P4TC—Provably-Secure yet Practical Privacy-Preserving Toll Collection
Authors: Valerie Fetzer (Karlsruhe Institute of Technology), Max Hoffmann (Ruhr University Bochum), Matthias Nagel (Karlsruhe Institute of Technology), Andy Rupp (University of Luxembourg), Rebecca Schwerdt (Karlsruhe Institute of Technology)
Volume: 2020
Issue: 3
Pages: 62–152
DOI: https://doi.org/10.2478/popets-2020-0046
Abstract: Electronic toll collection (ETC) is widely used all over the world not only to finance our road infrastructures, but also to realize advanced features like congestion management and pollution reduction by means of dynamic pricing. Unfortunately, existing systems rely on user identification and allow tracing a user’s movements. Several abuses of this personalized location data have already become public. In view of the planned Europeanwide interoperable tolling system EETS and the new EU General Data Protection Regulation, location privacy becomes of particular importance. In this paper, we propose a flexible security model and crypto protocol framework designed for privacy-preserving toll collection in the most dominant setting, i.e., Dedicated Short Range Communication (DSRC) ETC. A major challenge in designing the framework at hand was to combine provable security and practicality, where the latter includes practical performance figures and a suitable treatment of real-world issues, like broken onboard units etc. To the best of our knowledge, our work is the first in the DSRC setting with a rigorous security model and proof and arguably the most comprehensive formal treatment of ETC security and privacy overall. Additionally, we provide a prototypical implementation on realistic hardware which already features fairly practical performance figures. An interaction between an onboard unit and a road-side unit is estimated to take less than a second allowing for toll collection at full speed assuming one road-side unit per lane.
Keywords: Toll Collection, Privacy, Cyber-Physical Systems, Provable Security, Real-World Crypto, Universal Composability
Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 license.
