Skip to main content
Springer Nature Link
Log in

Passive Triangulation Attack on ORide

  • Conference paper
  • First Online:
Cryptology and Network Security (CANS 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13641))

Included in the following conference series:

Abstract

Privacy preservation in Ride Hailing Services is intended to protect privacy of drivers and riders. ORide is one of the early RHS proposals published at USENIX Security Symposium 2017. In the ORide protocol, riders and drivers, operating in a zone, encrypt their locations using a Somewhat Homomorphic Encryption scheme (SHE) and forward them to the Service Provider (SP). SP homomorphically computes the squared Euclidean distance between riders and available drivers. Rider receives the encrypted distances and selects the optimal rider after decryption. In order to prevent a triangulation attack, SP randomly permutes the distances before sending them to the rider.

In this work, we use propose a passive attack that uses triangulation to determine coordinates of all participating drivers whose permuted distances are available from the points of view of multiple honest-but-curious adversary riders. An attack on ORide was published at SAC 2021. The same paper proposes a countermeasure using noisy Euclidean distances to thwart their attack. We extend our attack to determine locations of drivers when given their permuted and noisy Euclidean distances from multiple points of reference, where the noise perturbation comes from a uniform distribution.

We conduct experiments with different number of drivers and for different perturbation values. Our experiments show that we can determine locations of all drivers participating in the ORide protocol. For the perturbed distance version of the ORide protocol, our algorithm reveals locations of about 25% to 50% of participating drivers. Our algorithm runs in time polynomial in the number of drivers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Universal Transverse Mercator: a map-projection system for geographical locations [20].

References

  1. Baker, B.S., Grosse, E., Rafferty, C.S.: Nonobtuse triangulation of polygons. Discrete Comput. Geom. 3(2), 147ā€“168 (1988). https://doi.org/10.1007/BF02187904

    Article  MathSciNet  MATH  Google Scholar 

  2. Bucher-Karlsson, M.: On minimal triangulations of products of convex polygons. Discrete Comput. Geom. 41(2), 328ā€“347 (2008). https://doi.org/10.1007/s00454-008-9087-5

    Article  MathSciNet  MATH  Google Scholar 

  3. Cheon, J.H., Kim, A., Kim, M., Song, Y.: Homomorphic encryption for arithmetic of approximate numbers. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part I. LNCS, vol. 10624, pp. 409ā€“437. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_15

    Chapter  Google Scholar 

  4. Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption. Cryptology ePrint Archive (2012). http://eprint.iacr.org/2012/144

  5. Hartley, R.I., Sturm, P.: Triangulation. Comput. Vis. Image Underst. 68(2), 146ā€“157 (1997). https://doi.org/10.1006/cviu.1997.0547. https://www.sciencedirect.com/science/article/pii/S1077314297905476

  6. Hurriyet Daily News: Istanbul taxi drivers hunt down, beat up Uber drivers as tensions rise (2018). https://www.hurriyetdailynews.com/istanbul-taxi-drivers-hunt-down-beat-up-uber-drivers-as-tensions-rise-128443. Accessed 11 June 2020

  7. Kirkpatrick, D.G., Klawe, M.M., Tarjan, R.E.: Polygon triangulation inO(n log logn) time with simple data structures. Discrete Comput. Geom. 7(4), 329ā€“346 (1992). https://doi.org/10.1007/BF02187846

    Article  MathSciNet  MATH  Google Scholar 

  8. Kumaraswamy, D., Murthy, S., Vivek, S.: Revisiting driver anonymity in ORide. In: AlTawy, R., HĆ¼lsing, A. (eds.) SAC 2021. LNCS, vol. 13203, pp. 25ā€“46. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-99277-4_2

    Chapter  Google Scholar 

  9. Kumaraswamy, D., Vivek, S.: Cryptanalysis of the privacy-preserving ride-hailing service TRACE. In: Adhikari, A., KĆ¼sters, R., Preneel, B. (eds.) INDOCRYPT 2021. LNCS, vol. 13143, pp. 462ā€“484. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92518-5_21

    Chapter  Google Scholar 

  10. Mohr, R., Quan, L., Veillon, F.: Relative 3d reconstruction using multiple uncalibrated images. I. J. Robotic Res. 14, 619ā€“632 (12 1995). https://doi.org/10.1177/027836499501400607

