researcharticle a hybrid location privacy solution for...

Research ArticleA Hybrid Location Privacy Solution for Mobile LBS

Ruchika Gupta and Udai Pratap Rao

Department of Computer Engineering National Institute of Technology Surat Gujarat 395007 India

Correspondence should be addressed to Ruchika Gupta rgupt009gmailcom

Received 9 December 2016 Revised 2 March 2017 Accepted 8 March 2017 Published 18 June 2017

Academic Editor Jaegeol Yim

Copyright copy 2017 Ruchika Gupta and Udai Pratap Rao This is an open access article distributed under the Creative CommonsAttribution License which permits unrestricted use distribution and reproduction in any medium provided the original work isproperly cited

The prevalent usage of location based services where getting any service is solely based on the userrsquos current location has raisedan extreme concern over location privacy of the user Generalized approaches dealing with location privacy referred to as cloakingand obfuscation are mainly based on a trusted third party in which all the data remain available at a central server and thuscomplete knowledge of the query exists at the central node This is the major limitation of such approaches on the other hand intrusted third-party-free framework clients collaborate with each other and freely communicate with the service provider withoutany third-party involvement Measuring and evaluating trust among peers is a crucial aspect in trusted third-party-free frameworkThis paper exploits the merits and mitigating the shortcomings of both of these approaches We propose a hybrid solution HYBto achieve location privacy for the mobile users who use location services frequently The proposed HYB scheme is based on thecollaborative preprocessing of location data and utilizes the benefits of homomorphic encryption technique Location privacy isachieved at two levels namely at the proximity level and at distant level The proposed HYB solution preserves the userrsquos locationprivacy effectively under specific pull-based sporadic query scenario

1 Introduction

The intense development of location detection empowereddevices and escalated availability of wireless interconnec-tions almost everywhere results in emerging location basedapplications In Location Based Services (LBS) we inclineto use positioning technology to register mobile locationmovement There are quite a lot of abstract approaches andreal implementations of systems to resolve the place of a cellphone The most outstanding example of such a positioningsystem is the GPS [1 2] Although LBS offer major openingsfor a large variety of markets and remarkable convenienceto the end user it also presents subtle privacy attacks at thesame time Privacy of the system is threatened due to therequirement of the current location of the user in order toprovide related services

As per the connotation LBS (ie services based onlocation) needs userrsquos exact location coordinates to supplyaccurate service support to the user Centralized architectureand decentralized architecture also referred to as trusted

third party (TTP) based and TTP-free architectures respec-tively are two basic frameworks existing to preserve locationprivacy of the user in LBS An adversary with the adequateaccessibility to userrsquos data may use the location informationfor a particular motive and may also keep it to perform thelinkages with publicly available data for detailed profilingof the user [3] LBS may also use such data for businesspromotions through advertising The series of submittedlocation with query from a specific place can disclose toomuch about a person The scenario can become extremelyunpleasant if the adversary gets access to the userrsquos sequenceof location data with attached timestamps For example firstvisit of Alice to an attorneyrsquos office speaks less about herbut few days later her subsequent visit to the court revealsaltogether a different story Location revelation by Alice toLBS provider discloses some extremely private affairs ofher life through inference attacks which were not apparentotherwise [4]

The query ldquoFind my nearest attorneyrsquos officerdquo by Alicecan directly be answered by a location server such as Google

HindawiMobile Information SystemsVolume 2017 Article ID 2189646 11 pageshttpsdoiorg10115520172189646

2 Mobile Information Systems

Enc (Xc Yc) D1 D2 Dk

R1 R2 Rk

D1

D2

Dk

middot middot middotird party

⟨Top K candidate results

Location Based ServiceProvider

Top

k re

leva

nt re

sults

For K users

Ad hoc congregationBase station transmission rangeMobile user under base station range

⟨Bc Qs K⟩

(D1 D2 Dk)⟩

⟨Enc (Xc Yc) Bc Qs K⟩

⟨R1 R2 Rk⟩

Figure 1 System model

maps bing maps and map quest but the connection tothese servers are not trusted Therefore instead in orderto protect privacy Alice sends her query via a TTP (alsocalled anonymizer) that strips off her identification infor-mation generates the blurred location data and mediatesthe communication between her and LBS provider [5 6]However the query submitted by Alice to TTP still hasher actual location coordinates hence malicious user havingcontrol over TTP can have complete information about theuser Thus it is always risky to use TTP based frameworkto connect to the LBS server Trusting the third party is theprime downside of the TTP based mechanisms If a user cantrust a third party for small functionality then why not theservice provider for bigger benefits can always be arguedIn distributed peer approach mobile clients are equippedto connect with other mobile users as and when requiredThe development of distributed wireless communicationtechnologies such as WLAN IEEE 80211 Bluetooth IEEE802151 and ZigBee (for low energy devices) IEEE 802154-based specifications combinedwith the propelled computingpotential and memory capacity of todayrsquos mobile devicesbecomeuseful to bring privacy preserving benefits to the userThis way the need to rely solely on the connection to theserver is eliminated In TTP-free architecture all functionsare supposed to be carried out at the userrsquos handheld and thusmake the communication heavier andmore time consumingEfficiency of decentralized architecture also depends uponthe computing capability of used mobile device Howeverpeersrsquo trust measure and evaluation is another big concern

Figure 1 presents the proposed architecture of hybridmodel Here it is presumed that there are a substantialnumber of mobile users carrying handheld devices such ascell phones PDAs or the like which are equipped with posi-tioning capabilities and use location services frequently Thehandhelds have computation power processing potentialmemory and required access to the wireless network All theusers are in the transmission range of the base station (orbeacon node)

In the proposed hybridmodel we suggest that themobileuser querying LBS first forms an ad hoc congregation withother users exploiting the well-established principle of K-anonymity Once the congregation is formed centroid is

calculated in such a way that participating usersrsquo locationsare not revealed The centroid coordinates are then securedusing encryption and sent to the third party (TP) Query (Q)includes secured location coordinates nearest base stationinformation anonymity parameter K and the query stringTP strips off the encrypted data and without performing anychanges forwards the rest of the query to the service providerService provider sends topKmost relevant candidate resultset (with reference to the beacon node) back to TP TP thenprocesses the inputs performs homomorphic operation andsends the result back to the congregationThe proposed HYBsolution works well for specific queries in which queries aremore personalized to the user specific needs

Location queries can be categorized as generalized orspecific queries A generalized query can also be viewed asa general public query that fulfills the mass requirementwhereas specific query is the one that satisfies individualrsquosneed ldquoFind my nearest retail banking branch of SBI Bankrdquois the example of specific query while ldquoFind my nearestbankrdquo is the example of generalized query In our work itis assumed that user uses the location services to retrievespecific information The novelty of the proposed hybridsolution is that it exploits the merits of TP and peer groupformation without trusting TP as coordinates are kept privateby securing them using encryption Neither query issuer norTP is aware about the exact locations of themembers involvedyet it communicates the required resultsThe rest of the paperis organized as follows Section 2 highlights the related workSections 3 and 4 exhibit the proposed congregation modeland homomorphic encryption technique respectively Theproposed HYB solution is described in Section 5 Section 6presents performance metrics of HYB solution Finally Sec-tion 7 concludes the paper

