Security and privacy issues have become a major hindrance to the broad adoption of Ride-Hailing Services (RHSs). In this article, we introduce a new collusion attack initiated by the Ride-Hailing Service Provider (RHSP) and a driver that could easily link the real riders and their anonymous requests (credentials). Besides this attack, existing work requires heavy computations to execute user matching, and it is challenging for riders to verify matching results. Meanwhile, a malicious driver may cancel an assigned ride order due to its short distance. To address these issues, we present a RHS system named Nereus to support collusion resistance, efficiency, verifiability, and accountability. First, we integrate a smart contract into a Software Guard Extensions (SGX) enclave to establish a private smart contract for collusion resistance. We use a Bloom filter to achieve efficient matching. Second, we leverage privacy-preserving range query and Merkle proofs to make matching results verifiable. Meanwhile, we adopt short group signatures to provide anonymous authentication and deposit commitments to hold the runaway driver accountable. We formally state and prove the security and privacy of Nereus. We build a prototype based on Ethereum and SGX to conduct extensive performance analysis in regard to gas costs, computational costs, and communication overhead. Experimental results show that Nereus significantly improves over existing schemes in terms of computational costs.Index Terms-Ride-hailing services, privacy, collusion attack, private smart contract, SGX Ç
INTRODUCTIONT HE development of popular Ride-Hailing Services (RHSs) is spawned by mature cloud computing, wireless communication, and sensor-enriched smartphones. RHSs have been prospering as a global phenomenon over the past decade and offering users (riders and drivers) many benefits.During ride-hailing, user matching is the most important component because it is related to rider's waiting time, driver's income, system efficiency, and the RHSP's profits. To form a ride, the rider and the driver submit ride data to the Ride-Hailing Service Provider (RHSP) for user matching. These data include identity, current location, destination, and requirements, e.g., vehicle brand, driver experience, and driver reputation. Such information correlates with sensitive information about the user, e.g. home, workplace, and propensities. Besides, the RHSP is considered an untrustworthy entity due to cyber attacks or mischievous employees. One report showed that 2.7 million Uber users in the UK were affected by a mass data breach in 2016 [1]. Hence, sharing ride data with the RHSP raises many significant security and privacy concerns [2], [3], [4], [5], [6], [7]. Without careful design, these concerns will hobble to what proves to be a more convenient mode of transportation. In the literature, there are multiple schemes utilizing cryptographic primitives and data structures to achieve privacypreserving RHSs (e.g., ORide [8], DAP-DAD [9], pRide [10], FICA [11], CoRide [12], B...