Skip to main content
SpringerLink
Log in

Design and Performance Evaluation of Two Approaches to Obtain Anonymity in Transferable Electronic Ticketing Schemes

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

Electronic tickets demonstrate, without the use of paper, the possession of the right to access or use of a service. In this scenario, the security and privacy achieved in the paper-based system must be preserved in the electronic ticketing systems. In addition to these requirements, the transferability of a ticket from one user to another (without involving a third party) is very useful but also generates other issues to be solved in terms of security and privacy. For example, the users that transfer the same ticket twice must be identified (it is a fraud), but the rest of users have to preserve their privacy (anonymity). In this article we present two proposals of an electronic ticketing system with anonymity and transferability, based on the use of RSA signatures or group signatures, respectively, thus presenting different levels of complexity and anonymity. Moreover, we have implemented both proposals and its performance has been evaluated. The results of this evaluation are useful in order to prove the viability of the proposals even when complex cryptography is used. The strength of the anonymity and the execution costs are the parameters to take into account to choose the more adequate proposal for a specific application.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Notes

  1. http://www.ticketmaster.com/transfer

  2. https://www.e-ticket.lu

  3. http://inmodo.com/

  4. https://www.openshift.com

  5. https://cloud.google.com/appengine/docs/whatisgoogleappengine

  6. http://www.hardwarezone.com.sg/review-google-nexus-s-succeeding-one/performance-part-i-8/ http://www.hardwarezone.com.sg/review-google-nexus-s-succeeding-one/performance-part-i-8/ http://www.verygoodreview.com/android-phone/samsung-galaxy-fame-gt-s6810-review.html/ http://www.verygoodreview.com/android-phone/samsung-galaxy-fame-gt-s6810-review.html/ http://www.verygoodreview.com/comparison/samsung-galaxy-s-iii-s3-gt-i9300-vs-htc-one-x.html/ http://www.verygoodreview.com/comparison/samsung-galaxy-s-iii-s3-gt-i9300-vs-htc-one-x.html/ http://mobileandphone.com/lg-google-nexus-5-vs-samsung-galaxy-s4-vs-lg-g2/ http://mobileandphone.com/lg-google-nexus-5-vs-samsung-galaxy-s4-vs-lg-g2/

References

  1. Vives-Guasch A, Payeras-Capellȧ M, Mut Puigserver M, Castellȧ-Roca J, Ferrer-Gomila J (2013) Anonymous and transferable electronic ticketing scheme. In: En data privacy management and autonomous spontaneous security, DPM 2013, LNCS 8247. Springer, pp 100–113

  2. Blazy O, Canard S, Fuchsbauer G, Gouget A, Sibert H, Traoré J (2011) Achieving optimal anonymity in transferable e-cash with a judge. In: Progress in cryptology, AFRICACRYPT 2011, volume 6737 of lecture notes in computer science. Springer, Berlin, pp 206–223

  3. Boneh D, Boyen X, Shacham H (2004) Short group signatures. In: CRYPTO, volume 3152 of LNCS. Springer, pp 41–55

  4. Chen Y, Chen C-L, Jan J-K (2007) A mobile ticket system based on personal trusted device. Wireless Person Commun 40(4):569–578

    Article  Google Scholar 

  5. Ghiron S, Sposato S, Medaglia C, Moroni A (2009) Nfc ticketing: a prototype and usability test of an nfc-based virtual ticketing application. In: Near field communication, NFC ’09. IEEE, p 45–50

  6. Heydt-Benjamin TS, Chae H-J, Defend B, Fu K (2006) Privacy for public transportation. In: 6th Workshop on privacy enhancing technologies (PET 2006), LNCS 4258. Springer, p 1–19

  7. Isern-Deya AP, Vives-Guasch, Mut-Puigserver M, Payeras-Capella M, Castella-Roca J (2012) A secure automatic fare collection system for time-based or distance-based services with revocable anonymity for users. Comput J

  8. Jao D, Yoshida K (2009) Boneh-boyen signatures and the strong difie-hellman problem. In: Pairing based cryptography, volume 5671 of LNCS. Springer, pp 41–55

  9. Jorns O, Jung O, Quirchmayr G (2007) A privacy enhancing service architecture for ticket-based mobile applications. In: Availability, reliability and security. ARES 2007 - The international dependability conference, vol 24, pp 374–383

  10. Mut-Puigserver M, Payeras-Capella MM, Ferrer-Gomila J-L, Vives-Guasch A, Castella-Roca J (2012) A survey of electronic ticketing applied to transport. Comput Secur 31(8):925–939

    Article  Google Scholar 

  11. Quercia D, Hailes S (2005) Motet: mobile transactions using electronic tickets. In: Security and privacy for emerging areas in communications networks, proceedings, vol 24, pp 374–383

  12. Vives-Guasch A, Castella-Roca J, Payeras-Capela M, Mut M (2010) An electronic and secure automatic fare collection system with revocable anonymity for users. In: Advances in mobile computing and multimedia (MoMM)

  13. Vives-Guasch A, Payeras-Capella MM, Mut-Puigserver M, Castella-Roca J, Ferrer-Gomila JL (2012) A secure e-ticketing scheme for mobile devices with near field communication (nfc) that includes exculpability and reusability. IEICE E95-D(1)

  14. De Caro A, Iovino V (2011) jPBC: Java pairing based cryptography. In: Proceedings of the 16th IEEE symposium on computers and communications, ISCC 2011. IEEE, pp 850–855

  15. Menezes A An introduction to pairing-based cryptography. Recent Trends in Cryptography. Contemporary Mathematics. Volume 477

  16. Applied Cryptography Group, PBC library manual. 2006. Available at url: https://crypto.stanford.edu/pbc/manual

Download references

Acknowledgments

This work was partially supported by the Spanish Government under CO-PRIVACY TIN2011-27076-C03-01, AccessTur TIN2014-54945-R, SmartGlacis TIN2014-57364-C2-1-R, SPARK & GO SPIP2015-01783, Red de excelencia Consolider ARES TIN2015-70054-REDC and MobileKey RTC-2014-2552-7 projects. Some of the authors are members of the UNESCO Chair in Data Privacy, yet the views expressed in this paper neither necessarily reflect the position of the UNESCO nor commit with that organization.

Author information

Authors and Affiliations

  1. Departament de Ciències Matemàtiques i Informàtica, Universitat de les Illes Balears, Carretera de Valldemossa, Km. 7,5, 07122, Palma, Spain

    M. Magdalena Payeras-Capellà & Macià Mut-Puigserver

  2. Departament d’Enginyeria Informàtica i Matemàtiques, UNESCO Chair in Data Privacy, Universitat Rovira i Virgili, Av. Països Catalans 26, 43007, Tarragona, Spain

    Jordi Castellà-Roca & Julio Bondia-Barceló

Authors
  1. M. Magdalena Payeras-Capellà
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Macià Mut-Puigserver
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jordi Castellà-Roca
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Julio Bondia-Barceló
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. Magdalena Payeras-Capellà.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Payeras-Capellà, M.M., Mut-Puigserver, M., Castellà-Roca, J. et al. Design and Performance Evaluation of Two Approaches to Obtain Anonymity in Transferable Electronic Ticketing Schemes. Mobile Netw Appl 22, 1137–1156 (2017). https://doi.org/10.1007/s11036-016-0732-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-016-0732-6

Keywords

Search

Navigation