Paper 2018/259

The Death and Rebirth of Privacy-Preserving WiFi Fingerprint Localization with Paillier Encryption

Zheng Yang and Kimmo Järvinen


Localization based on premeasured WiFi fingerprints is a popular method for indoor localization where satellite based positioning systems are unavailable. In these systems, privacy of the users' location is lost because the location is computed by the service provider. In INFOCOM'14, Li et al. presented PriWFL, a WiFi fingerprint localization system based on additively homomorphic Paillier encryption, that was claimed to protect both the users' location privacy and the service provider's database privacy. In this paper, we demonstrate a severe weakness in PriWFL that allows an attacker to compromise the service provider's database under a realistic attack model and also identify certain other problems in PriWFL that decrease its localization accuracy. Hence, we show that PriWFL does not solve the privacy problems of WiFi fingerprint localization. We also explore different solutions to implement secure privacy-preserving WiFi fingerprint localization and propose two schemes based on Paillier encryption which do not suffer from the weakness of PriWFL and offer the same localization accuracy as the privacy-violating schemes.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MAJOR revision.IEEE International Conference on Computer Communications 2018 (INFOCOM 2018)
LocalizationprivacysecurityWiFi fingerprintcryptanalysishomomorphic encryptionattack
Contact author(s)
zheng yang @ helsinki fi
2018-03-09: received
Short URL
Creative Commons Attribution


      author = {Zheng Yang and Kimmo Järvinen},
      title = {The Death and Rebirth of Privacy-Preserving WiFi Fingerprint Localization with Paillier Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2018/259},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.