Mobile Networks and Applications

, Volume 22, Issue 6, pp 1137–1156 | Cite as

Design and Performance Evaluation of Two Approaches to Obtain Anonymity in Transferable Electronic Ticketing Schemes

  • M. Magdalena Payeras-Capellà
  • Macià Mut-Puigserver
  • Jordi Castellà-Roca
  • Julio Bondia-Barceló


Electronic tickets demonstrate, without the use of paper, the possession of the right to access or use of a service. In this scenario, the security and privacy achieved in the paper-based system must be preserved in the electronic ticketing systems. In addition to these requirements, the transferability of a ticket from one user to another (without involving a third party) is very useful but also generates other issues to be solved in terms of security and privacy. For example, the users that transfer the same ticket twice must be identified (it is a fraud), but the rest of users have to preserve their privacy (anonymity). In this article we present two proposals of an electronic ticketing system with anonymity and transferability, based on the use of RSA signatures or group signatures, respectively, thus presenting different levels of complexity and anonymity. Moreover, we have implemented both proposals and its performance has been evaluated. The results of this evaluation are useful in order to prove the viability of the proposals even when complex cryptography is used. The strength of the anonymity and the execution costs are the parameters to take into account to choose the more adequate proposal for a specific application.


E-ticketing E-commerce Transferability Privacy Security Performance 



This work was partially supported by the Spanish Government under CO-PRIVACY TIN2011-27076-C03-01, AccessTur TIN2014-54945-R, SmartGlacis TIN2014-57364-C2-1-R, SPARK & GO SPIP2015-01783, Red de excelencia Consolider ARES TIN2015-70054-REDC and MobileKey RTC-2014-2552-7 projects. Some of the authors are members of the UNESCO Chair in Data Privacy, yet the views expressed in this paper neither necessarily reflect the position of the UNESCO nor commit with that organization.


  1. 1.
    Vives-Guasch A, Payeras-Capellȧ M, Mut Puigserver M, Castellȧ-Roca J, Ferrer-Gomila J (2013) Anonymous and transferable electronic ticketing scheme. In: En data privacy management and autonomous spontaneous security, DPM 2013, LNCS 8247. Springer, pp 100–113Google Scholar
  2. 2.
    Blazy O, Canard S, Fuchsbauer G, Gouget A, Sibert H, Traoré J (2011) Achieving optimal anonymity in transferable e-cash with a judge. In: Progress in cryptology, AFRICACRYPT 2011, volume 6737 of lecture notes in computer science. Springer, Berlin, pp 206–223Google Scholar
  3. 3.
    Boneh D, Boyen X, Shacham H (2004) Short group signatures. In: CRYPTO, volume 3152 of LNCS. Springer, pp 41–55Google Scholar
  4. 4.
    Chen Y, Chen C-L, Jan J-K (2007) A mobile ticket system based on personal trusted device. Wireless Person Commun 40(4):569–578CrossRefGoogle Scholar
  5. 5.
    Ghiron S, Sposato S, Medaglia C, Moroni A (2009) Nfc ticketing: a prototype and usability test of an nfc-based virtual ticketing application. In: Near field communication, NFC ’09. IEEE, p 45–50Google Scholar
  6. 6.
    Heydt-Benjamin TS, Chae H-J, Defend B, Fu K (2006) Privacy for public transportation. In: 6th Workshop on privacy enhancing technologies (PET 2006), LNCS 4258. Springer, p 1–19Google Scholar
  7. 7.
    Isern-Deya AP, Vives-Guasch, Mut-Puigserver M, Payeras-Capella M, Castella-Roca J (2012) A secure automatic fare collection system for time-based or distance-based services with revocable anonymity for users. Comput JGoogle Scholar
  8. 8.
    Jao D, Yoshida K (2009) Boneh-boyen signatures and the strong difie-hellman problem. In: Pairing based cryptography, volume 5671 of LNCS. Springer, pp 41–55Google Scholar
  9. 9.
    Jorns O, Jung O, Quirchmayr G (2007) A privacy enhancing service architecture for ticket-based mobile applications. In: Availability, reliability and security. ARES 2007 - The international dependability conference, vol 24, pp 374–383Google Scholar
  10. 10.
    Mut-Puigserver M, Payeras-Capella MM, Ferrer-Gomila J-L, Vives-Guasch A, Castella-Roca J (2012) A survey of electronic ticketing applied to transport. Comput Secur 31(8):925–939CrossRefGoogle Scholar
  11. 11.
    Quercia D, Hailes S (2005) Motet: mobile transactions using electronic tickets. In: Security and privacy for emerging areas in communications networks, proceedings, vol 24, pp 374–383Google Scholar
  12. 12.
    Vives-Guasch A, Castella-Roca J, Payeras-Capela M, Mut M (2010) An electronic and secure automatic fare collection system with revocable anonymity for users. In: Advances in mobile computing and multimedia (MoMM)Google Scholar
  13. 13.
    Vives-Guasch A, Payeras-Capella MM, Mut-Puigserver M, Castella-Roca J, Ferrer-Gomila JL (2012) A secure e-ticketing scheme for mobile devices with near field communication (nfc) that includes exculpability and reusability. IEICE E95-D(1)Google Scholar
  14. 14.
    De Caro A, Iovino V (2011) jPBC: Java pairing based cryptography. In: Proceedings of the 16th IEEE symposium on computers and communications, ISCC 2011. IEEE, pp 850–855Google Scholar
  15. 15.
    Menezes A An introduction to pairing-based cryptography. Recent Trends in Cryptography. Contemporary Mathematics. Volume 477Google Scholar
  16. 16.
    Applied Cryptography Group, PBC library manual. 2006. Available at url:

Copyright information

© Springer Science+Business Media New York 2016

Authors and Affiliations

  • M. Magdalena Payeras-Capellà
    • 1
  • Macià Mut-Puigserver
    • 1
  • Jordi Castellà-Roca
    • 2
  • Julio Bondia-Barceló
    • 2
  1. 1.Departament de Ciències Matemàtiques i InformàticaUniversitat de les Illes BalearsPalmaSpain
  2. 2.Departament d’Enginyeria Informàtica i Matemàtiques, UNESCO Chair in Data PrivacyUniversitat Rovira i VirgiliTarragonaSpain

Personalised recommendations