eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.

Paper 2020/1583

HERMES: Scalable, Secure, and Privacy-Enhancing Vehicle Access System

Iraklis Symeonidis, Dragos Rotaru, Mustafa A. Mustafa, Bart Mennink, Bart Preneel, and Panos Papadimitratos


We propose HERMES, a scalable, secure, and privacy-enhancing system for users to share and access vehicles. HERMES securely outsources operations of vehicle access token generation to a set of untrusted servers. It builds on an earlier proposal, namely SePCAR [1], and extends the system design for improved efficiency and scalability. To cater to system and user needs for secure and private computations, HERMES utilizes and combines several cryptographic primitives with secure multiparty computation efficiently. It conceals secret keys of vehicles and transaction details from the servers, including vehicle booking details, access token information, and user and vehicle identities. It also provides user accountability in case of disputes. Besides, we provide semantic security analysis and prove that HERMES meets its security and privacy requirements. Last but not least, we demonstrate that HERMES is efficient and, in contrast to SePCAR, scales to a large number of users and vehicles, making it practical for real-world deployments. We build our evaluations with two different multiparty computation protocols: HtMAC-MiMC and CBC-MAC-AES. Our results demonstrate that HERMES with HtMAC-MiMC requires only approx 1,83 ms for generating an access token for a single-vehicle owner and approx 11,9 ms for a large branch of rental companies with over a thousand vehicles. It handles 546 and 84 access token generations per second, respectively. This results in HERMES being 696 (with HtMAC-MiMC) and 42 (with CBC-MAC-AES) times faster compared to in SePCAR for a single-vehicle owner access token generation. Furthermore, we show that HERMES is practical on the vehicle side, too, as access token operations performed on a prototype vehicle on-board unit take only approx 62,087 ms.

Available format(s)
Publication info
Preprint. MINOR revision.
secure multiparty computationvehicular sharingoptimisation
Contact author(s)
iraklis symeonidis @ icloud com
2021-03-19: last of 4 revisions
2020-12-21: received
See all versions
Short URL
Creative Commons Attribution


      author = {Iraklis Symeonidis and Dragos Rotaru and Mustafa A.  Mustafa and Bart Mennink and Bart Preneel and Panos Papadimitratos},
      title = {HERMES: Scalable, Secure, and Privacy-Enhancing Vehicle Access System},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1583},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/1583}},
      url = {https://eprint.iacr.org/2020/1583}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.