Professional Documents
Culture Documents
net/publication/331779607
CITATIONS READS
7 1,022
5 authors, including:
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Mustafa A. Mustafa on 25 March 2019.
Akash Madhusudan1 , Iraklis Symeonidis2,1 , Mustafa A. Mustafa3,1 , Ren Zhang1,4 and Bart Preneel1
1 imec-COSIC, KU Leuven, Belgium
2 SnT-APSIA, University of Luxembourg, Luxembourg
3 School of Computer Science, University of Manchester, UK
4 Nervos
Keywords: Smart Contracts, Ethereum, Car booking and payments, Security, Privacy, Car sharing
Abstract: This paper presents an efficient solution for the booking and payments functionality of a car sharing system
that allows individuals to share their personal, underused cars in a completely decentralized manner, annulling
the need of an intermediary. Our solution, named SC2 Share, leverages smart contracts and use them to carry
out secure and private car booking and payments. Our experiments on SC2 Share on the Ethereum testnet
guarantee high security and privacy to its users and confirm that our system is cost-efficient and ready for
practical use.
owner Consumer In SC2 Share the following threat model is used. The
owner and the consumer are not trusted to carry out
all transactions honestly. The integrity and correct
execution of the smart contract is guaranteed by the
Smart Contract underlying public ledger, in our case the Ethereum
Car blockchain. Due to the blockchain’s public nature,
any private information embedded in the blockchain
is considered leaked.
For our system to work, we also make the follow-
Public Ledger ing assumptions. The owner and the consumer mu-
Figure 1: System model of SC2 Share. tually agree upon the initial booking details and are
successful in keeping them confidential against any
third party. We also assume that the owner and the
instruction has a predefined gas consumption. To pre- consumer have a public/private-key pair along with
vent denial of service attacks, each transaction also their digital certificates. Lastly, the communication
specifies a startGas. A transaction execution that ex- channels are used by the owner and the consumer are
ceeds that startGas cannot be carried out, however, the private and authentic.
transaction fee still goes to the miner.
3.3 Design requirements
3 System model, threat model and Our system should satisfy the following functional,
design requirements security and privacy requirements.
This section introduces the system model, the threat Functional requirements
model and assumptions as well as the functional, se-
curity and privacy requirements used in the design of • Booking and payments process: SC2 Share
SC2 Share. should handle bookings, car usage and payments
in an immutable way. It should be able to re-
ceive booking requests, safeguard deposits placed
3.1 System model
by owners/consumers and handle payments.
As illustrated in Figure 1, our system model consists • Fraud prevention: SC2 Share should be able to
of the following entities: deal with fraudulent actions taken by both own-
ers and consumers. Example actions are not mak-
• Owner - An individual with the intention to share ing the car availlable and not returning the car.
his underused personal car. SC2 Share should penalize the initiators of such
• Consumer - A person in temporary need of a car. fraudulent actions.
• Car - The car that is available to be shared. Access • Cancellation: SC2 Share should handle cancella-
provision to this car is handled by any robust ac- tions of the booking agreement and distribute the
cess provision protocols such as SePCAR (Syme- deposit according to the booking agreement.
onidis et al., 2017).
• Extra time surcharge: In case of extra time re-
• Public Ledger - A structure that irrefutably quest by the consumer, SC2 Share should be able
records transactions and is operated by a single to deduct the required extra amount from the con-
or several decentralized parties. All transactions sumer’s deposit and transfer it to the owner.
made in SC2 Share are recorded in this public
ledger. Security and privacy requirements
• Smart Contract - This smart contract is responsi-
ble for receiving a booking request, making sure • Authenticity of booking details: the integrity,
that appropriate deposits have been made by both origin and approval of the booking details should
the owner and the consumer, handling cancella- be validated by the car.
tion requests, dealing with fraudulent activities, • Non-repudiation of access token: SC2 Share
and a smooth rental procedure in general. should be able to prove the authenticity of the ac-
cess token that generated by the owner to the car Figure 3, we do not encrypt all information stored
and the consumer. in booking details.
