Privacy-Preserving Payment Splitting
| Autor: | Saba Eskandarian, Payman Mohassel, Mihai Christodorescu |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2019 |
| Předmět: |
FOS: Computer and information sciences
Computer Science - Cryptography and Security Cover (telecommunications) Computer science media_common.quotation_subject Cryptography 02 engineering and technology Computer security computer.software_genre privacy Phone 0202 electrical engineering electronic engineering information engineering Protocol (object-oriented programming) General Environmental Science media_common Ethics payment splitting business.industry 020206 networking & telecommunications QA75.5-76.95 Service provider Payment BJ1-1725 Electronic computers. Computer science Scalability General Earth and Planetary Sciences 020201 artificial intelligence & image processing business Cryptography and Security (cs.CR) computer Transaction data |
| Zdroj: | Proceedings on Privacy Enhancing Technologies, Vol 2020, Iss 2, Pp 67-88 (2020) |
| Popis: | Widely used payment splitting apps allow members of a group to keep track of debts between members by sending charges for expenses paid by one member on behalf of others. While offering a great deal of convenience, these apps gain access to sensitive data on users’ financial transactions. In this paper, we present a payment splitting app that hides all transaction data within a group from the service provider, provides privacy protections between users in a group, and provides integrity against malicious users or even a malicious server. The core protocol proceeds in a series of rounds in which users either submit real data or cover traffic, and the server blindly updates balances, informs users of charges, and computes integrity checks on user-submitted data. Our protocol requires no cryptographic operations on the server, and after a group’s initial setup, the only cryptographic tool users need is AES. We implement the payment splitting protocol as an Android app and the accompanying server. We find that, for realistic group sizes, it requires fewer than 50 milliseconds per round of computation on a user’s phone and the server requires fewer than 300 microseconds per round for each group, meaning that our protocol enjoys excellent performance and scalability properties. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|