2 Related Work

A survey of literature in the field of location privacypertaining to LBS has brought forth several frameworksarchitectures algorithms and techniques given by numer-ous researchers and practitioners Broadly existing defensemechanisms are based on either of the two architectures (1)

Mobile Information Systems 3

Anonymizer

Anonymized query

Query result

LBS

Actual query

Actual result

Anonymoususer Secure channel Insecure channel

DatabaseLocation value

(a) TTP based

Query result

Location value

Requested query

LBSMobile user

Database

(b) TTP-free

Figure 2 Existing frameworks

BC

E

D

Ad hoc group formation

AOriginal user Randomly selected as agent

LBS provider

Database

Sends query lsquolsquoqrsquorsquo

Forwards lsquolsquoqrsquorsquo to LBS provider

Figure 3 An instance of peer-to-peer spatial cloaking

centralized architecture or (2) decentralized architecture Thesetup of these architectures is shown in Figure 2

In centralized architecture TTP acts as a proxy for servicerequests and responses between the user and service providerThe greater part of the previous work relies on TTP thatmediates user and LBS server [6 7] Location anonymity isvastly discussed by [8 9] in the TTP based architecture Thetechnique is based on hiding the position data before passingthem to the LBS provider K-anonymity operates by hidingthe position of the end user within a set of K membersAnonymizer includes additional K minus 1 users and forwardsthe anonymized query to LBS provider It is now difficult forthe LBS provider to distinguish the correct user from a set ofK anonymous users Following are fewmajor constraints dueto which TTP based methodologies are losing their ubiquity(a) The centralized trusted third party can be the systembottleneck (b) single point of failure is present (c) a seriousprivacy threat can occur if the third party is attacked by anadversary and (d) trusting TP is an absolute vulnerability tothe user privacy Existing cloaking mechanisms are unable tosuccessfully ensure the userrsquos location privacy in a continuouslocation query scenario (eg on the fly route assistance) andcan deduce the real location of the client by performingtrajectory attacks and dummy continual queries attack [1011] Authors in [12ndash15] suggest diverse new ideas of usingmix zones to mitigate trajectory inference and other attacksHowever it is acceptable but not sufficient to use onlytechnical solutions

Decentralized architectures on the other hand do notconsider any intermediate party between users and serviceprovider [16] The first very basic method proposed to pre-serve location privacy is through the use of privacy policies[17] Due the presence of hidden clauses and unsaid policiesthis method could not serve the objective of user privacyefficiently for long and as LBS users grew drastically over theyears there was a need to have a better and foolproof mecha-nism Authors in [18 19] propose the idea of distributed peer-to-peer communication among mobile users that can freelytalk to each other In this framework dependence on the thirdparty is eliminated and mobile users are allowed to form anad hoc network out of which one mobile client is randomlyselected as the agent to carry out the communication betweenquerier and LBS server [16] First in the query issuer letuser A (refer to Figure 3) glance around and discover therest of the collaborators to collaborate as a group The fourgroup members are the mobile users B C D and E outof them D is randomly chosen as an agent to mediate thecommunication Trust among peers plays a profound role insuch mechanisms Evaluation and quantification of trust isanother big challenge

Another TTP-free approach given by [20] proposes atechnique to preserve privacy using the concept of geoindis-tinguishability by adding Laplace noise to the userrsquos Cartesiancoordinates The main objective is to protect issuerrsquos locationinformation while forwarding the aggregate data about theuserrsquos area Differential privacy works on the principle that


G

k = 3

MU1 user issuing request

MU1

MU2

MU3

Figure 4 Microaggregation illustration

modifying one record should have a negligible impact onthe outcome of the query The basic privacy enhancing tech-niques are first discussed in [21] which protects userrsquos privacyby reducing personal identifiable information without anycompromise in systemrsquos functionality Client side obfuscationis also used in which location is repositioned by a randomdistance and angle of rotation at userrsquos end [22] The primeshortcomingwith such approaches is that different users havedifferent privacy requirement and utility thresholds PrivateInformation Retrieval (PIR) techniques are also proposed tosafeguard the sensitive information like location of the user[23 24] These solutions have always been very expensive interms of operationsrsquo computation time communication costand resources needed [25] Author in [26] first proposed thedistributed concept for achieving location privacy in LBS Inthis microaggregation based scheme the major standard ofthe methodology is to find out the centroid of at least Kperturbed user locations by including zero-mean Gaussiannoise and send directly to the LBS database server as shownin Figure 4 The principle issue with [26] is that the centroidof locations with zero-mean Gaussian noise perturbation canbe used to deduce the real location if the centroid procedureis repeated several times with the locations of static users Toprevent this problem authors [27] use a protocol based onprivacy homomorphism to ensure that centroid is computedwithout any knowledge of the real location of the user Laterthe similar concept of public key privacy homomorphismis proposed by [28] to achieve location privacy This is aTTP-free approach in which locations are encrypted underLBS public key and LBS later decrypts them and dividesthe outcome by the number of users involved to computecentroid Location decryption by LBS makes this schemeweak and vulnerable to attacks

The proposed HYB model is dissimilar to theseapproaches in a way that our solution exploits the meritsof both the approaches (TTP based and TTP-free) withoutdisclosing real location of the user anywhere throughout thecommunication As of our knowledge the proposed HYB

model is the first of its kind that preserves the userrsquos locationprivacy at two levels namely at proximity level whileforming congregation and at distant level while sendingencrypted locations to TP and TP performs computationover encrypted input values thereafter

3 Congregation Model

The model suggests that the query issuer congregates withother K minus 1 users as a group and computes the aggregatewithout knowing the exact locations of the peers The mobileuser mu first broadcasts a congregatemessage to neighboringnodes and shows the intent to use location service Uponreceiving the congregate message willing neighboring nodessend acknowledgment and an ad hoc congregation is formed

Figure 5 presents the congregation model used in oursystem model The mobile user A considers to be the queryissuer node the one who wants to use location relatedservices In order to keep the actual location coordinatesunknown to others locations are perturbed by adding arandom split to the actual locations Whole protocol goes asfollows

Protocol 1 (collaborative congregation)

(1) The mobile user mu (the query issuer) adds therandom noise to her actual location coordinate (119909 119910)and generates a tweaked version of the real locationgiven as

(1199091015840 1199101015840) = (119909 + 120575119909 119910 + 120575119910) (1)

(2) mu broadcasts a congregate message to all neighbor-ing nodes using her tweaked location coordinates toform an ad hoc congregation ∁

(3) Willing nodes acknowledge and mu selectsK neigh-bors to form ∁ If lesser than K neighbors acknowl-edge step (2) is repeated until required ∁ is formed


F

G

Ad hoc congregation

AQuery issuer

Congregate message

Random secret split

B

C

D

E

Secret split distribution

Figure 5 An instance of ad hoc congregation

which satisfies K If K requirement is not fulfilledwithin a period of Δ119905 abort and reinitiate the processafterT time intervalThe paucity of enough K users may introduceunnecessary delay in the queryTherefore it becomescritical to choose an appropriate value of K Forinstance why would a user feel protected forK = 10but not the same when K = 9 In many cases K isdemographic dependent as specifying a larger K isacceptable for highly populated area but choosing thesameK value in a deserted area can cause delay in therequested service

