Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Privacy Enhancing Technologies

PET 2006: Privacy Enhancing Technologies pp 1–19Cite as

Privacy for Public Transportation

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4258))

Abstract

We propose an application of recent advances in e-cash, anonymous credentials, and proxy re-encryption to the problem of privacy in public transit systems with electronic ticketing. We discuss some of the interesting features of transit ticketing as a problem domain, and provide an architecture sufficient for the needs of a typical metropolitan transit system. Our system maintains the security required by the transit authority and the user while significantly increasing passenger privacy. Our hybrid approach to ticketing allows use of passive RFID transponders as well as higher powered computing devices such as smartphones or PDAs. We demonstrate security and privacy features offered by our hybrid system that are unavailable in a homogeneous passive transponder architecture, and which are advantageous for users of passive as well as active devices.

This research was partially supported by NSF CNS-052072 and a Ford Foundation Diversity Fellowship.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Juels, A., Molnar, D., Wagner, D.: Security and Privacy Issues in E-passports. In: Conference on Security and Privacy for Emerging Areas in Communication Networks – SecureComm, Athens, Greece, IEEE, Los Alamitos (2005)

    Google Scholar 

  2. Molnar, D., Wagner, D.: Privacy and Security in Library RFID: Issues, Practices, and Architectures. In: Pfitzmann, B., Liu, P. (eds.) Conference on Computer and Communications Security – ACM CCS, Washington DC, USA, pp. 210–219. ACM Press, New York (2004)

    Google Scholar 

  3. Avoine, G., Oechslin, P.: RFID Traceability: A Multilayer Problem. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 125–140. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  4. Dimitriou, T.: A Lightweight RFID Protocol to Protect Against Traceability and Cloning Attacks. In: Conference on Security and Privacy for Emerging Areas in Communication Networks – SecureComm, Athens, Greece, IEEE, Los Alamitos (2005)

    Google Scholar 

  5. Sarma, S., Weis, S., Engels, D.: Radio-Frequency Identification: Security Risks and Challenges. Cryptobytes, RSA Laboratories 6, 2–9 (2003)

    Google Scholar 

  6. Vajda, I., Buttyán, L.: Lightweight Authentication Protocols for Low-Cost RFID Tags. In: Second Workshop on Security in Ubiquitous Computing – Ubicomp 2003, Seattle, WA, USA (2003)

    Google Scholar 

  7. Handschuh, H., Paillier, P.: Smart Card Crypto-Coprocessors for Public Key Cryptography. In: Schneier, B., Quisquater, J.-J. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 386–394. Springer, Heidelberg (2000)

    Google Scholar 

  8. Trichina, E., Bucci, M., Seta, D.D., Luzzi, R.: Supplemental Cryptographic Hardware for Smart Cards. IEEE Micro 21, 26–35 (2001)

    Article  Google Scholar 

  9. Mohammed, E., Emarah, A., El-Shennawy, K.: Elliptic Curve Cryptosystems on Smart Cards. In: SEC 2002: Proceedings of the IFIP TC11 17th International Conference on Information Security, Deventer, The Netherlands, pp. 311–322. Kluwer, B.V, Dordrecht (2002)

    Google Scholar 

  10. Poupard, G., Stern, J.: On the Fly Signatures Based on Factoring. In: CCS 1999: Proceedings of the 6th ACM conference on Computer and communications security, pp. 37–45. ACM Press, New York (1999)

    Chapter  Google Scholar 

  11. Juels, A.: Minimalist Cryptography for Low-Cost RFID Tags. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 149–164. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. Camenisch, J., Lysyanskaya, A.: An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In: EUROCRYPT, Innsbruck(Typrol), Austria, IACR (2001)

    Google Scholar 

  13. Camenisch, J., Lysyanskaya, A.: Signature Schemes and Anonymous Credentials from Bilinear Maps. In: CRYPTO, Santa Barbara, CA, USA (2004)

    Google Scholar 

  14. Camenisch, J., Hohenberger, S., Lysyanskaya, A.: Compact E-Cash. In: EUROCRYPT, Aarhus, Denmark, IACR, pp. 302–321 (2005)

    Google Scholar 

  15. Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage. In: Proceedings of the 12th Annual Network and Distributed System Security Symposium (NDSS) (2005)

    Google Scholar 

  16. Ateniese, G., Hohenberger, S.: Proxy Re-Signatures: New Definitions, Algorithms, and Applications. In: Proceedings of the 12th ACM conference on Computer and communications security (CCS 2005), Alexandria, VA, USA, pp. 310–319. ACM Press, New York (2005)

    Chapter  Google Scholar 

  17. Federal Transit Administration: Federal Transit Administration National Transit Database. WWW (2006), http://www.ntdprogram.com

  18. The Smart Card Alliance: Hong Kong Octopus Card. WWW (2006), http://www.smarcardalliance.org/pdf/about_alliance/user_profiles/Hong_Kong_Octopus_Card.pdf

  19. Winters, N.: Personal Privacy and Popular Ubiquitous Technology. In: Ubiconf, London, United Kingdom (2004)

    Google Scholar 

  20. Roschke, G.: Notes from an Information Law Student. In: WWW (2006) (Last viewed February 24, 2006), http://luminousvoid.net/archives/16/wmata-responds

  21. Maxey, C., Benjamin, P.: Seamless Fare Collection: Using Smart Cards for Multiple-Mode Transit Trips. In: WWW (2006), http://www.apta.com/research/info/briefings/documents/maxey.pdf

  22. Bono, S., Green, M., Stubblefield, A., Juels, A., Rubin, A., Szydlo, M.: Security Analysis of a Cryptographically-Enabled RFID Device. In: USENIX Security Symposium, Baltimore, Maryland, USA, USENIX, pp. 1–16 (2005)

