Enhanced Privacy-Preserving WiFi Fingerprint Localization from CL Encryption

The WiFi fingerprint-based localization method is considered one of the most popular techniques for indoor localization. In INFOCOM’14, Li et al. proposed a wireless fidelity (WiFi) fingerprint localization system based on Paillier encryption, which is claimed to protect both client C’s location privacy and service provider S’s database privacy. However, Yang et al. presented a practical data privacy attack in INFOCOM’18, which allows a polynomial time attacker to obtain S’s database. We propose a novel WiFi fingerprint localization system based on Castagnos-Laguillaumie (CL) encryption, which has a trustless setup and is efficient due to the excellent properties of CL encryption. To prevent Yang et al.’s attack, the system requires that S selects only the locations from its database that can receive the nonzero signals from all the available access points in C’s nonzero fingerprint in order to determine C’s location. Security analysis shows that our scheme is secure under Li et al.’s threat model. Furthermore, to enhance the security level of privacy-preserving WiFi fingerprint localization scheme based on CL encryption, we propose a secure and efficient zero-knowledge proof protocol for the discrete logarithm relations in C’s encrypted localization queries.