https://www.eff.org/wp/locational-privacy.
- 2.
E.g. David Chaum, “Security without identification: transaction systems to make big brother obsolete,” Commun. ACM 28, no. 10 (October 1985): 1030–1044, ISSN: 0001-0782, doi:10.1145/4372.4373, http://doi.acm.org/10.1145/4372.4373; David Chaum, Amos Fiat, and Moni Naor, “Untraceable Electronic Cash” in Advances in Cryptology—CRYPTO (1988); Stefan Brands, “Electronic cash systems based on the representation problem in groups of prime order” in CRYPTO (1993); Jan L. Camenisch, Jean-Marc Piveteau, and Markus A. Stadler, “An efficient electronic payment system protecting privacy,” in ESORICS (1994).
- 3.
David Chaum, “Blind Signatures for Untraceable Payments,” in Advances in Cryptology: Proceedings of CRYPTO ’82 (1982).
- 4.
Pike Research, Electric Vehicle Market Forecasts, http://www.pikeresearch.com/research/electric-vehicle-market-forecasts, 2013, accessed January 29, 2013.
- 5.
cars21.com, EU proposes minimum of 8 million EV charging points by 2020, http://beta.cars21.com/news/view/5171, 2013, accessed January 29, 2013.
- 6.
George Danezis, Roger Dingledine, and Nick Mathewson, “Mixminion: Design of a type III anonymous remailer protocol,” in IEEE Symposium on Security and Privacy, (2003).
- 7.
Ulf Möller et al., Mixmaster Protocol | Version 2, http://www.abditum.com/mixmaster-spec.txt, 2003.
- 8.
Roger Dingledine, Nick Mathewson, and Paul Syverson, “Tor: the second-generation onion router,” in 13th USENIX Security Symposium (2004).
- 9.
- 10.
David Chaum and Eugène van Heyst, “Group Signatures” in EUROCRYPT (1991), 257–265.
- 11.
We recall once again that user identities have to be known to the verifier for a proper billing process. Thus it is not possible to anonymize user identities in the bills.
- 12.
Cécile Delerable and David Pointcheval, “Dynamic Fully Anonymous Short Group Signatures" in VIETCRYPT (2006), 193–210.
- 13.
Dan Boneh, Xavier Boyen, and Hovav Shacham, “Short Group Signatures” in CRYPTO (2004), 41–55.
- 14.
Mihir Bellare, Haixia Shi, and Chong Zhang, “Foundations of Group Signatures: The Case of Dynamic Groups” in CT-RSA (2005), 136–153.
- 15.
Kitae Kim et al., “Batch Verification and Finding Invalid Signatures in a Group Signature Scheme,” I. J. Network Security 13, no. 2 (2011): 61–70.
- 16.
The batch verifier of Kim et al. uses the so-called small exponent test. Mihir Bellare, Juan A. Garay, and Tal Rabin, “Fast Batch Verification for Modular Exponentiation and Digital Signatures” in EUROCRYPT (1998), 236–250.
- 17.
Jan Camenisch and Anna Lysyanskaya, “Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials" in CRYPTO (2002), 61-76; Lan Nguyen, “Accumulators from Bilinear Pairings and Applications,” in CT-RSA (2005), 275–292.
- 18.
Boneh, Boyen, and Shacham, “Short Group Signatures.” in CRYPTO (2004).
- 19.
Moni Naor and Moti Yung, “Universal One-Way Hash Functions and their Cryptographic Applications,” in STOC (1989).
- 20.
Melissa Chase and Anna Lysyanskaya, “On Signatures of Knowledge,” in CRYPTO (2006), 78–96.
- 21.
Kim et al., “Batch Verification and Finding Invalid Signatures in a Group Signature Scheme”; Delerable and Pointcheval, “Dynamic Fully Anonymous Short Group Signatures.”
- 22.
Tibor Jager et al., “On the Security of TLS-DHE in the Standard Model” in Advances in Cryptology—CRYPTO (2012).
- 23.
Kim et al., “Batch Verification and Finding Invalid Signatures in a Group Signature Scheme”; Delerable and Pointcheval, “Dynamic Fully Anonymous Short Group Signatures.”
- 24.
- 25.
Chris Y.T. Ma et al., “Privacy vulnerability of published anonymous mobility traces,” in MobiCom ’10 (2010).
- 26.
Yves-Alexandre de Montjoye et al., “Unique in the Crowd: The privacy bounds of human mobility”, Scientific Reports, 2013, http://www.nature.com/srep/2013/130325/srep01376/full/srep01376.html
- 27.