(4) mu randomly selects a node as congregation executor119864∁The responsibility of119864∁119894 is to facilitate the commu-nication for a congregation ∁119894

(5) Now 119864∁ chooses and splits two sufficiently largerandom shares S119909 and S119910 such that

S119909 = S1119909 + S2119909 + sdot sdot sdot + SK119909

S119910 = S1119910 + S2119910 + sdot sdot sdot + SK119910(2)

Splits are generated in such a way that

sum119894isin∁119894=1 toK

S119894119909 = 0

sum119894isin∁119894=1 toK

S119894119910 = 0(3)

(6) 119864∁ sends splits to all the members of ∁

(7) Upon receiving the split each neighbor (includingmu) computes a new location (119909119901 119910119901) by adding thereceived split value to their actual location coordi-nates and send them back to 119864∁

(119909119901 119910119901) = (119909119894 + S119894119909 119910119894 + S119894119910) (4)

(8) 119864∁ computes the centroid of ∁ defined as

119883∁ = sum119894=1 toK

119909119901119894K

119884∁ = sum119894=1 toK

119910119901119894K

(5)

(9) 119864∁ passes the centroid (119883∁ 119884∁) to mu and leaves ∁

In Figure 5 node A is the query issuer while nodes BC D E F and G are the peer members of ∁ Node D israndomly selected as 119864∁ andK = 6 is assumed

Protocol 2 (∁ to TP communication)

(a) mu encrypts (119883∁ 119884∁) by her own public key (pk) andgets the encrypted valueE(119883∁ 119884∁)

(b) mu generates the query describes as

Q ⟨E (119883∁ 119884∁) BS∁K rdquospecific search stringrdquo⟩ (6)

whereBS∁ is the identifier of the base station underwhich umbrella ∁ is formed and K is the anonymityparameter specified by mu


4 Homomorphic Encryption

An efficient and straightforward remedy to preserve userprivacy in location (or any cloud based) services is to encryptthe information before sending to the service providerNonetheless this straightforward arrangement has a criticaldownside in that if the information is scrambled utilizing aroutine encryption method the service provider (or cloud)can not process the information without decrypting it firstObviously sharing the secret decryption key with serviceprovider again puts the same problem of privacy at stake

In order to eliminate the mentioned problem of userprivacy a homomorphic encryption technique is used thatpermits some calculation to be performed specifically onencrypted information without any decryption [29]

Broadly homomorphic encryption can be defined asfollows Suppose P represents the plain texts set C repre-sents corresponding set of cipher texts and ENC denotesgiven encryption function the cryptosystem is said to behomomorphic if it satisfies

ENC (1199011⊙P1199012) larr997888 ENC (1199011) ⊙CENC (1199012)

forall1199011 1199012 isin P(7)

where ⊙P in P and ⊙C in C are some operators Wecall such disposition an additive homomorphism if we useaddition operators and a multiplicative homomorphism if weuse multiplication operators

Homomorphism supports both types of encryptionscheme a symmetric key encryption and an asymmetric keyencryption There are three key elements required to specifya public key (or asymmetric) cryptosystem an encryptionalgorithm ENCpk a decryption algorithm DECsk and akey-pair generator algorithm that produces the public keyand secret key (or private key) pair The ENCpk algorithmtakes the plain text and produces the encrypted text usingpublic key pk The output of ENCpk becomes input forDECsk algorithm and encrypted text decrypts using thesecret key sk Homomorphic encryption permits calculationsto be done on encrypted data (or cipher text) The computa-tions are done in such away that result when decrypted (usingsk) matches the results of operations performed on the plaintext

Our proposed hybrid model takes the advantage ofthe homomorphic encryption property which allows theoperations to be performed over encrypted data withoutdecrypting it Unlike existing addition and multiplicationoperations over encrypted data we suggest difference (or sub-traction) operation over encrypted data However existingcryptosystem that supports additive homomorphism [30 31]is used to perform the proposed operation

5 Proposed Hybrid Model

Hybrid model is built upon the concept of collaborativecongregation and use of third party to mediate the resultsin a more effective way The hybrid scheme appears to becentralized (due to TP) yet decentralized as no user locationsare disclosed even to TP during entire communication TP is

used to provide computational support thatmakes the overallcommunication faster and efficient

Following are the phases of our proposed scheme

Phase 1 (ad hoc congregation ∁) Mobile user mu who wantsto avail the location service first broadcasts a congregatemessage to neighbors until required K users respond Thisphase ends with a formation of ∁ and a computed pair of(119883∁ 119884∁) at mu as per Protocol 1 of Section 3 mu encrypts thecentroid coordinates (119883∁ 119884∁) with her own public key (pk)and forwards the queryQ to TP as per Protocol 2 of Section 3

Phase 2 (communication from TP to LBS and back) OnceTP receives Q it strips offE(119883∁ 119884∁) and forwards remainingQ to LBS provider According to 119861119878∁ relevance LBS look intothe assisted database and returns top K candidate results tothe TP given as

CR ⟨(1199091 1199101) (1199092 1199102) (119909119896 119910119896)⟩ (8)

where CR represents the candidate result

Phase 3 (TP computation) TP preprocesses the data bymultiplying all the items of candidate result set by a constant(minus1) and encrypts this modified CR by mursquos public key

E (CR)

⟨Epk (1199091 1199101) Epk (1199092 1199102) Epk (119909119896 119910119896)⟩ (9)

TP now has encrypted centroid coordinates E(119883∁ 119884∁)and encrypted set of candidate results E(CR) The motiveis to find the distance between the target point (centroidhere) and the relevant points sent by the LBS provider sothat the proximity of two can be measured An additivehomomorphic encryption is then applied to (119883∁ 119884∁) and eachitem of encrypted candidate result set separately given as

E (119883∁ 119884∁) sdot Epk (1199091 1199101) = E ((119883∁ 119884∁) + (1199091 1199101))

E (119883∁ 119884∁) sdot Epk (1199092 1199102) = E ((119883∁ 119884∁) + (1199092 1199102))

E (119883∁ 119884∁) sdot Epk (119909119896 119910119896) = E ((119883∁ 119884∁) + (119909119896 119910119896))

(10)

TP forwards the encrypted results and CR (in plain text)to mu The purpose of having TP between mu and LBS isto perform certain computation such that the informationretrieval becomes faster and relevant that too without losingany location privacy

Phase 4 (decryption at mu) Themu hasK encrypted valuesthat can be viewed as the distances between the encryptedcoordinates sent by ∁ and the candidate result points sentby the LBS provider mu deciphers them using her ownsecret key (sk) Let decryption gives the set of distances DClearly the minimum min(D) among all distance values isthemost relevant resultmu keeps the corresponding location