• Forensic evidence provision: In an adverse sce- 5. The consumer accesses the car and uses it for the
nario of a fraudulent action, authorities should be agreed amount of time.
able to retrieve forensic evidence from the system
and gain access to specific booking details. 6. After completing the trip, the consumer ends the
car rental process by dropping off the owner’s car
• Confidentiality of booking details: Only the at the agreed location.
owner and consumer should have access to the
information stored in booking details. Booking 7. Once the process is over, both the owner and the
details can hold personal identifiable and poten- consumer can separately withdraw their earnings
tially sensitive information such as the license and balances, respectively.
plate number, the location, booking time and type
of the car.
4.2 SC2 Share in detail
• Confidentiality of access token: Only the car
should have access to the information stored in the
This section describes SC2 Share in detail. We first
access token.
present the main protocol followed by the description
• Anonymity of consumer and car: The identity of the cancellation, car access and extra time func-
of the consumer and the car should be hidden to tionalities.
anyone except the owner, the consumer and the Algorithm 1 depicts a pseudo-code of how our
car. system works. As explained in the overview, the sys-
tem is initiated by the owner, which is followed by
the consumer sending a request for booking. Once
the consumer is set as the current driver of the car,
4 SC2 SHARE the booking details are mutually agreed before being
encrypted and stored on the blockchain. We use exter-
This section provides an overview of how SC2 Share nal libraries such as eth-crypto and eth-ecies to carry
handles a car sharing scenario. Then, we explain in out the encryption off-chain, and to generate the iden-
detail the algorithms that implement the functionali- tities of the owner and the consumer (libertylocked,
ties described. 2018; pubkey, 2018). The Javascript code that exe-
cutes with the smart contract, and the smart contract
4.1 Overview of SC2 Share itself are available online.
While storing the details in the smart contract, the
As it is illustrated in Figure 2, we provide a high- owner has to set allow car usage value to ‘true’ in the
level overview of how our system works. It consists smart contract to inform SC2 Share that the car can be
of seven steps described below. used by the consumer. Once the consumer has access
1. An owner deploys a smart contract on the to the car, he can use it for the decided time. If they
blockchain and deposits a value of x ether in it. exceed the agreed time limit, the extra time surcharge
2. A consumer sends a request to rent the car by de- is handled by Algorithm 4. In order to calculate extra
positing x ether (the same amount as in step 1) in time, the smart contract keeps deducting the mutually
the deployed smart contract. agreed ‘price per extra hour’ from the consumer’s de-
posit. SC2 Share also has a fail-safe option, that is acti-
3. The owner and the consumer agree on mutu- vated if the consumer fails to return the car. It awards
ally accepted booking details such as the required the owner the total deposit stored in the smart con-
number of days to share the car, the pick-up and tract, although it does not yet deal with the post-theft
drop-off location and the daily price. scenario.
4. Once the details are agreed, the owner signs the In cases where either the owner or the consumer
booking details using his private key and encrypts wants to cancel the booking, Algorithm 2 comes into
them using the consumer’s public key. Once en- play. The pseudo-code explains how SC2 Share han-
crypted, he sends these details to the storage of dles the cancellation at different stages of the system.
smart contract and allows the consumer to access If the owner cancels the booking before allowing car
the car. The encrypted details stored in the smart usage, he is not penalized, but if they do it after al-
contract can be accessed by the consumer and de- lowing the car usage, then SC2 Share ensures that the
crypted using his private key. However, as seen in consumer gets an incentive. The customer also pays
4
3 3
No. of days
Car info, price per day
Booking details
1 2
Access Car
encrypt and store details / allow car usage End Car Rental
4 Smart Contract 6
Car
Figure 2: Overview of the SC2 Share system.
using a secure channel (see assumptions in Section 3) decipher an access token thus guaranteeing confiden-
and only stored in the smart contract when encrypted. tiality of the access token.
