An Efficient and Secure Location-based Alert Protocol using Searchable Encryption and Huffman Codes

Location data are widely used in mobile apps, ranging from location-based recommendations, to social media and navigation. A specific type of interaction is that of location-based alerts, where mobile users subscribe to a service provider (SP) in order to be notified when a certain event occurs nearby. Consider, for instance, the ongoing COVID-19 pandemic, where contact tracing has been singled out as an effective means to control the virus spread. Users wish to be notified if they came in proximity to an infected individual. However, serious privacy concerns arise if the users share their location history with the SP in plaintext. To address privacy, recent work proposed several protocols that can securely implement location-based alerts. The users upload their encrypted locations to the SP, and the evaluation of location predicates is done directly on ciphertexts. When a certain individual is reported as infected, all matching ciphertexts are found (e.g., according to a predicate such as “10 feet proximity to any of the locations visited by the infected patient in the last week”), and the corresponding users notified. However, there are significant performance issues associated with existing protocols. The underlying searchable encryption primitives required to perform the matching on ciphertexts are expensive, and without a proper encoding of locations and search predicates, the performance can degrade a lot. In this paper, we propose a novel method for variable-length location encoding based on Huffman codes. By controlling the length required to represent encrypted locations and the corresponding matching predicates, we are able to significantly speed up performance. We provide a theoretical analysis of the gain achieved by using Huffman codes, and we show through extensive experiments that the improvement compared with fixed-length encoding methods is substantial. © 2021 Copyright held by the owner/author(s).

[1]  Brent Waters,et al.  Fully Collusion Resistant Traitor Tracing with Short Ciphertexts and Private Keys , 2006, EUROCRYPT.

[2]  Elisa Bertino,et al.  PROBE: An Obfuscation System for the Protection of Sensitive Location Information in LBS , 2008 .

[3]  Cyrus Shahabi,et al.  Enhancing the Performance of Spatial Queries on Encrypted Data Through Graph Embedding , 2020, DBSec.

[4]  Vincenzo Iovino,et al.  Private-Key Hidden Vector Encryption with Key Confidentiality , 2009, CANS.

[5]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[6]  Marco Gruteser,et al.  Protecting privacy, in continuous location-tracking applications , 2004, IEEE Security & Privacy Magazine.

[7]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[8]  Michael Buro,et al.  On the Maximum Length of Huffman Codes , 1993, Inf. Process. Lett..

[9]  Ramanujan’s asymptotic expansion for the harmonic numbers , 2015 .

[10]  Gabriel Ghinita,et al.  An efficient privacy-preserving system for monitoring mobile users: making searchable encryption practical , 2014, CODASPY '14.

[11]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[12]  Tetsuji Satoh,et al.  An anonymous communication technique using dummies for location-based services , 2005, ICPS '05. Proceedings. International Conference on Pervasive Services, 2005..

[13]  Ling Liu,et al.  Location Privacy in Mobile Systems: A Personalized Anonymization Model , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[14]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[15]  Jun Li,et al.  Privacy Preservation in Location-Based Services: A Novel Metric and Attack Model , 2018, IEEE Transactions on Mobile Computing.

[16]  Cyrus Shahabi,et al.  A Privacy-Preserving, Accountable and Spam-Resilient Geo-Marketplace , 2019, SIGSPATIAL/GIS.

[17]  S. Subramanian,et al.  Genetic algorithm for embedding a complete graph in a hypercube with a VLSI application , 1994, Microprocess. Microprogramming.

[18]  Tahani Almanie,et al.  Crime Prediction Based On Crime Types And Using Spatial And Temporal Criminal Hotspots , 2015, ArXiv.

[19]  Chi-Yin Chow,et al.  Enabling Private Continuous Queries for Revealed User Locations , 2007, SSTD.

[20]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[21]  Dongxi Liu,et al.  Result Pattern Hiding Searchable Encryption for Conjunctive Queries , 2018, CCS.

[22]  Kyriakos Mouratidis,et al.  Preventing Location-Based Identity Inference in Anonymous Spatial Queries , 2007, IEEE Transactions on Knowledge and Data Engineering.

[23]  Marco Gruteser,et al.  USENIX Association , 1992 .

[24]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.