(1) Function Communication using Hybrid System Model(2) Phase 1 Ad hoc Congregation ∁(3) Let mobile user ldquo119898119906rdquo starts the query andK represents

the number of users required to form ∁(4) Let S be the set to count numbers of neighbors responded(5) Initially ∁(K) = 0 S = 0 119894 = 0(6) Let 119898119906rsquos actual location coordinates = (119909 119910)(7) (1199091015840 1199101015840) = (119909 + 120575119909 119910 + 120575119910)(8) while (119894 le K) do(9) 119898119906 broadcasts a CONGREGATE message to

neighbors(10) Let S users acknowledge 119898119906(11) 119894 = |S|(12) ∁(K) = ∁(K) cup 119899119900119889119890119904 119894119899 119878(13) 119894 = 119894 + |S|(14) return ∁(K) congregation formed(15) end(16) mu chooses a random node as congregation executor 119864∁

119864∁ isin ∁(K)(17) CALL Secret_Split_Function(18) Let set 119883119901(K) and 119884119901(K) holds the perturbed locations

received after secret splitting(19) CALL Centroid_Function(20) 119864∁ forwards 119883∁ 119884∁ to mu and leaves ∁(21) mu generates (pk sk) pair(22) Epk(119883∁ 119884∁) encrypted points(23) Phase 3 Computation performed at TP(24) (119883119871 119884119871) = CALL TP_Computation-I(25) Epk(119883119871 119884119871) Encryption using mursquos pk(26) CALL TP_Computation-II(27) Phase 4 Decryption at mu(28)Dsk((119883∁ + 119883119871) (119884∁ + 119884119871)) Decryption using mursquos sk(29) Let 119883119863 119884119863 be the set of distance difference received on

decryption(30) CALL Min_dist (119883119863 119884119863)(31) Broadcast Results to all members of ∁

Algorithm 1 HYB solution

coordinate against min(D) and sends remaining results to allthe members of ∁

Considerations and Assumptions

(a) The utilized mobile devices are Location Based Ser-vices enabled and have the ability to determine theirapproximate location

(b) The TP possess required computation power andprocessing potential

(c) Location queries are sporadic pull-based and specificin nature

(d) Generation of ⟨Public-Private⟩ key pair at mu isimplicit

Algorithm Description The algorithm HYB solution givespseudocode for the overall communication of our proposedhybrid system model A congregation is formed (lines(7)ndash(15) in Algorithm 1) a pair of coordinates are computed

(lines (16)ndash(19) in Algorithm 1) and the encryption isperformed (lines (21)ndash(23) in Algorithm 1) over computedcoordinates during Phase 1 of HYB solution Phase 2 fetchesthe candidate result from LBS to TP In Phase 3 candidateresult is first modified (line (24) in Algorithm 1) and thenencrypted (line (25) in Algorithm 1) before applying homo-morphic operation (line (26) in Algorithm 1) over encryptedinputs Decryption is performed in Phase 4 (line (28) inAlgorithm 1) and the minimum is calculated (line (30) inAlgorithm 1) to get optimum result Algorithms 2 3 4 5 and6 give the pseudocodes for the suboperations splitting therandom secret centroid computation input preprocessinghomomorphic encryption and finding minimum value fromthe result set respectively

6 Empirical Evaluation

We develop the simulation scenario and implemented thesame in Java We run it on an Intel Core 320GHz machinewith 4GB of RAM running Linux OS We experimented the


(1) Function Secret Splitting Sharing(2) 119864∁ chooses and split sufficiently large two random shares

S119909 and S119910 stsum

119894isin∁119894=1 toKS119894119909 = 0 sum

119894isin∁119894=1 toKS119894119910 = 0

(3) 119864∁ sends separate split values to every node isin ∁(K)(4) foreach node isin ∁(K) do(5) for 119894 = 1 119894iexcl=K 119894 + + do(6) (119909119901 119910119901) = (119909119894 + S119894119909 119910119894 + S119894119910)(7) end(8) return (119909119901 119910119901)(9) end

Algorithm 2 Secret_Split_Function

(1) Function Centroid Computation(2) foreach 119909 isin 119883119901(K) and 119910 isin 119884119901(K) do(3) 119894 = 1 119879119890119898119901119909 = 119879119890119898119901119910 = 0(4) while 119894 lt= K do(5) 119879119890119898119901119909 = 119879119890119898119901119909 + 119909119894(6) 119879119890119898119901119910 = 119879119890119898119901119910 + 119910119894(7) 119894 + +(8) end

(9) 119883∁ =119879119890119898119901119909K

119884∁ =119879119890119898119901119910K

(10) return (119883∁ 119884∁)(11) end

Algorithm 3 Centroid_Function

(1) Function Coordinate Pre-processing(2) Let set 119883119897(K) and 119884119897(K) be the points provided by LBS(3) Let set 1198831015840119897 and 1198841015840119897 be the points modified by TP(4) Initially 119894 = 0 1198831015840119897 = 1198841015840119897 = 0(5) foreach 119909 isin 119883119897(K) and 119910 isin 119884119897(K) do(6) while 119894 le K do(7) 1199091015840119894 = (minus1) lowast 119909119894 1199101015840119894 = (minus1) lowast 119910119894(8) 119894 + +(9) end(10) 1198831015840119897 = 1198831015840119897 cup 1199091015840119894 119884

1015840119897 = 1198841015840119897 cup 1199101015840119894

(11) end(12) return (1198831015840119897 119884

1015840119897 )

Algorithm 4 TP_Computation-I

(1) Function Computing point differnce(2) input 119883∁ 119884∁ and 119883119871 119884119871(3) Apply Paillier Homomorphic Encryption(4) return ((119883∁ + 119883119871) (119884∁ + 119884119871))

Algorithm 5 TP_Computation-II

(1) Function Finding location with minimum distance(2) Let MIN represents the minimum element of the list

119894 = 2 foreach element of119883119863 119884119863 do(3) (1198831 1198841) = MIN while 119894 lt= K do(4) if (119883119894 119884119894) lt MIN then(5) MIN = (119883119894 119884119894)(6) 119894 + +(7) end(8) else(9) 119894 + +(10) end(11) end(12) returnMIN(13) end

Algorithm 6 Min_Dist

Table 1 Parameters used with description

Parameter Description Values used

K Anonymity parameter 1 5 10 20 40100 150 200

N Key size (in bits) 512 1024 20484096

Review period Time interval between twoconsecutive runs of the algorithm 90 s

Total run countNumber of times the algorithmruns for a particular combinationof parameters used

100

Input size Size of an input item 4KB

performance with different variations in anonymity parame-ter and key size Performance metrics is measured in averagecomputation time taken by the processes

61 Parameters Description Results are evaluated for dif-ferent values of parameters Table 1 highlights the briefdescription of the parameters used

62 Anonymity Parameter and Key Size Impact over TPComputation-II The first experiment explores the impact ofanonymity parameter with different key sizes over the perfor-mance of the system in terms of the computation time Thealgorithm TP Computation-II computes the homomorphicencryption

Analysis Figure 6 shows the average time taken by TP toperform operations over encrypted data It can be seenthat time taken is very less (less than a second) for thosecombinations where key size (N) andK are low As wemoveleft to right through 119909-axis in the graph the time increasesbeyond acceptable threshold andmakes the framework costlyin terms of time for higher values ofN andK


050

100150200250300350400450500550600

Aver

age c

ompu

tatio

n tim

e (in

sec)

