Unlinkable Updatable Hiding Databases and Privacy-Preserving Loyalty Programs

Authors: Aditya Damodaran (SnT, University of Luxembourg, Esch-sur-Alzette, Luxembourg.), Alfredo Rial (SnT, University of Luxembourg, Esch-sur-Alzette, Luxembourg.)

Volume: 2021
Issue: 3
Pages: 95–121
DOI: https://doi.org/10.2478/popets-2021-0039


Download PDF

Abstract: Loyalty programs allow vendors to profile buyers based on their purchase histories, which can reveal privacy sensitive information. Existing privacyfriendly loyalty programs force buyers to choose whether their purchases are linkable. Moreover, vendors receive more purchase data than required for the sake of profiling. We propose a privacy-preserving loyalty program where purchases are always unlinkable, yet a vendor can profile a buyer based on her purchase history, which remains hidden from the vendor. Our protocol is based on a new building block, an unlinkable updatable hiding database (HD), which we define and construct. HD allows the vendor to initialize and update databases stored by buyers that contain their purchase histories and their accumulated loyalty points. Updates are unlinkable and, at each update, the database is hidden from the vendor. Buyers can neither modify the database nor use old versions of it. Our construction for HD is practical for large databases.

Keywords: UC framework, vector commitments

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 license.