Home‎ > ‎May 2014‎ > ‎


Using One Time Digital Signature for Enhancing the User Privacy

Authors: Abrar Alkhamisi, Afnan Ba-Brahem, Omar Batarfi

The rapid growing of e-commerce applications in the last years with embedding the positioning services - e.g. the global positioning system (GPS) - in the mobile devices cause the spread usage of the location based services (LBS). The success of these applications depends mainly on keeping the user privacy which should be controlled via a set of rules, corporate policies and social standards. Moreover, the mobile users tend to hide any information that can help the service providers to know their locations and then use these locations to track them and learn about their interests. Lately, many technical solutions have been proposed in order to resolve this problem, but still there are some challenges. One solution for this problem, as we will discuss in this paper, is hiding the user location when requesting a location service from the LBS. This paper proposes a new protocol which is hybrid implementing between the private information retrieval (PIR) protocol and the zero knowledge proof (ZKP). This protocol aims to maintain the user privacy and protect him/her from LBS server through a digital signature that generate and verify itself by using new system digital signature generator and verifier (DSGV). This digital signature have a special designed based on the encryption using public key and then it is signed by using cryptographic hash function that can be utilized once for one service request demanding from LBS server. We used a simulator desktop application called "Nearest Location" to test this protocol. The testing of this protocol proves the success and effectively protects the users' location privacy from the service providers. Our evaluation shows that our proposed solution effectively blocks unauthorized parties from getting access to the user private information.


Digital Signature Generator and Verifier (DSGV), Location-Based Services (LBS), Location Privacy, Privacy

Volume 20, Issue 1, May 2014, pp. 905-910                    Download PDF

[1] Shin, K.G.; XiaoenJu; Zhigang Chen; Xin Hu, "Privacy protection for users of location-based services," Wireless Communications, IEEE , vol.19, no.1, pp.30,39, February 2012
[2] Amoli, A.S.; Kharrazi, M.; Jalili, R., "2Ploc: Preserving Privacy in Location-based Services," Social Computing (SocialCom), 2010 IEEE Second International Conference on , pp.707-712, 20-22 Aug. 2010
[3] Wenyan Zhang; Ximing Cui; Dengfeng Li; Debao Yuan; Mengru Wang, "The location privacy protection research in location-based service," Geoinformatics, 2010 18th International Conference on , vol., no., pp.1,4, 18-20 June 2010
[4] Gkoulalas-Divanis, A.; Verykios, V.S.; Eleftheriou, D., "PLOT: Privacy in Location Based Services: An Open-Ended Toolbox," Mobile Data Management: Systems, Services and Middleware, 2009. MDM '09. Tenth International Conference on , pp.62,71, 18-20 May 2009
[5] Jagwani, P.; Kaushik, S., "Defending Location Privacy Using Zero Knowledge Proof Concept in Location Based Services," Mobile Data Management (MDM), 2012 IEEE 13th International Conference on , pp.368-371, 23-26 July 2012.
[6] Yang Cao; Yan Li; Hui Li; Xingfang Wang, "An Anonymous Authentication Protocol for Privacy Protection in Location Based Services," Wireless Communications, Networking and Mobile Computing, 2008. WiCOM '08. 4th International Conference on , pp.1-5, 12-14 Oct. 2008.
[7] M. Jang & J. Chang, "A New K-NN Query Processing Algorithm Enhancing Privacy Protection in Location-Based Services," Computer and Information Technology (CIT), 2011 IEEE 11th International Conference on , pp.421- 428, Aug. 31 2011-Sept. 2 2011.
[8] Melchor, C.A.; Gaborit, P., "A fast private information retrieval protocol," Information Theory, 2008. ISIT 2008. IEEE International Symposium on , vol., no., pp.1848,1852, 6-11 July 2008.
[9] Jaafar, A.M.; Samsudin, A., "Visual Zero-Knowledge Proof of Identity Scheme: A New Approach," Computer Research and Development, 2010 Second International Conference on , pp.205,212, 7-10 May 2010
[10] Ming Qi; Bing Chen, "Construction of Safe Patent Trading Platform Based on Zero-Knowledge Proof," Information Processing, 2009. APCIP 2009. Asia-Pacific Conference on , vol.2, pp.627,630, 18-19 July 2009
[11] Introduction to Public-Key Cryptography. Mozilla Developer Network,[online] 2005, https://developer.mozilla.org/en-US/docs/Introduction_to_Public-Key_Cryptography (Accessed: 23 April 2013).
[12] J. Stretch. PacketLife.net,[online] 2010, http://packetlife.net/blog/2010/nov/23/symmetric-asymmetric-encryption-hashing(Accessed: 22 April 2013).
[13] D. Saylor. Devx, [Online] 2003. http://www.devx.com/security/Article/17249(Accessed: 15 April 2013).
[14] The Elliptic Curve Discrete Logarithm Problem. Certicom ,[online] 2009. http://www.certicom.com/index.php/52-the-elliptic-curve-discrete-logarithm-problem (Accessed: 22 June 2013). Chris Fox, " Attacking the Elliptic Curve Discrete Logarithm Problem" ,University of Washington, pp.1-5, 12 March 2010