John Krumm, “Inference Attacks on Location Tracks”, in Pervasive Computing (Pervasive 2007).
- 28.
Reza Shokri et al., “Quantifying Location Privacy,” in 2011 IEEE Symposium on Security and Privacy (SP) (May 2011), doi:10.1109/SP.2011.18
- 29.
Ian Jackson, “Anonymous addresses and confidentiality of location”, in Information Hiding (1996).
- 30.
Alastair R. Beresford and Frank Stajano, “Location privacy in pervasive computing”, IEEE Pervasive Computing 2, no. 1 (March 2003): 46–55, issn: 1536-1268, doi: 10.1109/MPRV.2003.1186725
- 31.
Raluca Ada Popa et al., “Privacy and accountability for location-based aggregate statistics”, in ACM CCS (2011).
- 32.
Jean-Pierre Hubaux, Srdjan Capkun, and Jun Luo, “The security and privacy of smart vehicles,” Security & Privacy, IEEE 2, no. 3 (2004): 49–55; Florian Dötzer, “Privacy Issues in Vehicular Ad Hoc Networks,” in Privacy Enhancing Technologies (2006); Julien Freudiger et al., “Mix-zones for location privacy in vehicular networks,” in Win-ITS (2007); K. Sampigethaya et al., “AMOEBA: Robust Location Privacy Scheme for VANET,” IEEE Journal on Selected Areas in Communications 25, no. 8 (October 2007): 1569–1589, issn: 0733-8716, doi: 10.1109/JSAC.2007.071007; Zhendong Ma, Location Privacy in Vehicular Communication Systems: a Measurement Approach (PhD thesis, University of Ulm, 2011).
- 33.
Thomas S. Heydt-Benjamin et al., “Privacy for Public Transportation", in Privacy Enhancing Technologies (2006); Erik-Oliver Blass et al., “PSP: private and secure payment with RFID,” in WPES (2009); Foteini Baldimtsi et al., “Pay as you go,” in HotPETs (2012).
- 34.
Josep Balasch et al., “PrETP: Privacy-Preserving Electronic Toll Pricing,” in 19th USENIX Security Symposium (2010).
- 35.
Sarah Meiklejohn et al., “The Phantom Tollbooth: Privacy-Preserving Electronic Toll Collection in the Presence of Driver Collusion,” in 20th USENIX Security Symposium (2011).
- 36.
Xihui Chen et al., “A Group Signature Based Electronic Toll Pricing System,” in ARES (2012).
- 37.
Raluca Ada Popa, Hari Balakrishnan, and Andrew Blumberg, “VPriv: protecting privacy in location-based vehicular services,” in USENIX Security Symposium (2009).
- 38.
Chao Li, Anonymous Payment Mechanisms for Electric Car Infrastructure, (master’s thesis, LU Leuven, 2011).
- 39.
Jan Camenisch, Susan Hohenberger, and Anna Lysyanskaya, “Compact E-Cash,” in Advances in Cryptology—EUROCRYPT (2005).
- 40.
Joseph Liu et al., “Enhancing Location Privacy for Electric Vehicles (at the right time),” in ESORICS (2012).
- 41.
Mark Stegelmann and Dogan Kesdogan, “Design and Evaluation of a Privacy-Preserving Architecture for Vehicle-to-Grid Interaction,” in EuroPKI (2012).
- 42.
- 43.
- 44.
Bibliography
Balasch, Josep, Alfredo Rial, Carmela Troncoso, Christophe Geuens, Bart Preneel, and Ingrid Verbauwhede. 2010. PrETP: Privacy-preserving electronic toll pricing. In 19th USENIX Security Symposium.
Baldimtsi, Foteini, Gesine Hinterwalder, Andy Rupp, Anna Lysyanskaya, Christof Paar, and Wayne Burleson. 2012. Pay as you go. In HotPETs.
Bellare, Mihir, Juan A. Garay, and Tal Rabin. 1998. Fast batch verification for modular exponentiation and digital signatures. In EUROCRYPT, 236–250.
Bellare, Mihir, Haixia Shi, and Chong Zhang. 2005. Foundations of group signatures: The case of dynamic groups. In CT-RSA, 136–153.
Beresford, Alastair, R., and Frank Stajano. 2003. Location privacy in pervasive computing. IEEE pervasive computing 2, 1 (Mar 2003): 46–55. ISSN: 1536-1268. doi:10.1109/MPRV.2003.1186725.
