Protecting Multi-Lateral Localization Privacy in Pervasive Environments

Location-based services (LBSs) have raised serious privacy concerns in the society, due to the possibility of leaking a mobile user´s location information in enabling location-dependent services. While existing location-privacy studies are mainly focused on preventing the leakage of a user´s location in accessing the LBS server, the possible privacy leakage in the calculation of the user´s location, i.e., the localization, has been largely ignored. Such a privacy leakage stems from the fact that a localization algorithm typically takes the location of anchors (reference points for localization) as input, and generates the target´s location as output. As such, the location of anchors and target could be leaked to others. An adversary could further utilize the leakage of anchor´s locations to attack the localization infrastructure and undermine the accurate estimation of the target´s location. To address this issue, in this paper, we study the multi-lateral privacy-preserving localization problem, whereby the location of a target is calculated without the need of revealing anchors´ location, and the knowledge of the localization outcome, i.e., the target´s location, is strictly limited to the target itself. To fully protect the user´s privacy, our study protects not only the user´s exact location information (the geo-coordinates), but also any side information that may lead to a coarse estimate of the location. We formulate the problem as a secure least-squared-error (LSE) estimation for an overdetermined linear system and develop three privacy-preserving solutions by leveraging combinations of information-hiding and homomorphic encryption. These solutions provide different levels of protection for location-side information and resilience to node collusion and have the advantage of being able to trade a user´s privacy requirements for better computation and communication efficiency. Through numerical results, we verify the significant efficiency improvemen- of the proposed schemes over existing multiparty secure LSE algorithms.