Privacy-Enhanced Participatory Sensing with Collusion Resistance and Data Aggregation
Abstract
Participatory sensing enables new paradigms and markets for information collection based on the ubiquitous availability of smartphones, but also introduces privacy challenges for participating users and their data. In this work, we review existing security models for privacy-preserving participatory sensing and propose several improvements that are both of theoretical and practical significance.
We first address an important drawback of prior work, namely the lack of consideration of collusion attacks that are highly relevant for such multi-user settings. We explain why existing security models are insufficient and why previous protocols become insecure in the presence of colluding parties. We remedy this problem by providing new security and privacy definitions that guarantee meaningful forms of collusion resistance. We propose new collusion-resistant participatory sensing protocols satisfying our definitions: a generic construction that uses anonymous identity-based encryption (IBE) and its practical instantiation based on the Boneh-Franklin IBE scheme.
We then extend the functionality of participatory sensing by adding the ability to perform aggregation on the data submitted by the users, without sacrificing their privacy. We realize this through an additively-homomorphic IBE scheme which in turn is constructed by slightly modifying the Boneh-Franklin IBE scheme. From a practical point of view, the resulting scheme is suitable for calculations with small sensor readings/values such as temperature measurements, noise levels, or prices, which is sufficient for many applications of participatory sensing.
Keywords
Privacy participatory sensing collusion resistance data aggregation cryptographic models additively homomorphic identity-based encryptionPreview
Unable to display preview. Download preview PDF.
References
- 1.Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 205–222. Springer, Heidelberg (2005)CrossRefGoogle Scholar
- 2.Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public Key Encryption with Keyword Search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)CrossRefGoogle Scholar
- 3.Boneh, D., Franklin, M.K.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
- 4.Boneh, D., Franklin, M.K.: Identity-Based Encryption from the Weil Pairing. SIAM Journal on Computing 32(3), 586–615 (2003)MathSciNetCrossRefMATHGoogle Scholar
- 5.Boyen, X., Waters, B.: Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles). In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 290–307. Springer, Heidelberg (2006)CrossRefGoogle Scholar
- 6.Cornelius, C., Kapadia, A., Kotz, D., Peebles, D., Shin, M., Triandopoulos, N.: AnonySense: Privacy-Aware People-Centric Sensing. In: Grunwald, D., Han, R., de Lara, E., Ellis, C.S. (eds.) MobiSys 2008, pp. 211–224. ACM, New York (2008)Google Scholar
- 7.De Cristofaro, E., Soriente, C.: Short Paper: PEPSI: Privacy-Enhanced Participatory Sensing Infrastructure. In: Gollmann, D., Westhoff, D., Tsudik, G., Asokan, N. (eds.) WISEC 2011, pp. 23–28. ACM, New York (2011)Google Scholar
- 8.De Cristofaro, E., Soriente, C.: Extended Capabilities for a Privacy-Enhanced Participatory Sensing Infrastructure (PEPSI). IEEE Transactions on Information Forensics and Security 8(12), 2021–2033 (2013)CrossRefGoogle Scholar
- 9.De Cristofaro, E., Soriente, C.: Participatory Privacy: Enabling Privacy in Participatory Sensing. IEEE Network 27(1), 32–36 (2013)CrossRefGoogle Scholar
- 10.D’Hondt, E., Stevens, M., Jacobs, A.: Participatory noise mapping works! An evaluation of participatory sensing as an alternative to standard techniques for environmental monitoring. Pervasive and Mobile Computing 9(5), 681–694 (2013)CrossRefGoogle Scholar
- 11.Dimitriou, T., Krontiris, I., Sabouri, A.: PEPPeR: A Querier’s Privacy Enhancing Protocol for PaRticipatory Sensing. In: Schmidt, A.U., Russello, G., Krontiris, I., Lian, S. (eds.) MobiSec 2012. LNICST, vol. 107, pp. 93–106. Springer, Heidelberg (2012)CrossRefGoogle Scholar
- 12.Eisenman, S.B., Miluzzo, E., Lane, N.D., Peterson, R.A., Ahn, G.S., Campbell, A.T.: The BikeNet mobile sensing system for cyclist experience mapping. In: Jha, S. (ed.) SenSys 2007, pp. 87–101. ACM, New York (2007)Google Scholar
- 13.European Parliament and Council: EU Directive 95/46/EC (1995), http://www.dataprotection.ie/viewdoc.asp?docid=89
- 14.Ganti, R.K., Pham, N., Tsai, Y.E., Abdelzaher, T.F.: PoolView: Stream Privacy for Grassroots Participatory Sensing. In: Abdelzaher, T.F., Martonosi, M., Wolisz, A. (eds.) SenSys 2008, pp. 281–294. ACM, New York (2008)Google Scholar
- 15.Gentry, C.: Practical Identity-Based Encryption Without Random Oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 445–464. Springer, Heidelberg (2006)CrossRefGoogle Scholar
- 16.Günther, F., Manulis, M., Peter, A.: Privacy-Enhanced Participatory Sensing with Collusion Resistance and Data Aggregation. Cryptology ePrint Archive, Report 2014/382 (2014), http://eprint.iacr.org/
- 17.Huang, K.L., Kanhere, S.S., Hu, W.: Preserving privacy in participatory sensing systems. Computer Communications 33(11), 1266–1280 (2010)CrossRefGoogle Scholar
- 18.Hull, B., Bychkovsky, V., Zhang, Y., Chen, K., Goraczko, M., Miu, A., Shih, E., Balakrishnan, H., Madden, S.: CarTel: A Distributed Mobile Sensor Computing System. In: Campbell, A.T., Bonnet, P., Heidemann, J.S. (eds.) SenSys 2006, pp. 125–138. ACM, New York (2006)Google Scholar
- 19.Li, Q., Cao, G.: Efficient Privacy-Preserving Stream Aggregation in Mobile Sensing with Low Aggregation Error. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 60–81. Springer, Heidelberg (2013)CrossRefGoogle Scholar
- 20.Özdemir, S., Xiao, Y.: Secure data aggregation in wireless sensor networks: A comprehensive overview. Computer Networks 53(12), 2022–2037 (2009)CrossRefGoogle Scholar
- 21.Shi, J., Zhang, R., Liu, Y., Zhang, Y.: PriSense: Privacy-Preserving Data Aggregation in People-Centric Urban Sensing Systems. In: INFOCOM 2010, pp. 758–766. IEEE (2010)Google Scholar