0 1024 2048 4096512풩

= 1or 풦f= 5or 풦f= 10or 풦f= 20or 풦f


Figure 6 Anonymity parameter and key size impact over TPComputation-I

0 1024 2048 40960

100200300400500600700800900

100011001200

Aver

age c

ompu

tatio

n tim

e (in

sec)

512풩



Figure 7 Anonymity parameter and key size impact over decryp-tion

63 Anonymity Parameter and Key Size Impact over Decryp-tion Computation at mu This evaluation shows the timetaken to decrypt the encrypted results Decryption is per-formed using mursquos secret key which is secure and not sharedwith any other party

Analysis Figure 7 shows the average computation time fordecryption The effect of K and N is more or less similar

Min-DistCentroid_FunctionTP Computation-I

10 50 100 2000 150풦

0

50

100

150

200

250

300

350

400

450

Aver

age c

ompu

tatio

n tim

e (in

ms)

Figure 8 Miscellaneous computation time dependence overanonymity parameterK

as in the case discussed before It is clear that computationtime is lesser for smallerK andN values on the other handcomputation cost becomes exorbitantly expensive for higherKN values combination

64 Effect of Size of ∁ over Miscellaneous Computation Min-Dist is used to calculate the minimum among all the valuesreceived after decryption TP Computation-I preprocessesthe input and Centroid Function computes the centroid oflocations These processes also contribute to the overall timeof HYB solution

Analysis Figure 8 shows that for lower K values thecomputation time is lower However time taken for higherK(150 and 200) is much lesser compared to the time taken byTP Computation-II and becomes less significant when addedto the overall computation cost

The value of K specified by the mobile user mu and thekey size used for encryption impacts the overall computationtime to a large extent The balanced combination of thesetwo parameters produces the optimum results Moreover thepublic key encryption enabled the secure communication asno key distribution is now needed As the location data isencrypted under mursquos public key and decryption takes placeatmuwith the secret key she has it makes the overall solutionsecure and reliable

7 Conclusion

This paper first addressed the issues in TTP based andTTP-free frameworks and presented a hybrid solution thatmakes effective use of the advantages both the approachespossess to preserve location privacy of the user throughcongregation and homomorphic encryption The novelty of


the proposedHYB solution lies in the fact that involvement ofthird party is introduced to perform computations only andTP has no knowledge of the userrsquos real location A congre-gation scheme is also suggested that helps the mobile user tocompute centroid of all the users involved that too withoutknowing anyonersquos actual location Homomorphic encryptiontechnique is used with a modified input data in order totake most out of it We have analyzed the performance ofour model for various key sizes and for different values ofanonymity parameter Our scheme works well when keysize and anonymity parameter are in a certain range Theproposed HYB model preserves the userrsquos location privacyat two levels namely at proximity level while formingcongregation and at distant level while sending encryptedlocation to TP

Conflicts of Interest

The authors declare that there are no conflicts of interestregarding the publication of this paper

References

[1] D Wells N Beck A Kleusberg et al Guide to GPS PositioningCanadian GPS Associates New Brunswick Canada 1987

[2] A Jafarnia-Jahromi A Broumandan J Nielsen andG Lachap-elle ldquoGPS vulnerability to spoofing threats and a review of anti-spoofing techniquesrdquo International Journal of Navigation andObservation vol 2012 Article ID 127072 2012

[3] M F Mokbel ldquoPrivacy in location-based services state-of-the-art and research directionsrdquo in Proceedings of the 8thInternational Conference on Mobile Data Management (MDMrsquo07) p 228 IEEE Mannheim Germany May 2007

[4] J Krumm ldquoInference attacks on location tracksrdquo in PervasiveComputing pp 127ndash143 Springer Berlin Germany 2007

[5] D Song and K Park ldquoA privacy-preserving location-basedsystem for continuous spatial queriesrdquo Mobile InformationSystems vol 2016 Article ID 6182769 9 pages 2016

[6] P Kalnis G Ghinita K Mouratidis and D Papadias ldquoPre-venting location-based identity inference in anonymous spatialqueriesrdquo IEEE Transactions on Knowledge and Data Engineer-ing vol 19 no 12 pp 1719ndash1733 2007

[7] M F Mokbel C-Y Chow and W G Aref ldquoThe new casperquery processing for location services without compromisingprivacyrdquo in Proceedings of the 32nd International Conference onVery Large Data Bases pp 763ndash774 VLDB Endowment 2006

[8] M Gruteser and D Grunwald ldquoAnonymous usage of location-based services through spatial and temporal cloakingrdquo in Pro-ceedings of the 1st International Conference on Mobile SystemsApplications and Services pp 31ndash42 ACM May 2003

[9] GGhinita P Kalnis and S Skiadopoulos ldquoMobihide amobileapeerto-peer system for anonymous location-based queriesrdquoin Advances in Spatial and Temporal Databases pp 221ndash238Springer Berlin Germany 2007

[10] E K Wang and Y Ye ldquoA new privacy-preserving scheme forcontinuous query in location-based social networking servicesrdquoInternational Journal of Distributed Sensor Networks vol 2014Article ID 979201 2014

[11] M Zhou X Li and L Liao ldquoOn preventing location attacksfor urban vehicular networksrdquoMobile Information Systems vol2016 Article ID 5850670 13 pages 2016

[12] K Sampigethaya M Li L Huang and R PoovendranldquoAMOEBA robust location privacy scheme for VANETrdquo IEEEJournal on Selected Areas in Communications vol 25 no 8 pp1569ndash1589 2007

[13] J Freudiger M Raya M Felegyhazi P Papadimitratos andJ-P Hubaux ldquoMix-zones for location privacy in vehicularnetworksrdquo in Proceedings of the ACM Workshop on WirelessNetworking for Intelligent Transportation Systems (WiN-ITS rsquo07)Vancouver Canada 2007

[14] F Kargl and J Petit ldquoSecurity and privacy in vehicular net-worksrdquo in Vehicular Communications and Networks Architec-tures Protocols Operation and Deployment pp 171ndash189 2015

[15] Y Gai J Lin and B Krishnamachari ldquoSecurity and privacy invehicular networksrdquo Cognitive Vehicular Networks pp 151ndash1662016

[16] C-Y Chow M F Mokbel and X Liu ldquoA peer-to-peer spatialcloaking algorithm for anonymous location-based servicerdquo inProceedings of the 14th Annual ACM International Symposiumon Advances in Geographic Information Systems (ACM-GIS rsquo06)pp 171ndash178 ACM November 2006

[17] M Langheinrich ldquoPrivacy by designprinciples of privacy-awareubiquitous systemsrdquo in Ubicomp 2001 Ubiquitous Computingpp 273ndash291 Springer Berlin Germany 2001

[18] G Ghinita P Kalnis and S Skiadopoulos ldquoPrive anonymouslocationbased queries in distributed mobile systemsrdquo in Pro-ceedings of the 16th International Conference on World WideWeb pp 371ndash380 ACM 2007

[19] H Zhangwei and X Mingjun ldquoA distributed spatial cloakingprotocol for location privacyrdquo in Proceedings of the 2nd Inter-national Conference on Networks Security Wireless Communica-tions andTrustedComputing (NSWCTC rsquo10) vol 2 pp 468ndash471April 2010

