Robust location privacy

Abstract: The Internet is in many ways both fascinating and yet also scary. For most people, a single commercial entity owns the power to disclose all their personal emails. Most commonly your emails are only disclosed to you and your correspondent, but the power to choose who sees these emails is in fact not yours. The power to control the release of data about ones person is what most people refer to as privacy.In spite of this, almost nothing that the Internet is used for gives the originator of a message control over it. When you use a social media platform, you are given the intuition that you choose which friends who can see any posts and photos that you publish, and of course the connection is encrypted to thwart eavesdropping. However, the service provider may still share this data to anyone they like. From a technological standpoint, a user almost never has the power of their data; in other words, there’s normally no privacy on the Internet.This thesis is describes di erent ways of giving end-users more control over some parts of their own personal data using cryptography for the speci c case of location data, enhancing their privacy. The majority of the thesis explores how to make use of location proximity, to check whether to users are close to each other, as a basic primitive while maintaining privacy through additively homomorphic encryption. The thesis further explores the application scenario of ridesharing, or car pooling, using both additively homomorphic encryption and private set intersection. All of the solutions presented sport proven privacy-preserving capabilities, and have been implemented to measure their performance. This thesis shows in what contexts there’s still a ways to go, but also highlights some settings in which it might already be time to move theory into practice.