Cryptology ePrint Archive: Report 2018/259

The Death and Rebirth of Privacy-Preserving WiFi Fingerprint Localization with Paillier Encryption

Zheng Yang and Kimmo Järvinen

Abstract: Localization based on premeasured WiFi fingerprints is a popular method for indoor localization where satellite based positioning systems are unavailable. In these systems, privacy of the users' location is lost because the location is computed by the service provider. In INFOCOM'14, Li et al. presented PriWFL, a WiFi fingerprint localization system based on additively homomorphic Paillier encryption, that was claimed to protect both the users' location privacy and the service provider's database privacy. In this paper, we demonstrate a severe weakness in PriWFL that allows an attacker to compromise the service provider's database under a realistic attack model and also identify certain other problems in PriWFL that decrease its localization accuracy. Hence, we show that PriWFL does not solve the privacy problems of WiFi fingerprint localization. We also explore different solutions to implement secure privacy-preserving WiFi fingerprint localization and propose two schemes based on Paillier encryption which do not suffer from the weakness of PriWFL and offer the same localization accuracy as the privacy-violating schemes.

Category / Keywords: cryptographic protocols / Localization, privacy, security, WiFi fingerprint, cryptanalysis, homomorphic encryption, attack

Original Publication (with major differences): IEEE International Conference on Computer Communications 2018 (INFOCOM 2018)

Date: received 9 Mar 2018

Contact author: zheng yang at helsinki fi

Available format(s): PDF | BibTeX Citation

Version: 20180309:163010 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]