Abstract
Most e-rental services require customers to register sensitive information, which gives malicious service providers a good opportunity to launch social engineering attacks, or to use data mining techniques collecting and analyzing customers’ information or rental preferences. Therefore, we propose an anonymous e-rental protocol based on ID-based cryptography and near field communication technology, with particular focus on vehicle rentals. Our contributions include: (1) Anonymity. Users’ real identity is hidden from the rental service providers. (2) Unlinkability. Rental service providers cannot find the relation between two rental records. (3) Traceability. As full anonymity is not always desirable, traceability allows disclosure of a malicious user’s identity, whereas other users’ privacy remains unviolated. Rental service providers can request TTP to reveal users’ identity with a legal warrant. (4) Flexibility. Users choose their preferred service providers and vehicles. (5) Anonymous payment. Rental service providers cannot associate users’ identity with the financial transactions.
Similar content being viewed by others
References
Zipcar (2013) http://www.zipcar.com/ Retrieved date 16 July 2013
Car2go (2013) http://www.car2go.com/ Retrieved date 16 July 2013
Slamanig D, Rass S (2010) Anonymous but authorized transactions supporting selective traceability. In: 5th International conference on security and cryptography-SECRYPT, pp 132–141
Wang S, Chen Z, Wang X (2008) A new certificateless electronic cash scheme with multiple banks based on group signatures. In: IEEE international symposium on electronic commerce and security
Chen Y, Chou JS, Sun HM, Cho MH (2011) A novel electronic cash system with trustee-based anonymity revocation from pairing. Electron Commerc Res Appl 10(6):673–682
Blanton M (2008) Online subscriptions with anonymous access. In: Proceedings of the 2008 ACM symposium on information, computer and communications, security, pp 217–227
Vasco M, Heidarvand S, Villar JL (2012) Flexible Anonymous Subscription Schemes. e-Business Telecommun 222:203–219
Lee MZ, Dunn AM, Katz J, Waters B, Witchel E (2013) Anon-Pass: practical anonymous subscriptions. In: 2013 IEEE symposium on security and privacy, pp 319–333
Meffert D (2009) Bilinear Pairings in Cryptography. Radboud Universiteit Nijmegen, Master thesis
Shamir A (1984) Identity-based cryptosystems and signature schemes. Advances in cryptology-crypto‘ 84. In: Lecture notes in computer science, vol 196. Springer, Berlin, pp 47–53
Jonsson J, Kaliski B (2003) Public-key cryptography standards (PKCS) #1: RSA cryptography specifications version 2.1. RFC 3447 (Informational), Internet Engineering Task Force.
Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48:203–209
Miller V (1986) Use of elliptic curves in cryptography. In: Advances in cryptology-crypto ‘85, pp 417–426
Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing. SIAM J Comput 2139:586–615
International Organization for Standardization (2007) ISO/IEC 18092–4. Information technology-Telecommunications and information exchange between systems-Near Field Communication-Interface and Protocol (NFCIP-1)
Madlmayr G, Langer J, Scharinger J (2008) Near Field Communication based Mobile Payment System. Proc. Mobile und Ubiquitäre Informationssysteme-Technologien, Prozesse, Marktfähigkeit, pp 81–93
Dutta R, Barua R, Sarkar P (2004), Pairing-based cryptographic protocols: a survey. Cryptology ePrint Archive, Report 2004/064
Zhang J, Wu Z, Li Y (2011) An improved identity-based authenticated key agreement protocol using pairings. In: International conference on computer science and network technology
Damme GV, Wouters K, Karahan H, Preneel B (2009) Offline NFC payments with electronic vouchers. In: ACM workshop on networking, systems, and applications on mobile handhelds-MobiHeld, pp 25–30
Jao D (2010) Elliptic curve cryptography. In: Handbook of information and communication security, pp 35–57
Lauter K (2004) The advantages of elliptic curve cryptography for wireless security. IEEE Wirel Commun pp 62–67
Menezes A, Okamoto T, Vanston S (1993), Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Trans Inf Theory, pp 1639–1646
Gong L, Needham R, Yahalom R (1990) Reasoning about belief in cryptographic protocols. In: IEEE computer society symposium on research in security and privacy, pp 234–248
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Luo, J.N., Yang, M.H. An anonymous e-rental protocol based on ID-based cryptography and NFC. J Supercomput 70, 31–53 (2014). https://doi.org/10.1007/s11227-013-1051-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-013-1051-3