[20] M E Andres N E Bordenabe K Chatzikokolakis and CPalamidessi ldquoGeo-indistinguishability differential privacy forlocation-based systemsrdquo in Proceedings of the ACM SIGSACConference on Computer and Communications Security (CCSrsquo13) pp 901ndash914 ACM Berlin Germany November 2013

[21] R Koorn H van Gils J ter Hart P Overbeek R Tellegenand J Borking Privacy Enhancing Technologies White Paper forDecision Makers 2004

[22] C A Ardagna M Cremonini S De Capitani Di Vimercatiand P Samarati ldquoAn obfuscation-based approach for protectinglocation privacyrdquo IEEE Transactions on Dependable and SecureComputing vol 8 no 1 pp 13ndash27 2011

[23] G Ghinita P Kalnis A Khoshgozaran C Shahabi and K-LTan ldquoPrivate queries in location based services anonymizersare not necessaryrdquo in Proceedings of the ACM SIGMOD Interna-tional Conference on Management of Data (SIGMOD rsquo08) pp121ndash132 ACM June 2008

[24] A Khoshgozaran H Shirani-Mehr and C Shahabi ldquoSPIRALa scalable private information retrieval approach to locationprivacyrdquo in Proceedings of the 9th International Conference onMobile Data Management Workshops (MDMW rsquo08) pp 55ndash62April 2008

[25] A Khoshgozaran andC Shahabi ldquoPrivate information retrievaltechniques for enabling location privacy in location-basedservicesrdquo in Privacy in Location-Based Applications pp 59ndash83Springer 2009


[26] J Domingo-Ferrer ldquoMicroaggregation for database and loca-tion privacyrdquo in Next Generation Information Technologies andSystems pp 106ndash116 Springer 2006

[27] T Okamoto and S Uchiyama ldquoA new public-key cryptosystemas secure as factoringrdquo in Proceedings of the InternationalConference on the Theory and Applications of CryptographicTechniques pp 308ndash318 Springer 1998

[28] A Solanas and A Martınez-Balleste ldquoA TTP-free protocol forlocation privacy in location-based servicesrdquoComputer Commu-nications vol 31 no 6 pp 1181ndash1191 2008

[29] R Rothblum ldquoHomomorphic encryption from private-key topublickeyrdquo in Proceedings of theTheory of Cryptography Confer-ence pp 219ndash234 Springer Providence RI USA March 2011

[30] P Paillier ldquoPublic-key cryptosystems based on compositedegree residuosity classesrdquo in Proceedings of the InternationalConference on the Theory and Applications of CryptographicTechniques (EUROCRYPT rsquo99) pp 223ndash238 Springer PragueCzech Republic 1999

[31] I Damgard andM Jurik ldquoA generalisation a simplification andsome applications of Paillierrsquos probabilistic public-key systemrdquoin International Workshop on Public Key Cryptography pp 119ndash136 Springer 2001

Submit your manuscripts athttpswwwhindawicom

Computer Games Technology

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014


Distributed Sensor Networks


Advances in

FuzzySystems

Hindawi Publishing Corporationhttpwwwhindawicom

Volume 2014


ReconfigurableComputing

Hindawi Publishing Corporation httpwwwhindawicom Volume 2014


Applied Computational Intelligence and Soft Computing

thinspAdvancesthinspinthinsp

Artificial Intelligence

HindawithinspPublishingthinspCorporationhttpwwwhindawicom Volumethinsp2014

Advances inSoftware EngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014


Electrical and Computer Engineering

Journal of

Hindawi Publishing Corporation

httpwwwhindawicom Volume 2014

Advances in

Multimedia


Biomedical Imaging


Advances in


RoboticsJournal of



Computational Intelligence and Neuroscience

Industrial EngineeringJournal of


Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014


Human-ComputerInteraction

Advances in

Computer EngineeringAdvances in



Enc (Xc Yc) D1 D2 Dk

R1 R2 Rk

D1

D2

Dk

middot middot middotird party

⟨Top K candidate results

Location Based ServiceProvider

Top

k re

leva

nt re

sults

For K users

Ad hoc congregationBase station transmission rangeMobile user under base station range

⟨Bc Qs K⟩

(D1 D2 Dk)⟩

⟨Enc (Xc Yc) Bc Qs K⟩

⟨R1 R2 Rk⟩

Figure 1 System model

maps bing maps and map quest but the connection tothese servers are not trusted Therefore instead in orderto protect privacy Alice sends her query via a TTP (alsocalled anonymizer) that strips off her identification infor-mation generates the blurred location data and mediatesthe communication between her and LBS provider [5 6]However the query submitted by Alice to TTP still hasher actual location coordinates hence malicious user havingcontrol over TTP can have complete information about theuser Thus it is always risky to use TTP based frameworkto connect to the LBS server Trusting the third party is theprime downside of the TTP based mechanisms If a user cantrust a third party for small functionality then why not theservice provider for bigger benefits can always be arguedIn distributed peer approach mobile clients are equippedto connect with other mobile users as and when requiredThe development of distributed wireless communicationtechnologies such as WLAN IEEE 80211 Bluetooth IEEE802151 and ZigBee (for low energy devices) IEEE 802154-based specifications combinedwith the propelled computingpotential and memory capacity of todayrsquos mobile devicesbecomeuseful to bring privacy preserving benefits to the userThis way the need to rely solely on the connection to theserver is eliminated In TTP-free architecture all functionsare supposed to be carried out at the userrsquos handheld and thusmake the communication heavier andmore time consumingEfficiency of decentralized architecture also depends uponthe computing capability of used mobile device Howeverpeersrsquo trust measure and evaluation is another big concern

Figure 1 presents the proposed architecture of hybridmodel Here it is presumed that there are a substantialnumber of mobile users carrying handheld devices such ascell phones PDAs or the like which are equipped with posi-tioning capabilities and use location services frequently Thehandhelds have computation power processing potentialmemory and required access to the wireless network All theusers are in the transmission range of the base station (orbeacon node)

In the proposed hybridmodel we suggest that themobileuser querying LBS first forms an ad hoc congregation withother users exploiting the well-established principle of K-anonymity Once the congregation is formed centroid is

calculated in such a way that participating usersrsquo locationsare not revealed The centroid coordinates are then securedusing encryption and sent to the third party (TP) Query (Q)includes secured location coordinates nearest base stationinformation anonymity parameter K and the query stringTP strips off the encrypted data and without performing anychanges forwards the rest of the query to the service providerService provider sends topKmost relevant candidate resultset (with reference to the beacon node) back to TP TP thenprocesses the inputs performs homomorphic operation andsends the result back to the congregationThe proposed HYBsolution works well for specific queries in which queries aremore personalized to the user specific needs

Location queries can be categorized as generalized orspecific queries A generalized query can also be viewed asa general public query that fulfills the mass requirementwhereas specific query is the one that satisfies individualrsquosneed ldquoFind my nearest retail banking branch of SBI Bankrdquois the example of specific query while ldquoFind my nearestbankrdquo is the example of generalized query In our work itis assumed that user uses the location services to retrievespecific information The novelty of the proposed hybridsolution is that it exploits the merits of TP and peer groupformation without trusting TP as coordinates are kept privateby securing them using encryption Neither query issuer norTP is aware about the exact locations of themembers involvedyet it communicates the required resultsThe rest of the paperis organized as follows Section 2 highlights the related workSections 3 and 4 exhibit the proposed congregation modeland homomorphic encryption technique respectively Theproposed HYB solution is described in Section 5 Section 6presents performance metrics of HYB solution Finally Sec-tion 7 concludes the paper