  11. Nabeel, M., Appel, S., Bertino, E., Buchmann, A.: Privacy preserving context aware publish subscribe systems. In: Lopez, J., Huang, X., Sandhu, R. (eds.) NSS 2013. LNCS, vol. 7873, pp. 465ā€“478. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38631-2_34

    Chapter  Google Scholar 

  12. Pham, A., Dacosta, I., Endignoux, G., Troncoso-Pastoriza, J.R., Huguenin, K., Hubaux, J.: ORide: a privacy-preserving yet accountable ride-hailing service. In: Kirda, E., Ristenpart, T. (eds.) 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, 16ā€“18 August 2017, pp. 1235ā€“1252. USENIX Association (2017)

    Google Scholar 

  13. Siedel, R.: A simple and fast incremental randomized algorithm for computing trapezoidal decompositions and for triangulating polygons. Comput. Geom. Theory Appl. 1, 51ā€“64 (1991)

    Article  MathSciNet  Google Scholar 

  14. Stein, W., et al.: Sage Mathematics Software (Version 8.6). The Sage Development Team (2019). http://www.sagemath.org

  15. TechCrunch+: Ride-hailing app Careem reveals data breach affecting 14 million people (2018). https://techcrunch.com/2018/04/23/careem-data-breach/. Accessed 01 May 2022

  16. thejournal.ie: West Dublin gang using hailing apps to target older taxi drivers (2019). https://www.thejournal.ie/west-dublin-taxi-robbery-4420178-Jan2019/. Accessed 11 June 2020

  17. Vivek, S.: Attacks on a privacy-preserving publish-subscribe system and a ride-hailing service. CoRR (2021). https://arxiv.org/abs/2105.04351

  18. Vivek, S.: Attacks on a privacy-preserving publish-subscribe system and a ride-hailing service 13129, 59ā€“71 (2021). https://doi.org/10.1007/978-3-030-92641-0_4

  19. Wang, F., et al.: Efficient and privacy-preserving dynamic spatial query scheme for ride-hailing services. IEEE Trans. Veh. Technol. 67(11), 11084ā€“11097 (2018)

    Article  Google Scholar 

  20. Wikipedia contributors: Universal Transverse Mercator coordinate system (2020). https://en.wikipedia.org/wiki/Universal_Transverse_Mercator_coordinate_system. Accessed 27 April 2020

  21. Yu, H., Shu, J., Jia, X., Zhang, H., Yu, X.: lpRide: lightweight and privacy-preserving ride matching over road networks in online ride hailing systems. IEEE Trans. Veh. Technol. 68(11), 10418ā€“10428 (2019)

    Article  Google Scholar 

  22. Zhao, Q., Zuo, C., Pellegrino, G., Lin, Z.: Geo-locating drivers: a study of sensitive data leakage in ride-hailing services. In: 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, 24ā€“27 February 2019. The Internet Society (2019). https://www.ndss-symposium.org/ndss-paper/geo-locating-drivers-a-study-of-sensitive-data-leakage-in-ride-hailing-services/

Download references

Acknowledgements

We thank the anonymous reviewers for their invaluable comments and suggestions, which helped us improve the manuscript. This work was partly funded by the INSPIRE Faculty Award (DST, Govt. of India) and the Infosys Foundation Career Development Chair Professorship grant for Srinivas Vivek.

Author information

Authors and Affiliations

  1. International Institute of Information Technology Bangalore, Bengaluru, India

    Shyam Murthy & Srinivas Vivek

Authors
  1. Shyam Murthy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Srinivas Vivek
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shyam Murthy .

Editor information

Editors and Affiliations

  1. University of Cambridge, Cambridge, UK

    Alastair R. Beresford

  2. Indian Institute of Science, Bangalore, India

    Arpita Patra

  3. Cryptography Research Center, Technology Innovation Institute, Abu Dhabi, United Arab Emirates

    Emanuele Bellini

A Algorithms for Triangulation Attack

A Algorithms for Triangulation Attack

figure a
figure b
figure c

Rights and permissions

Reprints and permissions

Copyright information

Ā© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Murthy, S., Vivek, S. (2022). Passive Triangulation Attack on ORide. In: Beresford, A.R., Patra, A., Bellini, E. (eds) Cryptology and Network Security. CANS 2022. Lecture Notes in Computer Science, vol 13641. Springer, Cham. https://doi.org/10.1007/978-3-031-20974-1_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-20974-1_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-20973-4

  • Online ISBN: 978-3-031-20974-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics