Privacy-Friendly Electronic Traffic Pricing via Commits

  • Wiebren de Jonge
  • Bart Jacobs
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5491)


This paper introduces a novel approach or architecture for fraud- resistant and privacy-friendly Electronic Traffic Pricing (ETP). One salient contribution is that it can satisfy the seemingly incompatible requirements of a privacy-friendly and so-called “thin” solution.

The proposed approach relies on regularly sending to the traffic Pricing Authority (PA) only hashes of travelled trajectories and hashes of the corresponding fees due. This makes it possible to achieve that users keep almost all data on the trajectories they travel and on the amounts they should pay completely hidden from the PA, without having to rely for their privacy protection on a so-called Trusted Third Party (TTP). Only a very small percentage of all these privacy-sensitive data requires that the pre-image trajectories and pre-image fees are revealed to the PA for spot-checking purposes (to detect cheating).

The calculations of the amounts due for trajectories travelled can be done—at desire—inside or outside the vehicle. Thus, seamless integration of “thin” and “thick” in one ETP system with one and the same spot-checking approach is made possible and easy. The calculations can be performed in a privacy-friendly way, since they do not require any vehicle or On-Board Equipment (OBE) identification.

The proposal can, for example, be used as a declaration-based approach much in line with current tax declaration traditions in which the individual citizen is personally responsible. However, the proposal allows for much individual variation (including delegation) and many additional (commercial) services. For example, it is also possible to reduce user responsibility and/or user involvement to an absolute minimum.


Global Navigation Satellite System Global Navigation Satellite System Privacy Protection Trust Third Party Physical Protection 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–88 (1981)CrossRefGoogle Scholar
  2. 2.
    Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multi-authority election scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  3. 3.
    Eisses, S., de Jonge, W., Habers, V.: Privacy and distance-based charging for all vehicles on all roads. In: Proceedings of the 13th ITS World Congress (2006),
  4. 4.
    de Jonge, W.: Kilometerheffing op basis van elektronische aangifte. Informatie, 22–27 (2003),
  5. 5.
    Kaufman, C., Perlman, R., Speciner, M.: Network Security. Private Communication in a Public World. Prentice Hall, Englewood Cliffs (2002)Google Scholar
  6. 6.
    Lessig, L.: The Future of Ideas. Vintage (2001)Google Scholar
  7. 7.
    Schneier, B.: Applied cryptography, 2nd edn. John Wiley & Sons, Chichester (1996)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Wiebren de Jonge
    • 1
  • Bart Jacobs
    • 2
  1. 1.TIP Systems BV, and Vrije Universiteit AmsterdamNetherlands
  2. 2.Inst. for Computing and Information Sciences Radboud Universiteit NijmegenNetherlands

Personalised recommendations