Abstract
Privacy preservation in Ride Hailing Services is intended to protect privacy of drivers and riders. ORide is one of the early RHS proposals published at USENIX Security Symposium 2017. In the ORide protocol, riders and drivers, operating in a zone, encrypt their locations using a Somewhat Homomorphic Encryption scheme (SHE) and forward them to the Service Provider (SP). SP homomorphically computes the squared Euclidean distance between riders and available drivers. Rider receives the encrypted distances and selects the optimal rider after decryption. In order to prevent a triangulation attack, SP randomly permutes the distances before sending them to the rider.
In this work, we use propose a passive attack that uses triangulation to determine coordinates of all participating drivers whose permuted distances are available from the points of view of multiple honest-but-curious adversary riders. An attack on ORide was published at SAC 2021. The same paper proposes a countermeasure using noisy Euclidean distances to thwart their attack. We extend our attack to determine locations of drivers when given their permuted and noisy Euclidean distances from multiple points of reference, where the noise perturbation comes from a uniform distribution.
We conduct experiments with different number of drivers and for different perturbation values. Our experiments show that we can determine locations of all drivers participating in the ORide protocol. For the perturbed distance version of the ORide protocol, our algorithm reveals locations of about 25% to 50% of participating drivers. Our algorithm runs in time polynomial in the number of drivers.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Universal Transverse Mercator: a map-projection system for geographical locations [20].
References
Baker, B.S., Grosse, E., Rafferty, C.S.: Nonobtuse triangulation of polygons. Discrete Comput. Geom. 3(2), 147ā168 (1988). https://doi.org/10.1007/BF02187904
Bucher-Karlsson, M.: On minimal triangulations of products of convex polygons. Discrete Comput. Geom. 41(2), 328ā347 (2008). https://doi.org/10.1007/s00454-008-9087-5
Cheon, J.H., Kim, A., Kim, M., Song, Y.: Homomorphic encryption for arithmetic of approximate numbers. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part I. LNCS, vol. 10624, pp. 409ā437. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_15
Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption. Cryptology ePrint Archive (2012). http://eprint.iacr.org/2012/144
Hartley, R.I., Sturm, P.: Triangulation. Comput. Vis. Image Underst. 68(2), 146ā157 (1997). https://doi.org/10.1006/cviu.1997.0547. https://www.sciencedirect.com/science/article/pii/S1077314297905476
Hurriyet Daily News: Istanbul taxi drivers hunt down, beat up Uber drivers as tensions rise (2018). https://www.hurriyetdailynews.com/istanbul-taxi-drivers-hunt-down-beat-up-uber-drivers-as-tensions-rise-128443. Accessed 11 June 2020
Kirkpatrick, D.G., Klawe, M.M., Tarjan, R.E.: Polygon triangulation inO(n log logn) time with simple data structures. Discrete Comput. Geom. 7(4), 329ā346 (1992). https://doi.org/10.1007/BF02187846
Kumaraswamy, D., Murthy, S., Vivek, S.: Revisiting driver anonymity in ORide. In: AlTawy, R., HĆ¼lsing, A. (eds.) SAC 2021. LNCS, vol. 13203, pp. 25ā46. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-99277-4_2
Kumaraswamy, D., Vivek, S.: Cryptanalysis ofĀ theĀ privacy-preserving ride-hailing service TRACE. In: Adhikari, A., KĆ¼sters, R., Preneel, B. (eds.) INDOCRYPT 2021. LNCS, vol. 13143, pp. 462ā484. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92518-5_21
Mohr, R., Quan, L., Veillon, F.: Relative 3d reconstruction using multiple uncalibrated images. I. J. Robotic Res. 14, 619ā632 (12 1995). https://doi.org/10.1177/027836499501400607
Nabeel, M., Appel, S., Bertino, E., Buchmann, A.: Privacy preserving context aware publish subscribe systems. In: Lopez, J., Huang, X., Sandhu, R. (eds.) NSS 2013. LNCS, vol. 7873, pp. 465ā478. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38631-2_34
Pham, A., Dacosta, I., Endignoux, G., Troncoso-Pastoriza, J.R., Huguenin, K., Hubaux, J.: ORide: a privacy-preserving yet accountable ride-hailing service. In: Kirda, E., Ristenpart, T. (eds.) 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, 16ā18 August 2017, pp. 1235ā1252. USENIX Association (2017)
Siedel, R.: A simple and fast incremental randomized algorithm for computing trapezoidal decompositions and for triangulating polygons. Comput. Geom. Theory Appl. 1, 51ā64 (1991)
Stein, W., et al.: Sage Mathematics Software (Version 8.6). The Sage Development Team (2019). http://www.sagemath.org
TechCrunch+: Ride-hailing app Careem reveals data breach affecting 14 million people (2018). https://techcrunch.com/2018/04/23/careem-data-breach/. Accessed 01 May 2022
thejournal.ie: West Dublin gang using hailing apps to target older taxi drivers (2019). https://www.thejournal.ie/west-dublin-taxi-robbery-4420178-Jan2019/. Accessed 11 June 2020
Vivek, S.: Attacks on a privacy-preserving publish-subscribe system and a ride-hailing service. CoRR (2021). https://arxiv.org/abs/2105.04351
Vivek, S.: Attacks on a privacy-preserving publish-subscribe system and a ride-hailing service 13129, 59ā71 (2021). https://doi.org/10.1007/978-3-030-92641-0_4
Wang, F., et al.: Efficient and privacy-preserving dynamic spatial query scheme for ride-hailing services. IEEE Trans. Veh. Technol. 67(11), 11084ā11097 (2018)
Wikipedia contributors: Universal Transverse Mercator coordinate system (2020). https://en.wikipedia.org/wiki/Universal_Transverse_Mercator_coordinate_system. Accessed 27 April 2020
Yu, H., Shu, J., Jia, X., Zhang, H., Yu, X.: lpRide: lightweight and privacy-preserving ride matching over road networks in online ride hailing systems. IEEE Trans. Veh. Technol. 68(11), 10418ā10428 (2019)
Zhao, Q., Zuo, C., Pellegrino, G., Lin, Z.: Geo-locating drivers: a study of sensitive data leakage in ride-hailing services. In: 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, 24ā27 February 2019. The Internet Society (2019). https://www.ndss-symposium.org/ndss-paper/geo-locating-drivers-a-study-of-sensitive-data-leakage-in-ride-hailing-services/
Acknowledgements
We thank the anonymous reviewers for their invaluable comments and suggestions, which helped us improve the manuscript. This work was partly funded by the INSPIRE Faculty Award (DST, Govt. of India) and the Infosys Foundation Career Development Chair Professorship grant for Srinivas Vivek.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Algorithms forĀ Triangulation Attack
A Algorithms forĀ Triangulation Attack
Rights and permissions
Copyright information
Ā© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Murthy, S., Vivek, S. (2022). Passive Triangulation Attack onĀ ORide. In: Beresford, A.R., Patra, A., Bellini, E. (eds) Cryptology and Network Security. CANS 2022. Lecture Notes in Computer Science, vol 13641. Springer, Cham. https://doi.org/10.1007/978-3-031-20974-1_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-20974-1_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-20973-4
Online ISBN: 978-3-031-20974-1
eBook Packages: Computer ScienceComputer Science (R0)