MaxPace: Speed-Constrained Location Queries
Paper in proceedings, 2017
With the increasing proliferation of mobile devices, location-based services enjoy increasing popularity. At the same time, this raises concerns regarding location privacy, as seen in many publicized cases when user location is illegitimately tracked both by malicious users and by invasive service providers. This paper is focused on privacy for the location proximity problem, with the goal of revealing the proximity of a user without disclosing any other data about the user's location. A key challenge is attacks by multiple requests, when a malicious user requests proximity to a victim from multiple locations in order to position the user by trilateration. To mitigate these concerns we develop MaxPace, a general policy framework to restrict proximity queries based on the speed of the requester. MaxPace boosts the privacy guarantees, which is demonstrated by comparative bounds on how the knowledge about the users' location changes over time. MaxPace applies to both a centralized setting, where the server can enforce the policy on the actual locations, and a decentralized setting, dispensing with the need to reveal user locations to the service provider. The former has already found a way into practical location-based services. For the latter, we develop a secure multi-party computation protocol that incorporates the speed constraints in its design. We formally establish the protocol's privacy guarantees and benchmark our prototype implementation to demonstrate the protocol's practical feasibility.