SC2 Share treats the encrypted booking details as Anonymity of consumer and car is provided by de-
the access token and stores them in its internal stor- sign in SC2 Share. On the blockchain, the consumer
age. No one except the consumer and the owner can can choose to be anonymous by using his 20-byte ad-
dress to interact with the contract and not publicizing
any personal details, while the identity of the car is
Algorithm 4 Extra time functionality encrypted along with the other private information by
1: procedure E XTRA T IME
the owner before storing it on-chain.
2: currentDriverAddress ← cAddress
3: cBalance ← consumer balance 5.3 Deployment and usage Cost
4: oBalance ← owner balance
5: cDeposit ← consumer deposit The deployment of a smart contract and the interac-
6: oDeposit ← owner deposit tion with it has a cost for the caller of the transac-
7: consumer Ends Car Rental: tion, and this cost is calculated in gas. This section
8: if end time =< decided time then discusses the deployment and interaction costs asso-
9: currentDriverAddress ← null ciated with our proposed SC2 Share smart contracts
10: carStatus ← idle application. It is important to mention that the price
11: x ← cDeposit − rentCharge of ether per gas unit is volatile, and these results are
12: oBalance ← oDeposit + x obtained by using the price of ether per gas unit for
13: cBalance ← cDeposit average confirmation time (2,368 seconds) as of De-
14: return true cember 2018. To evaluate the total cost of SC2 Share,
15: if end time > decided time then we look at two different costs, the deployment and the
16: currentDriverAddress ← null transaction cost.
17: carStatus ← idle
18: x ← cDeposit − rentCharge Deployment cost
19: y ← cDeposit − chargePerExtraHour
20: z ← x+y The main costs for deploying a smart contract can
21: oBalance ← oDeposit + z be calculated by combining the following parame-
22: cBalance ← cDeposit ters (Wood, 2014):
23: return true
24: Consumer Runs Away With Car: • The costs associated with storing the contract
25: x ← totalDeposit code (200 gas per byte).
26: oBalance ← oBalance + x • Additional data storage cost on the contract
27: return inform insurance (20,000 gas per 256-bit word).
• Each transaction has a base cost of 21,000 gas, it supports the use of advanced cryptographic primi-
and 32,000 gas have to be paid for a CREATE tives such as zero-knowledge proofs.
transaction (deployment of a new contract).
We used Remix IDE (Ethereum, 2016) to calcu-
late the deployment costs of our smart contracts. The REFERENCES
absolute deployment cost is influenced by the size of
the contract and the total bytes in its storage. Table 1 Buterin, V. (2014). A next-generation smart contract and
illustrates the deployment cost of SC2 Share in USD. decentralized application platform. URL: http:
It can be calculated by multiplying the total gas with //blockchainlab.com/pdf/Ethereum_white_
the cost per gas unit in USD. paper-a_next_generation_smart_contract_
and_decentralized_application_platform-
Transaction cost vitalik-buterin.pdf, last checked on 2018-12-20.
Carsten, P. (2016). Hackers attack 20 mln ac-
counts on alibaba’s taobao shopping site. URL:
The cost for executing each transaction can be calcu-
https://www.reuters.com/article/alibaba-
lated as follows (Wood, 2014): cyber-idUSL3N15J1P2, last checked on 2018-12-10.
• The base cost of each transaction (21,000 gas). CoinMarketCap (2018). Top 100 cryptocurrencies by mar-
ket capitalization. URL: https://coinmarketcap.
• The cost for storing a 256-bit word on the smart com/, last checked on 2018-12-20.
contract (20,000 gas)
Collins, K. (2018). A running list of websites and
• The cost for editing data stored in the smart con- apps that have banned, blocked, deleted, and
tract (5,000 gas) otherwise dropped white supremacists. URL:
https://qz.com/1055141/what-websites-and-
• The cost of making a transaction call having a apps-have-banned-neo-nazis-and-white-
monetary value (9,000 gas) supremacists/, last checked on 2018-12-07.
