4,420 research outputs found
PILOT : Practical Privacy-Preserving Indoor Localization Using OuTsourcing
In the last decade, we observed a constantly growing number of Location-Based Services (LBSs) used in indoor environments, such as for targeted advertising in shopping malls or finding nearby friends. Although privacy-preserving LBSs were addressed in the literature, there was a lack of attention to the problem of enhancing privacy of indoor localization, i.e., the process of obtaining the users' locations indoors and, thus, a prerequisite for any indoor LBS. In this work we present PILOT, the first practically efficient solution for Privacy-Preserving Indoor Localization (PPIL) that was obtained by a synergy of the research areas indoor localization and applied cryptography. We design, implement, and evaluate protocols for Wi-Fi fingerprint-based PPIL that rely on 4 different distance metrics. To save energy and network bandwidth for the mobile end devices in PPIL, we securely outsource the computations to two non-colluding semi-honest parties. Our solution mixes different secure two-party computation protocols and we design size-and depth-optimized circuits for PPIL. We construct efficient circuit building blocks that are of independent interest: Single Instruction Multiple Data (SIMD) capable oblivious access to an array with low circuit depth and selection of the k-Nearest Neighbors with small circuit size. Additionally, we reduce Received Signal Strength (RSS) values from 8 bits to 4 bits without any significant accuracy reduction. Our most efficient PPIL protocol is 553x faster than that of Li et al. (INFOCOM'14) and 500Ă— faster than that of Ziegeldorf et al. (WiSec'14). Our implementation on commodity hardware has practical run-times of less than 1 second even for the most accurate distance metrics that we consider, and it can process more than half a million PPIL queries per day.Peer reviewe
HERMES: Scalable, Secure, and Privacy-Enhancing Vehicle Access System
We propose HERMES, a scalable, secure, and privacy-enhancing system for users
to share and access vehicles. HERMES securely outsources operations of vehicle
access token generation to a set of untrusted servers. It builds on an earlier
proposal, namely SePCAR [1], and extends the system design for improved
efficiency and scalability. To cater to system and user needs for secure and
private computations, HERMES utilizes and combines several cryptographic
primitives with secure multiparty computation efficiently. It conceals secret
keys of vehicles and transaction details from the servers, including vehicle
booking details, access token information, and user and vehicle identities. It
also provides user accountability in case of disputes. Besides, we provide
semantic security analysis and prove that HERMES meets its security and privacy
requirements. Last but not least, we demonstrate that HERMES is efficient and,
in contrast to SePCAR, scales to a large number of users and vehicles, making
it practical for real-world deployments. We build our evaluations with two
different multiparty computation protocols: HtMAC-MiMC and CBC-MAC-AES. Our
results demonstrate that HERMES with HtMAC-MiMC requires only approx 1,83 ms
for generating an access token for a single-vehicle owner and approx 11,9 ms
for a large branch of rental companies with over a thousand vehicles. It
handles 546 and 84 access token generations per second, respectively. This
results in HERMES being 696 (with HtMAC-MiMC) and 42 (with CBC-MAC-AES) times
faster compared to in SePCAR for a single-vehicle owner access token
generation. Furthermore, we show that HERMES is practical on the vehicle side,
too, as access token operations performed on a prototype vehicle on-board unit
take only approx 62,087 ms
A Randomized Kernel-Based Secret Image Sharing Scheme
This paper proposes a ()-threshold secret image sharing scheme that
offers flexibility in terms of meeting contrasting demands such as information
security and storage efficiency with the help of a randomized kernel (binary
matrix) operation. A secret image is split into shares such that any or
more shares () can be used to reconstruct the image. Each share has a
size less than or at most equal to the size of the secret image. Security and
share sizes are solely determined by the kernel of the scheme. The kernel
operation is optimized in terms of the security and computational requirements.
The storage overhead of the kernel can further be made independent of its size
by efficiently storing it as a sparse matrix. Moreover, the scheme is free from
any kind of single point of failure (SPOF).Comment: Accepted in IEEE International Workshop on Information Forensics and
Security (WIFS) 201
- …