Abstract
Electronic tickets demonstrate, without the use of paper, the possession of the right to access or use of a service. In this scenario, the security and privacy achieved in the paper-based system must be preserved in the electronic ticketing systems. In addition to these requirements, the transferability of a ticket from one user to another (without involving a third party) is very useful but also generates other issues to be solved in terms of security and privacy. For example, the users that transfer the same ticket twice must be identified (it is a fraud), but the rest of users have to preserve their privacy (anonymity). In this article we present two proposals of an electronic ticketing system with anonymity and transferability, based on the use of RSA signatures or group signatures, respectively, thus presenting different levels of complexity and anonymity. Moreover, we have implemented both proposals and its performance has been evaluated. The results of this evaluation are useful in order to prove the viability of the proposals even when complex cryptography is used. The strength of the anonymity and the execution costs are the parameters to take into account to choose the more adequate proposal for a specific application.
Similar content being viewed by others
Notes
http://www.hardwarezone.com.sg/review-google-nexus-s-succeeding-one/performance-part-i-8/ http://www.hardwarezone.com.sg/review-google-nexus-s-succeeding-one/performance-part-i-8/ http://www.verygoodreview.com/android-phone/samsung-galaxy-fame-gt-s6810-review.html/ http://www.verygoodreview.com/android-phone/samsung-galaxy-fame-gt-s6810-review.html/ http://www.verygoodreview.com/comparison/samsung-galaxy-s-iii-s3-gt-i9300-vs-htc-one-x.html/ http://www.verygoodreview.com/comparison/samsung-galaxy-s-iii-s3-gt-i9300-vs-htc-one-x.html/ http://mobileandphone.com/lg-google-nexus-5-vs-samsung-galaxy-s4-vs-lg-g2/ http://mobileandphone.com/lg-google-nexus-5-vs-samsung-galaxy-s4-vs-lg-g2/
References
Vives-Guasch A, Payeras-Capellȧ M, Mut Puigserver M, Castellȧ-Roca J, Ferrer-Gomila J (2013) Anonymous and transferable electronic ticketing scheme. In: En data privacy management and autonomous spontaneous security, DPM 2013, LNCS 8247. Springer, pp 100–113
Blazy O, Canard S, Fuchsbauer G, Gouget A, Sibert H, Traoré J (2011) Achieving optimal anonymity in transferable e-cash with a judge. In: Progress in cryptology, AFRICACRYPT 2011, volume 6737 of lecture notes in computer science. Springer, Berlin, pp 206–223
Boneh D, Boyen X, Shacham H (2004) Short group signatures. In: CRYPTO, volume 3152 of LNCS. Springer, pp 41–55
Chen Y, Chen C-L, Jan J-K (2007) A mobile ticket system based on personal trusted device. Wireless Person Commun 40(4):569–578
Ghiron S, Sposato S, Medaglia C, Moroni A (2009) Nfc ticketing: a prototype and usability test of an nfc-based virtual ticketing application. In: Near field communication, NFC ’09. IEEE, p 45–50
Heydt-Benjamin TS, Chae H-J, Defend B, Fu K (2006) Privacy for public transportation. In: 6th Workshop on privacy enhancing technologies (PET 2006), LNCS 4258. Springer, p 1–19
Isern-Deya AP, Vives-Guasch, Mut-Puigserver M, Payeras-Capella M, Castella-Roca J (2012) A secure automatic fare collection system for time-based or distance-based services with revocable anonymity for users. Comput J
Jao D, Yoshida K (2009) Boneh-boyen signatures and the strong difie-hellman problem. In: Pairing based cryptography, volume 5671 of LNCS. Springer, pp 41–55
Jorns O, Jung O, Quirchmayr G (2007) A privacy enhancing service architecture for ticket-based mobile applications. In: Availability, reliability and security. ARES 2007 - The international dependability conference, vol 24, pp 374–383
Mut-Puigserver M, Payeras-Capella MM, Ferrer-Gomila J-L, Vives-Guasch A, Castella-Roca J (2012) A survey of electronic ticketing applied to transport. Comput Secur 31(8):925–939
Quercia D, Hailes S (2005) Motet: mobile transactions using electronic tickets. In: Security and privacy for emerging areas in communications networks, proceedings, vol 24, pp 374–383
Vives-Guasch A, Castella-Roca J, Payeras-Capela M, Mut M (2010) An electronic and secure automatic fare collection system with revocable anonymity for users. In: Advances in mobile computing and multimedia (MoMM)
Vives-Guasch A, Payeras-Capella MM, Mut-Puigserver M, Castella-Roca J, Ferrer-Gomila JL (2012) A secure e-ticketing scheme for mobile devices with near field communication (nfc) that includes exculpability and reusability. IEICE E95-D(1)
De Caro A, Iovino V (2011) jPBC: Java pairing based cryptography. In: Proceedings of the 16th IEEE symposium on computers and communications, ISCC 2011. IEEE, pp 850–855
Menezes A An introduction to pairing-based cryptography. Recent Trends in Cryptography. Contemporary Mathematics. Volume 477
Applied Cryptography Group, PBC library manual. 2006. Available at url: https://crypto.stanford.edu/pbc/manual
Acknowledgments
This work was partially supported by the Spanish Government under CO-PRIVACY TIN2011-27076-C03-01, AccessTur TIN2014-54945-R, SmartGlacis TIN2014-57364-C2-1-R, SPARK & GO SPIP2015-01783, Red de excelencia Consolider ARES TIN2015-70054-REDC and MobileKey RTC-2014-2552-7 projects. Some of the authors are members of the UNESCO Chair in Data Privacy, yet the views expressed in this paper neither necessarily reflect the position of the UNESCO nor commit with that organization.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Payeras-Capellà, M.M., Mut-Puigserver, M., Castellà-Roca, J. et al. Design and Performance Evaluation of Two Approaches to Obtain Anonymity in Transferable Electronic Ticketing Schemes. Mobile Netw Appl 22, 1137–1156 (2017). https://doi.org/10.1007/s11036-016-0732-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-016-0732-6