Table 2 illustrates the cost of executing each trans- Cusumano, M. A. (2017). The sharing economy meets re-
action in SC2 Share. Adding up the cost of all individ- ality. Commun. ACM, 61(1):26–28.
ual transactions, the total cost of all transactions in Ethereum (2016). Remix ide. URL:https://remix.
ethereum.org/#optimize=true&version=
SC2 Share is USD 0.188. Hence, it can be deduced
soljson-v0.4.24+commit.e67f0147.js, last
that our smart contract implementation is not expen- checked on 2018-12-20.
sive to deploy and operate. Jentzsch, C. (2016). Decentralized autonomous or-
ganization to automate governance. URL:
https://download.slock.it/public/DAO/
WhitePaper.pdf, last checked on 2018-12-10.
6 Conclusions and future work
La‘Zooz (2015). La‘zooz white paper. URL:
https://www.weusecoins.com/assets/pdf/
This paper presented a fully decentralized car book- library/LaZooz%20Blockchain%20Taxi%
ing and payments system known as SC2 Share. This 20Whitepaper.pdf, last checked on 2018-12-10.
system can be incorporated with car access provision Lee, D. (2017). Uber concealed huge data breach.
protocols to provide a secure and private car shar- URL: https://www.bbc.com/news/technology-
ing environment without the need of any intermedi- 42075306, last checked on 2018-12-10.
ary. We have shown that SC2 Share provides all ma- libertylocked (2018). eth-ecies. URL: https://github.
jor functionalities that are required for a car sharing com/libertylocked/eth-ecies, last checked on
platform, and provides security and privacy by design. 2018-12-20.
The total cost of deploying and using our system on Luu, L., Velner, Y., Teutsch, J., and Saxena, P. (2017). Smart
the Ethereum network sums up to USD 0.7762, which pool: Practical decentralized pooled mining.
in comparison to the commission fee paid to large or- Newcomer, E. (2017). Uber starts charging what it
ganizations is relatively cheap. Hence, we conclude thinks youre willing to pay. URL: https://
that along with being functionally sound, secure and www.bloomberg.com/news/articles/2017-05-
19/uber-s-future-may-rely-on-predicting-
private, SC2 Share is also cost effective for its users. how-much-you-re-willing-to-pay, last checked
As future work we would like to advance our sys- on 2018-12-07.
tem design and implementation to work with fully pubkey (2018). eth-crypto. URL: https://github.com/
encrypted booking details, including the price per pubkey/eth-crypto, last checked on 2018-12-20.
day, price per extra day and required number of days Sharma, T. K. (2018). What does blockchain
which are used for calculation of payments. Another means for a sharing economy? URL:
potential direction could be to adapt SC2 Share so that https://www.blockchain-council.org/
blockchain/what-does-blockchain-mean-for-
a-sharing-economy/, last checked on 2018-12-10.
Symeonidis, I., Aly, A., Mustafa, M. A., Mennink, B.,
Dhooghe, S., and Preneel, B. (2017). Sepcar: A secure
and privacy-enhancing protocol for car access provi-
sion. in the 22nd European Symposium on Research
in Computer Security (ESORICS17), ser. LNCS, vol.
10493. Springer, 2017, pages 475–493.
Symeonidis, I., Mustafa, M. A., and Preneel, B. (2016).
Keyless car sharing system: A security and privacy
analysis. In IEEE International Smart Cities Confer-
ence (ISC2 2016), pages 1–8.
Thellmann, P. (2018). Blockchain is the infrastructure for
a new decentralized sharing economy. URL:https:
//hackernoon.com/blockchain-is-the-
infrastructure-for-a-new-decentralized-
sharing-economy-f715da32bece, last checked on
2018-12-5.
Wood, G. (2014). Ethereum: A secure decen-
tralised generalised transaction ledger byzantium
version. URL:https://ethereum.github.io/
yellowpaper/paper.pdf, last checked on 2018-08-
5.