Differentially Private Billing with Rebates

A number of established and novel business models are based on fine grained billing, including pay-per-view, mobile messaging, voice calls, payas-you-drive insurance, smart metering for utility provision, private computing clouds and hosted services. These models apply fine-grained tariffs dependent on time-of-use or place of-use to readings to compute a bill. We extend previously proposed billing protocols to strengthen their privacy in two key ways. First, we study the monetary amount a customer should add to their bill in order to provably hide their activities, within the differential privacy framework. Second, we propose a cryptographic protocol for oblivious billing that ensures any additional expenditure, aimed at protecting privacy, can be tracked and reclaimed in the future, thus minimising its cost. Our proposals can be used together or separately and are backed by provable guarantees of security.

[1]  Fabrice Boudot,et al.  Efficient Proofs that a Committed Number Lies in an Interval , 2000, EUROCRYPT.

[2]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[3]  George Danezis,et al.  Privacy-preserving smart metering , 2011, ISSE.

[4]  J. Camenisch,et al.  Proof systems for general statements about discrete logarithms , 1997 .

[5]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[6]  Juan Rodriguez-Rosell,et al.  Proceedings of the fifth ACM symposium on Operating systems principles , 1975 .

[7]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[8]  Ross J. Anderson,et al.  On the Security Economics of Electricity Metering , 2010, WEIS.

[9]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[10]  George Danezis,et al.  Privacy-preserving smart metering , 2011, WPES '11.

[11]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[12]  Ralf Küsters,et al.  Simulation-based security with inexhaustible interactive Turing machines , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[13]  Cynthia Dwork,et al.  Differential privacy in new settings , 2010, SODA '10.

[14]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[15]  Christoph Sorge,et al.  A Privacy Model for Smart Metering , 2010, 2010 IEEE International Conference on Communications Workshops.

[16]  Tatsuaki Okamoto,et al.  An Efficient Divisible Electronic Cash Scheme , 1995, CRYPTO.

[17]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[18]  Jan Camenisch,et al.  A Signature Scheme with Efficient Protocols , 2002, SCN.

[19]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[20]  Tim Roughgarden,et al.  Universally utility-maximizing privacy mechanisms , 2008, STOC '09.

[21]  Birgit Pfitzmann,et al.  The reactive simulatability (RSIM) framework for asynchronous systems , 2007, Inf. Comput..

[22]  B LipnerSteven A comment on the confinement problem , 1975 .

[23]  Steven B. Lipner,et al.  A comment on the confinement problem , 1975, SOSP.

[24]  Cynthia Dwork,et al.  Privacy, accuracy, and consistency too: a holistic solution to contingency table release , 2007, PODS.

[25]  Prashant J. Shenoy,et al.  Private memoirs of a smart meter , 2010, BuildSys '10.

[26]  Carmela Troncoso,et al.  PrETP: Privacy-Preserving Electronic Toll Pricing , 2010, USENIX Security Symposium.