Blass, Erik-Oliver, Anil Kurmus, Refik Molva, and Thorsten Strufe. 2009. PSP: Private and secure payment with RFID. In WPES.
Blumberg, Andrew, J., and Peter Eckersley. 2009. On locational privacy, and how to avoid losing it forever. Technical report. Electronic frontier foundation. https://www.eff.org/wp/locational-privacy. Accessed 4 Feb 2013.
Boneh, Dan, Xavier Boyen, and Hovav Shacham. 2004. Short group signatures. In CRYPTO, 41–55.
Brands, Stefan. 1993. Electronic cash systems based on the representation problem in groups of prime order. In CRYPTO.
Camenisch, Jan L., Jean-Marc Piveteau, and Markus A. Stadler. 1994. An efficient electronic payment system protecting privacy. In ESORICS.
Camenisch, Jan, Susan Hohenberger, and Anna Lysyanskaya. 2005. Compact e-Cash. In Advances in cryptology—EUROCRYPT.
Camenisch, Jan, and Anna Lysyanskaya. 2002. Dynamic accumulators and application to efficient revocation of anonymous credentials. In CRYPTO, 61–76.
cars21.com. 2013. EU proposes minimum of 8 million EV charging points by 2020. http://beta.cars21.com/news/view/5171. Accessed 29 Jan 2013.
Chao Li. 2011. Anonymous payment mechanisms for electric car infrastructure. Master’s thesis, LU Leuven.
Chase, Melissa, and Anna Lysyanskaya. 2006. On signatures of knowledge. In CRYPTO, 78–96.
Chaum, David. 2013. Blind signatures for untraceable payments. In Advances in cryptology: Proceedings of CRYPTO ’82. 1982. Security without identification: Transaction systems to make big brother obsolete. Communication ACM 28, 10 (Oct 1985): 1030–1044. ISSN: 0001-0782. doi:10.1145/4372.4373. http://doi.acm.org/10.1145/4372.4373. Accessed 23 Jan 2013.
Chaum, David, Amos Fiat, and Moni Naor. 1988. Untraceable electronic cash. In Advances in cryptology—CRYPTO.
Chaum, David, and Eugne van Heyst. 1991. Group signatures. In EUROCRYPT, 257–265.
Chen, Xihui, Gabriele Lenzini, Sjouke Mauw, and Jun Pang.2012. A group signature based electronic toll pricing system. In ARES.
Danezis, George, Roger Dingledine, and Nick Mathewson. 2003. Mixminion: Design of a type III anonymous remailer protocol. In IEEE Symposium on Security and Privacy.
Delerable, Ccile, and David Pointcheval. 2006. Dynamic fully anonymous short group signatures. In VIETCRYPT, 193–210.
Dingledine, Roger, Nick Mathewson, and Paul Syverson. 2004. Tor: The second-generation onion router. In 13th USENIX Security Symposium.
Dtzer, Florian. 2006. Privacy issues in vehicular Ad Hoc networks. In Privacy enhancing technologies.
Freudiger, Julien, Maxim Raya, Mrk Flegyhzi, Panos Papadimitratos, et al. 2007. Mix-zones for location privacy in vehicular networks. In Win-ITS.
Heydt-Benjamin, Thomas S., Hee-Jin Chae, Benessa Defend, and Kevin Fu. Privacy for public transportation. In Privacy enhancing technologies.
Hubaux, Jean-Pierre, Srdjan Capkun, and Jun Luo. 2004. The security and privacy of smart vehicles. Security and Privacy, IEEE 2, 3: 49–55.
Jackson, Ian. 1996. Anonymous addresses and confidentiality of location. In Information hiding.
Jager, Tibor, Florian Kohlar, Sven Schge, and Jrg Schwenk. 2012. On the security of TLS-DHE in the standard model. In Advances in cryptology—CRYPTO.
Kim, Kitae, Ikkwon Yie, Seongan Lim, and Daehun Nyang. 2011. Batch verification and finding invalid signatures in a group signature scheme. I. J. Network Security 13 2: 61–70.
John Krumm. 2007. Inference attacks on location tracks. In Pervasive computing (Pervasive 2007).
Liu, Joseph, Man Au, Willy Susilo, and Jianying Zhou. 2012. Enhancing location privacy for electric vehicles (at the right time). In ESORICS.
Ma, Chris Y.T., David K.Y. Yau, Nung Kwan Yip, and Nageswara S.V. Rao. 2010. Privacy vulnerability of published anonymous mobility traces. In MobiCom ’10.
