Name
Title | ||
|---|---|---|
Cryptographic Theory Meets Practice: Efficient and Privacy-Preserving Payments for Public Transport |
Abstract | ||
|---|---|---|
We propose a new lightweight cryptographic payment scheme for transit systems, called P4R (Privacy-Preserving Pre-Payments with Refunds), which is suitable for low-cost user devices with limited capabilities. Using P4R, users deposit money to obtain one-show credentials, where each credential allows the user to make an arbitrary ride on the system. The trip fare is determined on-the-fly at the end of the trip. If the deposit for the credential exceeds this fare, the user obtains a refund. Refund values collected over several trips are aggregated in a single token, thereby saving memory and increasing privacy. Our solution builds on Brands’s e-cash scheme to realize the prepayment system and on Boneh-Lynn-Shacham (BLS) signatures to implement the refund capabilities. Compared to a Brands-only solution for transportation payment systems, P4R allows us to minimize the number of coins a user needs to pay for his rides and thus minimizes the number of expensive withdrawal transactions, as well as storage requirements for the fairly large coins. Moreover, P4R enables flexible pricing because it allows for exact payments of arbitrary amounts (within a certain range) using a single fast paying (and refund) transaction. Fortunately, the mechanisms enabling these features require very little computational overhead. Choosing contemporary security parameters, we implemented P4R on a prototyping payment device and show its suitability for future transit payment systems. Estimation results demonstrate that the data required for 20 rides consume less than 10KB of memory, and the payment and refund transactions during a ride take less than half a second. We show that malicious users are not able to cheat the system by receiving a refund that exceeds the overall deposit minus the overall fare and can be identified during double-spending checks. At the same time, the system protects the privacy of honest users in that transactions are anonymous (except for deposits) and trips are unlinkable. |
Year | DOI | Venue |
|---|---|---|
2015 | 10.1145/2699904 | ACM Trans. Inf. Syst. Secur. |
Keywords | DocType | Volume |
microcomputers,public policy issues,security and protection,algorithms,security,refunds,transportation systems,privacy,theory,e-cash,electronic commerce,lightweight payments | Journal | 17 |
Issue | ISSN | Citations |
3 | 1094-9224 | 3 |
PageRank | References | Authors |
0.40 | 29 | 4 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Andy Rupp | 1 | 196 | 16.95 |
| Foteini Baldimtsi | 2 | 127 | 12.00 |
| Gesine Hinterwälder | 3 | 34 | 3.08 |
| Christof Paar | 4 | 3794 | 442.62 |