LAUSR

We propose HERMES, a scalable, secure, and privacy-enhancing system for users to share and access vehicles. HERMES securely outsources operations of vehicle access token (AT) generation to a set of untrusted servers. It builds on an earlier proposal, namely, SePCAR, and extends the system design for improved efficiency and scalability. To cater to system and user needs for secure and private computations, HERMES utilizes and combines several cryptographic primitives with secure multiparty computation (MPC) efficiently. It conceals secret keys of vehicles and transaction details from the servers, including vehicle booking details, AT information, and user and vehicle identities. It also provides user accountability in case of disputes. Besides, we provide semantic security analysis and prove that HERMES meets its security and privacy requirements. Last but not least, we demonstrate that HERMES is efficient and, in contrast to SePCAR, scales to a large number of users and vehicles, making it practical for real-world deployments. We build our evaluations with two different MPC protocols: 1) HtMAC-MiMC and 2) CBC-MAC-AES. Our results demonstrate that HERMES is in the range of milliseconds for generating an AT, whether it operates for a single-vehicle owner or a large rental-company branch with over 1000 vehicles; handling 546 and 84 AT generations per second, respectively. As a result, HERMES is an order of magnitude faster compared to SePCAR. Specifically, it delivers 696 (with HtMAC-MiMC) and 42 (with CBC-MAC-AES) more ATs compared to in SePCAR for a single-vehicle owner AT generation. Furthermore, we show that HERMES is practical on the vehicle side, too, as AT operations performed on a prototype vehicle on-board unit take only $\approx 62 $ ms.