Recently, Xie et al. (IEEE Transactions on Information Forensics and Security, vol. 16, pp. 3068-3081, 2021) proposed a privacy-preserving Online Ride-Hailing (ORH) protocol that does not make use of a trusted third-party server. The primary goal of such privacy-preserving ORH protocols is to ensure the privacy of riders' and drivers' location data w.r.t. the ORH Service Provider (SP). In this note, we demonstrate a passive attack by the SP in the protocol of Xie et al. that enables it to completely recover the location of the rider as well as that of the responding drivers in each and every ride request query.
翻译:最近,Xie等人(IEEE信息法证和安全交易,第16卷,第3068-3081页,第2021页)提议了一项不使用可信赖第三方服务器的隐私保护在线赛马协议(ORH),这种隐私保护协议的主要目标是确保驾驶员和驾驶员的定位数据的隐私,ORH服务提供商(SP),在本说明中,我们在Xie等人协议中展示了SP的被动攻击,使其能够完全恢复驾驶员以及每次和每次旅行请求中应答司机的所在地。