2 Related Work

A survey of literature in the field of location privacypertaining to LBS has brought forth several frameworksarchitectures algorithms and techniques given by numer-ous researchers and practitioners Broadly existing defensemechanisms are based on either of the two architectures (1)


Anonymizer

Anonymized query

Query result

LBS

Actual query

Actual result



(a) TTP based

Query result

Location value

Requested query

LBSMobile user

Database

(b) TTP-free


BC

E

D



LBS provider

Database









G

k = 3


MU1

MU2

MU3










(1199091015840 1199101015840) = (119909 + 120575119909 119910 + 120575119910) (1)




F

G

Ad hoc congregation

AQuery issuer

Congregate message

Random secret split

B

C

D

E









sum119894isin∁119894=1 toK

S119894119909 = 0

sum119894isin∁119894=1 toK

S119894119910 = 0(3)



(119909119901 119910119901) = (119909119894 + S119894119909 119910119894 + S119894119910) (4)


119883∁ = sum119894=1 toK

119909119901119894K

119884∁ = sum119894=1 toK

119910119901119894K

(5)














forall1199011 1199012 isin P(7)










CR ⟨(1199091 1199101) (1199092 1199102) (119909119896 119910119896)⟩ (8)



E (CR)

⟨Epk (1199091 1199101) Epk (1199092 1199102) Epk (119909119896 119910119896)⟩ (9)


E (119883∁ 119884∁) sdot Epk (1199091 1199101) = E ((119883∁ 119884∁) + (1199091 1199101))

E (119883∁ 119884∁) sdot Epk (1199092 1199102) = E ((119883∁ 119884∁) + (1199092 1199102))

E (119883∁ 119884∁) sdot Epk (119909119896 119910119896) = E ((119883∁ 119884∁) + (119909119896 119910119896))

(10)
























119894isin∁119894=1 toKS119894119909 = 0 sum

119894isin∁119894=1 toKS119894119910 = 0




(9) 119883∁ =119879119890119898119901119909K

119884∁ =119879119890119898119901119910K

(10) return (119883∁ 119884∁)(11) end



1015840119897 = 1198841015840119897 cup 1199101015840119894

(11) end(12) return (1198831015840119897 119884

1015840119897 )










N Key size (in bits) 512 1024 20484096



100







050

100150200250300350400450500550600

Aver

age c

ompu

tatio

n tim

e (in

sec)

0 1024 2048 4096512풩




0 1024 2048 40960

100200300400500600700800900

100011001200

Aver

age c

ompu

tatio

n tim

e (in

sec)

512풩







10 50 100 2000 150풦

0

50

100

150

200

250

300

350

400

450

Aver

age c

ompu

tatio

n tim

e (in

ms)






7 Conclusion






References








































Advances in

FuzzySystems


Volume 2014












Journal of



Advances in

Multimedia


Biomedical Imaging


Advances in


RoboticsJournal of










Advances in




Anonymizer

Anonymized query

Query result

LBS

Actual query

Actual result



(a) TTP based

Query result

Location value

Requested query

LBSMobile user

Database

(b) TTP-free


BC

E

D



LBS provider

Database









G

k = 3


MU1

MU2

MU3










(1199091015840 1199101015840) = (119909 + 120575119909 119910 + 120575119910) (1)




F

G

Ad hoc congregation

AQuery issuer

Congregate message

Random secret split

B

C

D

E









sum119894isin∁119894=1 toK

S119894119909 = 0

sum119894isin∁119894=1 toK

S119894119910 = 0(3)



(119909119901 119910119901) = (119909119894 + S119894119909 119910119894 + S119894119910) (4)


119883∁ = sum119894=1 toK

119909119901119894K

119884∁ = sum119894=1 toK

119910119901119894K

(5)














forall1199011 1199012 isin P(7)










CR ⟨(1199091 1199101) (1199092 1199102) (119909119896 119910119896)⟩ (8)



E (CR)

⟨Epk (1199091 1199101) Epk (1199092 1199102) Epk (119909119896 119910119896)⟩ (9)


E (119883∁ 119884∁) sdot Epk (1199091 1199101) = E ((119883∁ 119884∁) + (1199091 1199101))

E (119883∁ 119884∁) sdot Epk (1199092 1199102) = E ((119883∁ 119884∁) + (1199092 1199102))

E (119883∁ 119884∁) sdot Epk (119909119896 119910119896) = E ((119883∁ 119884∁) + (119909119896 119910119896))

(10)
























119894isin∁119894=1 toKS119894119909 = 0 sum

119894isin∁119894=1 toKS119894119910 = 0




(9) 119883∁ =119879119890119898119901119909K

119884∁ =119879119890119898119901119910K

(10) return (119883∁ 119884∁)(11) end



1015840119897 = 1198841015840119897 cup 1199101015840119894

(11) end(12) return (1198831015840119897 119884

1015840119897 )










N Key size (in bits) 512 1024 20484096



100







050

100150200250300350400450500550600

Aver

age c

ompu

tatio

n tim

e (in

sec)

0 1024 2048 4096512풩




0 1024 2048 40960

100200300400500600700800900

100011001200

Aver

age c

ompu

tatio

n tim

e (in

sec)

512풩







10 50 100 2000 150풦

0

50

100

150

200

250

300

350

400

450

Aver

age c

ompu

tatio

n tim

e (in

ms)






7 Conclusion






References








































Advances in

FuzzySystems


Volume 2014












Journal of



Advances in

Multimedia


Biomedical Imaging


Advances in


RoboticsJournal of










Advances in




G

k = 3


MU1

MU2

MU3










(1199091015840 1199101015840) = (119909 + 120575119909 119910 + 120575119910) (1)




F

G

Ad hoc congregation

AQuery issuer

Congregate message

Random secret split

B

C

D

E









sum119894isin∁119894=1 toK

S119894119909 = 0

sum119894isin∁119894=1 toK

S119894119910 = 0(3)



(119909119901 119910119901) = (119909119894 + S119894119909 119910119894 + S119894119910) (4)


119883∁ = sum119894=1 toK

119909119901119894K

119884∁ = sum119894=1 toK

119910119901119894K

(5)














forall1199011 1199012 isin P(7)










CR ⟨(1199091 1199101) (1199092 1199102) (119909119896 119910119896)⟩ (8)



E (CR)

⟨Epk (1199091 1199101) Epk (1199092 1199102) Epk (119909119896 119910119896)⟩ (9)


E (119883∁ 119884∁) sdot Epk (1199091 1199101) = E ((119883∁ 119884∁) + (1199091 1199101))

E (119883∁ 119884∁) sdot Epk (1199092 1199102) = E ((119883∁ 119884∁) + (1199092 1199102))

E (119883∁ 119884∁) sdot Epk (119909119896 119910119896) = E ((119883∁ 119884∁) + (119909119896 119910119896))

(10)
