    Google Scholar 

  23. The Smart Card Alliance: Smart Card Talk Standards. The Smart Card Alliance Newsletter (2006) January issue

    Google Scholar 

  24. Washington Metropolitan Area Transit Authority: WMATA Privacy Policy Proposal. WWW (2006), http://www.wmata.com/about/parp2.cfm

  25. Washington Metropolitan Area Transit Authority: WMATA Privacy Policy. WWW (2006), http://www.wmata.com/about/parp_docs/pi_9_2_0.pdf

  26. San Francisco Bay Area Rapid Transit District: Bay Area Rapid Transit (BART) Fiscal Year 2004 Annual Report. WWW (2006)

    Google Scholar 

  27. Chaum, D.: Security without Identification: Transaction Systems to Make Big Brother Obsolete. CACM 28 (1985)

    Google Scholar 

  28. Guerineau, P.: Active RFID Technology Applied to Security Improvement and Statistical Control in Public Transit. In: Automatic Fare Collection. New Horizons in Public Transport with Smart Cards, Brussels, Belgium, International Union of Public Transport (2002)

    Google Scholar 

  29. Juels, A., Syverson, P., Bailey, D.: High-Power Proxies for Enhancing RFID Privacy and Utility. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol. 3856, Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  30. McDaniel, T.L., Haendler, F.: Advanced RF Cards for Fare Collection. In: Commercial Applications and Dual-Use Technology Conference Proceedings, National Telesystems Conference, pp. 31–35 (1993)

    Google Scholar 

  31. Ateniese, G., Camenisch, J., de Medeiros, B.: Untraceable RFID Tags via Insubvertible Encryption. In: Conference on Computer and Communications Security – CCS 2005, Alexandria, Virginia, USA, ACM Press, New York (2005)

    Google Scholar 

  32. Kang, J., Nyang, D.: RFID Authentication Protocol with Strong Resistance Against Traceability and Denial of Service Attacks. In: Molva, R., Tsudik, G., Westhoff, D. (eds.) ESAS 2005. LNCS, vol. 3813, pp. 164–175. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  33. Ranasinghe, D., Engels, D., Cole, P.: Low-Cost RFID Systems: Confronting Security and Privacy. In: Auto-ID Labs Research Workshop, Zurich, Switzerland (2004)

    Google Scholar 

  34. Juels, A., Rivest, R., Szydlo, M.: The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy. In: Atluri, V. (ed.) 8th ACM Conference on Compuer and Communications Security, pp. 103–111 (2003)

    Google Scholar 

  35. Attoh-Okine, N., Shen, L.: Security Issues of Emerging Smart Cards Fare Collection Application in Mass Transit. In: Vehicle Navigation and Information Systems Conference, pp. 523–526 (1995)

    Google Scholar 

  36. Sim, L., Seow, E., Prakasam, S.: Implementing an Enhanced Integrated Fare System for Singapore. Public Transport International 53, 34–37 (2004)

    Google Scholar 

  37. Neve, M., Peeters, E., Samyde, D., Quisquater, J.J.: Memories: A Survey of Their Secure Uses in Smart Cards. In: IEEE Security in Storage Workshop, pp. 62–72 (2003)

    Google Scholar 

  38. Anderson, R., Kuhn, M.: Tamper Resistance - A Cautionary Note. In: The Second USENIX Workshop on Electronic Commerce Proceedings, pp. 1–11 (1996)

    Google Scholar 

  39. Damgård, I., Dupont, K., Pedersen, M.Ø.: Unclonable Group Identification. Cryptology ePrint Archive, Report 2005/170 (2005), http://eprint.iacr.org/

  40. Burgess, J., Gallagher, B., Jensen, D., Levine, B.: Maxprop: Routing for vehicle-based disruption-tolerant networks. In: Proc. IEEE INFOCOM (2006)

    Google Scholar 

  41. Zhao, W., Ammar, M., Zegura, E.: A Message Ferrying Approach for Data Delivery in Sparse Mobile Ad Hoc Networks. In: MobiHoc 2004: Proceedings of the 5th ACM international symposium on Mobile ad hoc networking and computing, pp. 187–198. ACM Press, New York (2004)

    Chapter  Google Scholar 

  42. Zhao, W., Ammar, M.H.: Message Ferrying: Proactive Routing in Highly-Partitioned Wireless Ad Hoc Networks. In: FTDCS 2003: Proceedings of the The Ninth IEEE Workshop on Future Trends of Distributed Computing Systems (FTDCS 2003), p. 308. IEEE Computer Society, Washington (2003)

    Chapter  Google Scholar 

  43. Chaum, D., Fiat, A., Naor, M.: Untraceable Electronic Cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, New York (1990)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Massachusetts, Amherst, MA, 01003, USA

    Thomas S. Heydt-Benjamin, Hee-Jin Chae, Benessa Defend & Kevin Fu

Authors
  1. Thomas S. Heydt-Benjamin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hee-Jin Chae
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Benessa Defend
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kevin Fu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microsoft Research, Cambridge, UK

    George Danezis

  2. Palo Alto Research Center, 3333 Coyote Hill Rd, 94304, Palo Alto, CA, USA

    Philippe Golle

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Heydt-Benjamin, T.S., Chae, HJ., Defend, B., Fu, K. (2006). Privacy for Public Transportation. In: Danezis, G., Golle, P. (eds) Privacy Enhancing Technologies. PET 2006. Lecture Notes in Computer Science, vol 4258. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11957454_1

Download citation

  • DOI: https://doi.org/10.1007/11957454_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-68790-0

  • Online ISBN: 978-3-540-68793-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation