PILOT: Practical Privacy-Preserving Indoor Localization Using OuTsourcing

In the last decade, we observed a constantly growing number of Location-Based Services (LBSs) used in indoor environments, such as for targeted advertising in shopping malls or finding nearby friends. Although privacy-preserving LBSs were addressed in the literature, there was a lack of attention to the problem of enhancing privacy of indoor localization, i.e., the process of obtaining the users' locations indoors and, thus, a prerequisite for any indoor LBS. In this work we present PILOT, the first practically efficient solution for Privacy-Preserving Indoor Localization (PPIL) that was obtained by a synergy of the research areas indoor localization and applied cryptography. We design, implement, and evaluate protocols for Wi-Fi fingerprint-based PPIL that rely on 4 different distance metrics. To save energy and network bandwidth for the mobile end devices in PPIL, we securely outsource the computations to two non-colluding semi-honest parties. Our solution mixes different secure two-party computation protocols and we design size-and depth-optimized circuits for PPIL. We construct efficient circuit building blocks that are of independent interest: Single Instruction Multiple Data (SIMD) capable oblivious access to an array with low circuit depth and selection of the k-Nearest Neighbors with small circuit size. Additionally, we reduce Received Signal Strength (RSS) values from 8 bits to 4 bits without any significant accuracy reduction. Our most efficient PPIL protocol is 553x faster than that of Li et al. (INFOCOM'14) and 500x faster than that of Ziegeldorf et al. (WiSec'14). Our implementation on commodity hardware has practical run-times of less than 1 second even for the most accurate distance metrics that we consider, and it can process more than half a million PPIL queries per day.

[1]  Ahmad-Reza Sadeghi,et al.  Compacting privacy-preserving k-nearest neighbor search using logic synthesis , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[2]  Klaus Wehrle,et al.  POSTER: Privacy-preserving Indoor Localization , 2014, ArXiv.

[3]  Steven M. Bellovin,et al.  When Enough is Enough: Location Tracking, Mosaic Theory, and Machine Learning , 2014 .

[4]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System (Awarded Best Student Paper!) , 2004 .

[5]  Payman Mohassel,et al.  SecureML: A System for Scalable Privacy-Preserving Machine Learning , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[6]  Philipp Richter,et al.  Revisiting Gaussian Process Regression Modeling for Localization in Wireless Sensor Networks , 2015, Sensors.

[7]  Konstantinos N. Plataniotis,et al.  WLAN Positioning Systems: Positioning systems , 2012 .

[8]  Marcel Keller,et al.  Efficient, Oblivious Data Structures for MPC , 2014, IACR Cryptol. ePrint Arch..

[9]  Per A. Hallgren,et al.  PrivatePool: Privacy-Preserving Ridesharing , 2017, 2017 IEEE 30th Computer Security Foundations Symposium (CSF).

[10]  Helena Leppäkoski,et al.  Received Signal Strength Quantization for Secure Indoor Positioning via Fingerprinting , 2018, 2018 8th International Conference on Localization and GNSS (ICL-GNSS).

[11]  Chunming Qiao,et al.  Indoor localization with asymmetric grid-based filters in large areas utilizing smartphones , 2017, 2017 IEEE International Conference on Communications (ICC).

[12]  Patrick Traynor,et al.  Whitewash: outsourcing garbled circuit generation for mobile devices , 2014, ACSAC.

[13]  Tao Zhang,et al.  Privacy-Preserving Wi-Fi Fingerprinting Indoor Localization , 2016, IWSEC.

[14]  Michael Zohner,et al.  Ad-Hoc Secure Two-Party Computation on Mobile Devices using Hardware Tokens , 2014, USENIX Security Symposium.

[15]  Joan Feigenbaum,et al.  Using Intel Software Guard Extensions for Efficient Two-Party Secure Function Evaluation , 2016, Financial Cryptography Workshops.

[16]  Zheng Yang,et al.  The Death and Rebirth of Privacy-Preserving WiFi Fingerprint Localization with Paillier Encryption , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[17]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[18]  Feipei Lai,et al.  A mobile indoor positioning system based on iBeacon technology , 2015, 2015 37th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC).

[19]  Paramvir Bahl,et al.  RADAR: an in-building RF-based user location and tracking system , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[20]  Tristan Henderson,et al.  CRAWDAD: a community resource for archiving wireless data at Dartmouth , 2005, CCRV.

[21]  Thomas Schneider,et al.  Towards Efficient Privacy-Preserving Similar Sequence Queries on Outsourced Genomic Databases , 2018, WPES@CCS.

[22]  William E. Burr,et al.  Recommendation for Key Management, Part 1: General (Revision 3) , 2006 .

[23]  L. Mainetti,et al.  An Indoor Location-Aware System for an IoT-Based Smart Museum , 2016, IEEE Internet of Things Journal.

[24]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[25]  Yan Chen,et al.  Achieving Centimeter-Accuracy Indoor Localization on WiFi Platforms: A Multi-Antenna Approach , 2017, IEEE Internet of Things Journal.

[26]  Julien Bringer,et al.  GSHADE: faster privacy-preserving distance computation and biometric identification , 2014, IH&MMSec '14.

[27]  Kay Hamacher,et al.  Large-Scale Privacy-Preserving Statistical Computations for Distributed Genome-Wide Association Studies , 2018, AsiaCCS.

[28]  Sudeep Pasricha,et al.  Indoor Localization with Smartphones: Harnessing the Sensor Suite in Your Pocket , 2017, IEEE Consumer Electronics Magazine.

[29]  Kostas E. Bekris,et al.  Using wireless Ethernet for localization , 2002, IEEE/RSJ International Conference on Intelligent Robots and Systems.

[30]  Mihir Bellare,et al.  Efficient Garbling from a Fixed-Key Blockcipher , 2013, 2013 IEEE Symposium on Security and Privacy.

[31]  David J. Wu,et al.  Secure genome-wide association analysis using multiparty computation , 2018, Nature Biotechnology.

[32]  Kostas E. Bekris,et al.  Robotics-Based Location Sensing Using Wireless Ethernet , 2005, Wirel. Networks.

[33]  Yunhao Liu,et al.  Peer-to-Peer Indoor Navigation Using Smartphones , 2017, IEEE Journal on Selected Areas in Communications.

[34]  Mohamed Ibrahim,et al.  Verification: Accuracy Evaluation of WiFi Fine Time Measurements on an Open Platform , 2018, MobiCom.

[35]  Tingting Zhang,et al.  Location privacy protection in asynchronous localization networks by resource allocation approaches , 2017, 2017 IEEE International Conference on Communications Workshops (ICC Workshops).

[36]  Michael Zohner,et al.  GMW vs. Yao? Efficient Secure Two-Party Computation with Low Depth Circuits , 2013, Financial Cryptography.

[37]  Per A. Hallgren,et al.  Privacy-Preserving Location-Proximity for Mobile Apps , 2017, 2017 25th Euromicro International Conference on Parallel, Distributed and Network-based Processing (PDP).

[38]  Xiaoying Gan,et al.  The collocation of measurement points in large open indoor environment , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[39]  Vladimir Kolesnikov,et al.  Improved OT Extension for Transferring Short Secrets , 2013, CRYPTO.

[40]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[41]  Srdjan Capkun,et al.  Secure RSS-based localization in sensor networks , 2011 .

[42]  A. B. M. Musa,et al.  Tracking unmodified smartphones using wi-fi monitors , 2012, SenSys '12.

[43]  Erik C. Rye,et al.  A Study of MAC Address Randomization in Mobile Devices and When it Fails , 2017, Proc. Priv. Enhancing Technol..

[44]  Stefan Katzenbeisser,et al.  Compiling Low Depth Circuits for Practical Secure Computation , 2016, ESORICS.

[45]  Niv Gilboa,et al.  Two Party RSA Key Generation , 1999, CRYPTO.

[46]  Peter Rindal,et al.  ABY3: A Mixed Protocol Framework for Machine Learning , 2018, IACR Cryptol. ePrint Arch..

[47]  Paul Congdon,et al.  Avoiding multipath to revive inbuilding WiFi localization , 2013, MobiSys '13.

[48]  Claudio Orlandi,et al.  A Framework for Outsourcing of Secure Computation , 2014, CCSW.

[49]  A. Asuncion,et al.  UCI Machine Learning Repository, University of California, Irvine, School of Information and Computer Sciences , 2007 .

[50]  Kartik Nayak,et al.  ObliVM: A Programming Framework for Secure Computation , 2015, 2015 IEEE Symposium on Security and Privacy.

[51]  Yehuda Lindell,et al.  More efficient oblivious transfer and extensions for faster secure computation , 2013, CCS.

[52]  Patrick Traynor,et al.  Secure outsourced garbled circuit evaluation for mobile devices , 2013, J. Comput. Secur..

[53]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[54]  Kay Hamacher,et al.  Privacy-Preserving Whole-Genome Variant Queries , 2017, CANS.

[55]  Ilja Radusch,et al.  Vehicle indoor positioning: A survey , 2017, 2017 14th Workshop on Positioning, Navigation and Communications (WPNC).

[56]  Joan Boyar,et al.  Tight bounds for the multiplicative complexity of symmetric functions , 2008, Theor. Comput. Sci..

[57]  Ron Kohavi,et al.  Wrappers for Feature Subset Selection , 1997, Artif. Intell..

[58]  Xinbing Wang,et al.  Temporal correlation of the RSS improves accuracy of fingerprinting localization , 2016, IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications.

[59]  Kenneth E. Batcher,et al.  Sorting networks and their applications , 1968, AFIPS Spring Joint Computing Conference.

[60]  Frank Piessens,et al.  Why MAC Address Randomization is not Enough: An Analysis of Wi-Fi Network Discovery Mechanisms , 2016, AsiaCCS.

[61]  Ahmad-Reza Sadeghi,et al.  Improved Garbled Circuit Building Blocks and Applications to Auctions and Computing Minima , 2009, IACR Cryptol. ePrint Arch..

[62]  Per A. Hallgren,et al.  MaxPace: Speed-constrained location queries , 2016, 2016 IEEE Conference on Communications and Network Security (CNS).

[63]  Per A. Hallgren,et al.  InnerCircle: A parallelizable decentralized privacy-preserving location proximity protocol , 2015, 2015 13th Annual Conference on Privacy, Security and Trust (PST).

[64]  Mariana Raykova,et al.  Secure Outsourced Computation in a Multi-Tenant Cloud , 2011 .

[65]  John von Neumann,et al.  First draft of a report on the EDVAC , 1993, IEEE Annals of the History of Computing.

[66]  Frederik Vercauteren,et al.  Towards practical privacy-preserving genome-wide association study , 2018, BMC Bioinformatics.

[67]  Wenbin Lin,et al.  Indoor Localization and Automatic Fingerprint Update with Altered AP Signals , 2017, IEEE Transactions on Mobile Computing.

[68]  Ching-Ter Chang,et al.  The integrated applications of WIFI and APP used in the shopping mall environment for menber card E-marketing , 2016, 2016 International Conference on Machine Learning and Cybernetics (ICMLC).

[69]  Ahmad-Reza Sadeghi,et al.  Automated Synthesis of Optimized Circuits for Secure Computation , 2015, CCS.

[70]  Michael Zohner,et al.  ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation , 2015, NDSS.

[71]  Donald Beaver,et al.  Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.

[72]  Raúl Montoliu,et al.  Comprehensive analysis of distance and similarity measures for Wi-Fi fingerprinting indoor positioning systems , 2015, Expert Syst. Appl..

[73]  Yehuda Lindell,et al.  High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority , 2016, IACR Cryptol. ePrint Arch..

[74]  Thomas Schneider,et al.  EPISODE: Efficient Privacy-PreservIng Similar Sequence Queries on Outsourced Genomic DatabasEs , 2019, AsiaCCS.

[75]  Patrick Traynor,et al.  Frigate: A Validated, Extensible, and Efficient Compiler and Interpreter for Secure Computation , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[76]  Limin Sun,et al.  Achieving privacy preservation in WiFi fingerprint-based localization , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[77]  Jing Liu,et al.  Survey of Wireless Indoor Positioning Techniques and Systems , 2007, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[78]  Florian Dorfmeister,et al.  Analyzing passive Wi-Fi fingerprinting for privacy-preserving indoor-positioning , 2016, 2016 International Conference on Localization and GNSS (ICL-GNSS).

[79]  Ahmad-Reza Sadeghi,et al.  Pushing the Communication Barrier in Secure Computation using Lookup Tables , 2017, NDSS.

[80]  Philipp Richter,et al.  Ubiquitous and Seamless Localization: Fusing GNSS Pseudoranges and WLAN Signal Strengths , 2017, Mob. Inf. Syst..

[81]  Andreas Haeberlen,et al.  Practical robust localization over large-scale 802.11 wireless networks , 2004, MobiCom '04.

[82]  Jiangchuan Liu,et al.  SiFi , 2018, Proc. ACM Interact. Mob. Wearable Ubiquitous Technol..

[83]  Jiguo Yu,et al.  IoT Applications on Secure Smart Shopping System , 2017, IEEE Internet of Things Journal.

[84]  Mariana Raykova,et al.  Privacy-Preserving Distributed Linear Regression on High-Dimensional Data , 2017, Proc. Priv. Enhancing Technol..

[85]  Gang Wang,et al.  I am the antenna: accurate outdoor AP location using smartphones , 2011, MobiCom '11.

[86]  Elena Simona Lohan,et al.  Robustness, Security and Privacy in Location-Based Services for Future IoT: A Survey , 2017, IEEE Access.

[87]  Patrick Traynor,et al.  Outsourcing Secure Two-Party Computation as a Black Box , 2015, CANS.

[88]  Yuval Ishai,et al.  Extending Oblivious Transfers Efficiently , 2003, CRYPTO.

[89]  Yehuda Lindell,et al.  From Keys to Databases - Real-World Applications of Secure Multi-Party Computation , 2018, IACR Cryptol. ePrint Arch..

[90]  Dragos Rotaru,et al.  MArBled Circuits: Mixing Arithmetic and Boolean Circuits with Active Security , 2019, IACR Cryptol. ePrint Arch..

[91]  Jie Yang,et al.  Multi-lateral privacy-preserving localization in pervasive environments , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[92]  Jörg Widmer,et al.  Indoor Localization Using Commercial Off-The-Shelf 60 GHz Access Points , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[93]  Dan S. Wallach,et al.  Wireless LAN location-sensing for security applications , 2003, WiSe '03.

[94]  Ronald Raulefs,et al.  Recent Advances in Indoor Localization: A Survey on Theoretical Approaches and Applications , 2017, IEEE Communications Surveys & Tutorials.

[95]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[96]  David Evans,et al.  Two Halves Make a Whole - Reducing Data Transfer in Garbled Circuits Using Half Gates , 2015, EUROCRYPT.

[97]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[98]  Nikos Pelekis,et al.  Privacy-Preserving Indoor Localization on Smartphones , 2015, IEEE Transactions on Knowledge and Data Engineering.

[99]  Yan Huang,et al.  Privacy-Preserving Applications on Smartphones , 2011, HotSec.

[100]  Zheng Yang,et al.  Faster Privacy-Preserving Location Proximity Schemes , 2018, IACR Cryptol. ePrint Arch..

[101]  C. Rizos,et al.  Method for yielding a database of location fingerprints in WLAN , 2005 .