119894isin∁119894=1 toKS119894119909 = 0 sum

119894isin∁119894=1 toKS119894119910 = 0




(9) 119883∁ =119879119890119898119901119909K

119884∁ =119879119890119898119901119910K

(10) return (119883∁ 119884∁)(11) end



1015840119897 = 1198841015840119897 cup 1199101015840119894

(11) end(12) return (1198831015840119897 119884

1015840119897 )










N Key size (in bits) 512 1024 20484096



100







050

100150200250300350400450500550600

Aver

age c

ompu

tatio

n tim

e (in

sec)

0 1024 2048 4096512풩




0 1024 2048 40960

100200300400500600700800900

100011001200

Aver

age c

ompu

tatio

n tim

e (in

sec)

512풩







10 50 100 2000 150풦

0

50

100

150

200

250

300

350

400

450

Aver

age c

ompu

tatio

n tim

e (in

ms)






7 Conclusion






References








































Advances in

FuzzySystems


Volume 2014












Journal of



Advances in

Multimedia


Biomedical Imaging


Advances in


RoboticsJournal of










Advances in




F

G

Ad hoc congregation

AQuery issuer

Congregate message

Random secret split

B

C

D

E









sum119894isin∁119894=1 toK

S119894119909 = 0

sum119894isin∁119894=1 toK

S119894119910 = 0(3)



(119909119901 119910119901) = (119909119894 + S119894119909 119910119894 + S119894119910) (4)


119883∁ = sum119894=1 toK

119909119901119894K

119884∁ = sum119894=1 toK

119910119901119894K

(5)














forall1199011 1199012 isin P(7)










CR ⟨(1199091 1199101) (1199092 1199102) (119909119896 119910119896)⟩ (8)



E (CR)

⟨Epk (1199091 1199101) Epk (1199092 1199102) Epk (119909119896 119910119896)⟩ (9)


E (119883∁ 119884∁) sdot Epk (1199091 1199101) = E ((119883∁ 119884∁) + (1199091 1199101))

E (119883∁ 119884∁) sdot Epk (1199092 1199102) = E ((119883∁ 119884∁) + (1199092 1199102))

E (119883∁ 119884∁) sdot Epk (119909119896 119910119896) = E ((119883∁ 119884∁) + (119909119896 119910119896))

(10)
























119894isin∁119894=1 toKS119894119909 = 0 sum

119894isin∁119894=1 toKS119894119910 = 0




(9) 119883∁ =119879119890119898119901119909K

119884∁ =119879119890119898119901119910K

(10) return (119883∁ 119884∁)(11) end



1015840119897 = 1198841015840119897 cup 1199101015840119894

(11) end(12) return (1198831015840119897 119884

1015840119897 )










N Key size (in bits) 512 1024 20484096



100







050

100150200250300350400450500550600

Aver

age c

ompu

tatio

n tim

e (in

sec)

0 1024 2048 4096512풩




0 1024 2048 40960

100200300400500600700800900

100011001200

Aver

age c

ompu

tatio

n tim

e (in

sec)

512풩







10 50 100 2000 150풦

0

50

100

150

200

250

300

350

400

450

Aver

age c

ompu

tatio

n tim

e (in

ms)






7 Conclusion






References








































Advances in

FuzzySystems


Volume 2014












Journal of



Advances in

Multimedia


Biomedical Imaging


Advances in


RoboticsJournal of










Advances in









forall1199011 1199012 isin P(7)










CR ⟨(1199091 1199101) (1199092 1199102) (119909119896 119910119896)⟩ (8)



E (CR)

⟨Epk (1199091 1199101) Epk (1199092 1199102) Epk (119909119896 119910119896)⟩ (9)


E (119883∁ 119884∁) sdot Epk (1199091 1199101) = E ((119883∁ 119884∁) + (1199091 1199101))

E (119883∁ 119884∁) sdot Epk (1199092 1199102) = E ((119883∁ 119884∁) + (1199092 1199102))

E (119883∁ 119884∁) sdot Epk (119909119896 119910119896) = E ((119883∁ 119884∁) + (119909119896 119910119896))

(10)
























119894isin∁119894=1 toKS119894119909 = 0 sum

119894isin∁119894=1 toKS119894119910 = 0




(9) 119883∁ =119879119890119898119901119909K

119884∁ =119879119890119898119901119910K

(10) return (119883∁ 119884∁)(11) end



1015840119897 = 1198841015840119897 cup 1199101015840119894

(11) end(12) return (1198831015840119897 119884

1015840119897 )










N Key size (in bits) 512 1024 20484096



100







050

100150200250300350400450500550600

Aver

age c

ompu

tatio

n tim

e (in

sec)

0 1024 2048 4096512풩




0 1024 2048 40960

100200300400500600700800900

100011001200

Aver

age c

ompu

tatio

n tim

e (in

sec)

512풩







10 50 100 2000 150풦

0

50

100

150

200

250

300

350

400

450

Aver

age c

ompu

tatio

n tim

e (in

ms)






7 Conclusion






References








































Advances in

FuzzySystems


Volume 2014












Journal of



Advances in

Multimedia


Biomedical Imaging


Advances in


RoboticsJournal of










Advances in
























119894isin∁119894=1 toKS119894119909 = 0 sum

119894isin∁119894=1 toKS119894119910 = 0




(9) 119883∁ =119879119890119898119901119909K

119884∁ =119879119890119898119901119910K

(10) return (119883∁ 119884∁)(11) end



1015840119897 = 1198841015840119897 cup 1199101015840119894

(11) end(12) return (1198831015840119897 119884

1015840119897 )










N Key size (in bits) 512 1024 20484096



100







050

100150200250300350400450500550600

Aver

age c

ompu

tatio

n tim

e (in

sec)

0 1024 2048 4096512풩




0 1024 2048 40960

100200300400500600700800900

100011001200

Aver

age c

ompu

tatio

n tim

e (in

sec)

512풩







10 50 100 2000 150풦

0

50

100

150

200

250

300

350

400

450

Aver

age c

ompu

tatio

n tim

e (in

ms)






7 Conclusion






References








































Advances in

FuzzySystems


Volume 2014












Journal of



Advances in

Multimedia


Biomedical Imaging


Advances in


RoboticsJournal of










Advances in




050

100150200250300350400450500550600

Aver

age c

ompu

tatio

n tim

e (in

sec)

0 1024 2048 4096512풩




0 1024 2048 40960

100200300400500600700800900

100011001200

Aver

age c

ompu

tatio

n tim

e (in

sec)

512풩







10 50 100 2000 150풦

0

50

100

150

200

250

300

350

400

450

Aver

age c

ompu

tatio

n tim

e (in

ms)






7 Conclusion






References








































Advances in

FuzzySystems


Volume 2014












Journal of



Advances in

Multimedia


Biomedical Imaging


Advances in


RoboticsJournal of










Advances in







References








































Advances in

FuzzySystems


Volume 2014












Journal of



Advances in

Multimedia


Biomedical Imaging


Advances in


RoboticsJournal of










Advances in

















Advances in

FuzzySystems


Volume 2014












Journal of



Advances in

Multimedia


Biomedical Imaging


Advances in


RoboticsJournal of










Advances in



researcharticle a hybrid location privacy solution for...

Documents