Ma, Zhendong. 2011. Location privacy in vehicular communication systems: A measurement approach. Ph.D. dissertation, University of Ulm, Ulm.
Meiklejohn, Sarah, Keaton Mowery, Stephen Checkoway, and Hovav Shacham. 2011. The phantom tollbooth: Privacy-preserving electronic toll collection in the presence of driver collusion. In 20th USENIX Security Symposium.
Möller, Ulf, Lance Cottrell, Peter Palfrader, and Len Sassaman. 2003. Mixmaster protocol | Version 2. http://www.abditum.com/mixmaster-spec.txt.
Montjoye, Yves-Alexandre de, Csar A. Hidalgo, Michel Verleysen, and Vincent D. Blondel. 2013. Unique in the crowd: The privacy bounds of human mobility. Scientific Reports. http://www.nature.com/srep/2013/130325/srep01376/full/srep01376.html.
Naor, Moni, and Moti Yung. 1989. Universal one-way hash functions and their cryptographic applications. In STOC, 33–43.
Nguyen, Lan. 2005. Accumulators from bilinear pairings and applications. In CT-RSA, 275–292.
Popa, Raluca Ada, Hari Balakrishnan, and Andrew Blumberg. 2009. VPriv: Protecting privacy in location-based vehicular services. In USENIX Security Symposium.
Popa, Raluca Ada, Andrew J Blumberg, Hari Balakrishnan, and Frank H Li. 2011. Privacy and accountability for location-based aggregate statistics. In ACM CCS.
Research, Pike. Electric Vehicle Market Forecasts. 2013. http://www.pikeresearch.com/research/electric-vehicle-market-forecasts. Accessed 29 Jan 2013.
Sampigethaya, K., Mingyan Li, Leping Huang, and R. Poovendran. 2007. AMOEBA: Robust location privacy scheme for VANET. IEEE Journal on Selected Areas in Communications 25, 8 (Oct 2007): 1569–1589. ISSN: 0733-8716. doi:10.1109/JSAC.2007.071007.
Shokri, R., G. Theodorakopoulos, J. Le Boudec, and J. Hubaux. 2011. Quantifying location privacy. In 2011 IEEE Symposium on Security and Privacy (SP), May 2011. doi:10.1109/SP.2011.18.
Stegelmann, Mark, and Dogan Kesdogan. 2012. Design and evaluation of a privacy-preserving architecture for vehicle-to-grid interaction. In EuroPKI.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
Appendix 1: Implementation Details
The current source code is a makefile project, written in C. We chose the language C, as the external routines and the libraries we rely on are also written in C, hence the whole project and its dependencies are written in one language. We implemented XSGS as a library. This XSGS library uses the GNU Multiple Precision Arithmetic Library1Footnote 42 for the basic arithmetic operations, the Pairing-Based Cryptography Library2Footnote 43 (PBC) for the curve and pairing-based arithmetic operations, the optimized reference implementation of the authors for the SHA3 hash algorithm (Keccak3) and the OpenSSL Library4 for RSA signature and certificate support.
At compile time one can choose between the TCMalloc LibraryFootnote 44 for a fast and multithreaded malloc() or the GNU C Library memory allocation, which will be linked to the XSGS library.
Appendix 2: Cryptographic Parameters
The PBC library defines a variety of pairing types, of which our XSGS implementation uses either type D, F, or G, respectively. The type can be chosen at compile time. The group order is ~300 bits, the curve parameters are as follows: r > = 160, q >=1024/k, k = 6 (type D) 12 (type F) 10 (type G).
Where Paillier’s operations are used, the modulus is of 1024 bit; RSA can by chose at compile time to use key lengths of either 1024, 2048, or 4096. The cryptographic hash function used throughout the XSGS implementation is the SHA3 contest winner Keccak with 256 bit hash length.
Rights and permissions
Copyright information
© 2016 Springer Science+Busines Media Dordrecht
About this chapter
Cite this chapter
Frosch, T., Schäge, S., Goll, M., Holz, T. (2016). On Locational Privacy in the Absence of Anonymous Payments. In: Gutwirth, S., Leenes, R., De Hert, P. (eds) Data Protection on the Move. Law, Governance and Technology Series(), vol 24. Springer, Dordrecht. https://doi.org/10.1007/978-94-017-7376-8_4
Download citation
DOI: https://doi.org/10.1007/978-94-017-7376-8_4
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-017-7375-1
Online ISBN: 978-94-017-7376-8
eBook Packages: Law and CriminologyLaw and Criminology (R0)