Group wants to protect privacy as electronic toll systems grow

Cryptographic system would protect privacy on the road

WASHINGTON, DC -- Looking to head off privacy problems with the increased use of transponders in cars, particularly in Europe, a group of researchers is touting a cryptographic protocol that would protect the private information generated by the devices.

As countries and cities all over the world look to combat rising levels of car congestion and pollution, one of the ways proposed to control it is Public Road Pricing or in other words charging drivers proportionally to their road usage.  This strategy assigns prices to roads depending on their traffic density so basically you are charged more for driving on congested roads. The idea is to encourage users to change their route (or even avoid using their vehicles) thus reducing congestion. Moreover, ETP has also environmental benefits as it discourages driving hence reduces pollution, the researchers stated.

Seven advanced car technologies the government wants now

Such systems which would rely heavily on transponders mounted in cars for billing and tax purposes. Many such transponders are in use today in programs that let drivers pay for tolls by passing through gates that electronically pick up signals and typically send data to banks that bill their accounts for the charge.

"Current Electronic Toll Pricing (ETP) implementations rely on on-board units sending fine-grained location data to a service provider. ETP architectures proposed so far require that vehicles are equipped with an on-board unit necessary for collecting location data. At the end of each tax period, the fee corresponding to those data is computed either remotely or locally and relayed to the service provider. In both cases the service provider needs to be convinced that the fees correspond to the actual road usage of the driver, and that they have been correctly calculated. The verification is straightforward in implementations in which all the location data is sent to the service provider, but this constitutes an inherent threat to users' privacy," said Josep Balasch of the K.U. Leuven school talking about his teams' research paper presented at this week's Usenix Security Conference.

The revelation of location data ETP systems, besides conflicting with the users' right to privacy, can also pose inconveniences and extra investments to service providers as the law demands that personal data is stored and processed under strong security guarantees. Furthermore, it has been shown that security and privacy concerns are among the main reasons that discourage the use of electronic communication services, Balasch said.

What Balasch's group is proposing is known as PrETP, a privacy-preserving ETP system in which on-board units can prove that they use genuine data and perform correct operations while disclosing the minimum amount of location data. PrETP employs a cryptographic protocol, Optimistic Payment that ensures on-board units send along with the final fee commitments to the locations and prices used in the fee computation. These commitments do not reveal information on the locations or prices to the service provider. Moreover, they ensure that drivers cannot claim that they were at any other position, nor used different prices, from the ones used to create the commitments, the researchers state in their paper.

"In order to check the veracity of the committed values, we rely on the service provider having access to a proof (like a photograph taken by a road-side radar or a toll gate) that a car was at a specific point at a particular time..."

There are potential problems with that system of course.

Follow Michael Cooney on Twitter: nwwlayer8  

Layer 8 Extra

Check out these other hot stories:

Do we need a Federal law for electronics recycling?

NASA's head techie seeks brightest systems engineers of the future

FTC busts domain name scammers

NASA wants small robots to land on the Moon

NASA goes after lighting storms on Earth

Who really sets global cybersecurity standards?

Sun storm promises Northern light show extravaganza

NASA, ESA, pick key Mars joint mission instruments

Researchers touts glass invisibility cloak

X Prize opens $1.4M competition for technology to rapidly clean up oil spills

US military wants to protect social media privacy

FBI details worst social networking cyber crime problems

Copyright © 2010 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022