Saturday 6th July, 2013
3:00pm to 3:45pm
Electric vehicles (EVs) are becoming increasingly popular, especially since we need alternatives to cars powered by fuel. Electric mobility will be a privacy game changer. Even a quick charging cycle of an EV takes about 30 minutes for a full charge today, the current infrastructure of gas stations is no longer feasible. Instead a widely distributed network of charging stations is being built.
Overly simplified, lithium-ion-based batteries have two states to be avoided: completely charged and completely discharged. Thus, customers are encouraged to plug-in where ever they park their car. This behavior is also supported by a feeling aptly named 'range anxiety'. The worrying side-effect of this change in how we refuel cars is that suddenly this process becomes observable: while today everyone can pay cash at a gas station and expect a reasonable amount of anonymity, charging of EVs changes the rules significantly and enables an observer to track where a user charges her car and thus allows for the creation of quite detailed movement profiles. The talk proposes a solution that protects the user's location privacy and is practical enough to be actually implemented.
Electric mobility will be and can be a privacy game changer. It will be a game changer, because we will most probably loose our single anonymous way to pay for transportation energy: paying cash. One main characteristic of EVs is that conventional gas stations become superfluous: since even a quick charging cycle of an EV takes about 30 minutes for a full charge today, we need a more flexible way to charge EVs. As a result, networks with many thousands charging stations (CS) are being built today, where a car owner can plug in her car and charge it. In contrast to gas stations, charging infrastructure is widely distributed and maintaining a low cash level in all stations is expensive, because you have to send someone around to do so. Not maintaining a low cash level is also expensive, as it solicits theft or at least vandalism.
The worrying side-effect of this change in how we refuel cars is that suddenly this process becomes observable: while today everyone can pay cash at a gas station and expect a reasonable amount of anonymity and unlinkability of her transactions, charging of EVs (and especially the billing process) changes the rules significantly and enables an observer to track where a user charges his car and thus allows for the creation of quite detailed movement profiles.
On the other hand, electric mobility can be a game changer, because currently no real interoperable standards for clearing and billing exist -- we have barely standardized charging. This is the right time to push the demand for privacy.
For many researchers the go-to solution for this problem is e-cash. Simply speaking e-cash is a digital currency that offers anonymous payments with unlinkable coins. Several e-cash variants have been proposed in the last 20 years. Correctly applied, e-cash can offer a strong protection for customers' privacy -- if utilities, clearing houses and regulators decide to use it. E-cash offers a lot of privacy benefits to the customer's side, but it lacks similar incentives for the vendor to use it. If a vendor (or a large group of vendors in our case) are to use a certain solution, it needs to be beneficial (or at least acceptable) to both sides. Current ad-hoc solutions for EV charging and billing do not offer any privacy at all.
We propose a system that balances the customer's legitimate privacy interest with the vendor's legitimate interest to prevent abuse and the legal requirement to be able to resolve disputes in front of a court of law (and to comply with energy laws, as well as standards and measurements laws). The main goal is to allow for the charging of EVs while preserving the user’s location privacy and to offer a solution that can actually be used. The system also supports to authenticate a user in a non-repudiable way in compliance with pre- and post-payed billing such that billing can be handled correctly and existing infrastructure can be adapted quickly. Our approach is based on a group signature scheme that we adapt to the setting of next-generation cars. To study the practical feasibility of the proposed system, we implemented a prototype and evaluated it both on a CS for EVs and also on a (simulated) backend. The evaluation results suggest that our system can process more than one million charging processes per hour using off-the-shelf hardware while preserving the user's location privacy.
Sign in to add slides, notes or videos to this session