PrivateRide: A Privacy-Enhanced Ride-Hailing Service Overview

PrivateRide is a revolutionary privacy-enhanced ride-hailing service developed by a team of researchers, aiming to address high-risk threats in traditional ride-hailing services. The service focuses on ensuring user privacy by preventing tracking of riders' locations and avoiding harvesting of drivers' personal information while maintaining usability, accountability, and economic incentives for service providers. Through a secure protocol involving secure channels and proximity checks, PrivateRide introduces a novel approach to protecting user data and enhancing privacy in the ride-hailing industry.

• Privacy
• Ride-Hailing
• Service Providers
• Threat Model
• Secure Protocol

sain_or Follow

Uploaded on Feb 17, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. PrivateRide: A Privacy-Enhanced Ride-Hailing Service Anh Pham1, Italo Dacosta1, Bastien Jacot-Guillarmod1, Ke vin Huguenin2, Taha Hajar1, Florian Trame r3, Virgil Gligor4, and Jean-Pierre Hubaux1 1EPFL, 2UNIL, 3Stanford, 4CMU

2. Ride-Hailing Services (RHSs) Millions of users, billions of rides, hundreds of cities 2

3. Service providers track riders locations 3

4. Our contributions The first general privacy analysis of RHSs Identified high-risk threats PrivateRide: the first solution that addresses the identified threats Privacy and performance evaluation of PrivateRide 4

5. RHS overview Match riders and drivers Compute fares Handle payment Provide reputation system Service Provider (SP) Internet Riders (R) Drivers (D) Offer rides Request rides 5

6. Threat model Honest-but-curious SP Outsider (O) Active Internet Riders (R) Drivers (D) Active Active 6

7. Privacy analysis: high-risk threats SP tracks riders locations SP database Precise pickup and drop-off locations Precise pickup and drop-off times Full Rider s real identity Driver s real identity location trace Fare Outsider harvests drivers PII SP Internet Outsider (O) 7

8. PrivateRide: Goals No riders location tracking No drivers PII harvesting while preserving: PrivateRide SP economic incentives Usability Payment and reputation operations Accountability 8

9. Overall protocol Secure channel Proximity channel (anonymously logged in using an AC) Rider: Bob SP Driver: Alice certBob e-cash ACs certAlice (1) zone1 Driver: Dave Ride initiation certDave (1) zone2 (2) zone3, e-cash deposit (3) Match to the closest driver (Alice) (4) Build a secure channel, exchange locations, repBob, generate a PIN Alice drives to pick up Bob (5) Alice s locations in real time In proximity of the pick-up location (6) Proximity check using PIN (7) Identifying info: vehicle s info., Alice s profile picture (8) Build and exchange reputation tokens (9) loc. b/w zone3 and drop-off zone (10) Done During the ride (11) Charge from deposit End of the ride 9 (12a) Anonymously rate Bob (12b) Anonymously rate Alice

10. Protocol analysis: PrivateRide vs. current RHSs Identities Pick-up loc. Pick-up time Drop-off loc. Drop-off time Loc. trace Fare Current RHSs Rider, Driver Precise Precise Precise Precise Full Yes PrivateRide Driver Zone Obfuscated Zone Obfuscated Partial Yes 10

11. Evaluation Data-sets NYC taxi rides: Pick-up, drop-off locations and times, drivers info. SF Uber rides: Truncated anonymous GPS traces Evaluation criteria Cryptographic overhead Privacy level (k-anonymity) [NYC] Effect of the size of the zones on Fare calculation [SF] Optimality of ride matching [NYC] 11

12. Cryptographic overhead A prototype Android1 client ACL2 operations Blind and standard signatures Security parameters: ACL with an EC group of 521 bits and 4096-bit RSA keys ACL with an EC group of 224 bits and 2048-bit RSA keys Negligible w.r.t. waiting time of minutes in RHSs 1 LG G3 (4x2.5 GHz, 2GB RAM) running Android 5.0 2 F. Baldimtsi and A. Lysyanskaya. Anonymous Credentials Light, CCS (2013) 12

13. Privacy guarantees Measured by k-anonymity Targeted attack by a powerful SP: Knows the pick-up location and time of a specific rider Wants to know the drop-off location General case: Knows riders home/work addresses Wants to profile riders activities 13

14. Privacy guarantees targeted attacks by powerful SP 100 proportion of rides [%] 80 60 Cloaking area (m2) 200 x 200 600 x 600 1000 x 1000 40 20 0 0 4 8 12 16 20 0 4 8 12 16 20 size of anonymity set size of anonymity set For least-busy hour: 4 AM 5 AM For peak hour: 7 PM 8 PM For zones of size 600 m x 600 m: 60% of rides has anonymity set 7 during peak hour 50% of rides has anonymity set 2 during least-busy hour 14

15. Conclusions The first analysis about privacy threats in RHSs The first privacy-enhancing solution for RHSs Negligible delay for ride-hailing operations Enhanced location privacy for riders Harvesting attacks on drivers PII are prevented Limitations: Trade-off between anonymity sets and accuracy of ride-matching operations Require riders to obtain e-cash in advance Follow-up work: ORide3 protocol at USENIX Security Symposium 2017 3http://oride.epfl.ch 15