Aiming for minimizing passengers’ waiting time and vehicles’ vacancy rate, online car-hailing service systems with fog computing has been deployed in various scenarios. In this paper, we focus on addressing the security and privacy issues in such a promising system by customizing a new cryptographic primitive to provide the following security guarantees: (1) private, fine-grained and bilateral order matching between passengers and drivers; (2) authenticity verification of passengers’ orders in the form of ciphertext, and (3) temporal assurance of passengers’ ciphertext orders. To the best of our knowledge, no previous system has been designed to meet all three requirements. Existing cryptographic primitives (including forward/puncturable encryption (FE/PE) and attribute based matchmaking encryption (AB-ME)) may be leveraged to partially address some of challenges, but there lacks a comprehensive solution. Moreover, the integration of existing works is hampered by the heterogeneity and the weak coupling between distinct cryptographic primitives. As a result, it is infeasible to directly exploit them for the online car-hailing service. To tackle that, we put forward a new cryptographic primitive called Fine-grained Puncturable Matchmaking Encryption (FP-ME) by modifying AB-ME and incorporating PE technology. FP-ME can simultaneously implement fine-grained and bilateral order matching, the authenticity of passengers’ orders, and meeting the time constraint of passengers’ orders. We formalize the adversarial models for the proposed FP-ME and then present rigorous security analysis to prove the security of the proposed system. Additionally, we study performance of the system via simulations to demonstrate its practicability and effectiveness in the real-world applications.
|Number of pages
|IEEE Transactions on Information Forensics and Security
|Published - Aug 2022