PRE(Proxy re-encryption) is more efficient and scalable than the current encryption solution PKE(public key encryption).
Since I started working in the automotive industry in 2016, traditional car makers have been under pressure from a well-known disruptor in the automotive industry: Tesla.
With its focus on electric and autonomous vehicles, Tesla was a major disruptor but not the only one. The growing popularity of business models such as ride sharing and shared ownership in major economies, as well as increasingly strict emission norms set by regulators, had added to the challenges staring the global automotive industry in the face.
In order to survive in this fast-changing market, many car companies didn’t just adopt Tesla’s approach, they also tried their best to reinvent themselves from hardware-driven to software-driven automobile companies, attempting to radically shift their focus from the decades-old internal combustion engine to software.
As they tentatively took a turn down the street of innovation, car companies realized that the key to the success of their attempted transformation was their ability to release value from the tons of data their cars generated.
Tesla was the pioneer in this too. When traditional carmakers were still relying on feedback from their Tier1/Tier2 suppliers, Tesla was collecting data from its buyers right from the time the first Model S started driving in California. Battery performance, geographic location, sensor fusion, and even driver behavior — Tesla was collecting it all and using it to improve its features.
I assume that today traditional carmakers have acquainted themselves with these tricks and have even replicated them. But strict privacy regulations soon spoiled the party, making such data collection harder and more costly to collect.
It started in 2018, when the European Union enforced the General Data Protection Regulation or GDPR. The law, which is “well known as the toughest privacy and security law in the world”, has had a ripple effect. In the US, California passed its version of the GDPR effective January 2020, with the US states of Virginia, Washington and New York planning to enact their own versions of the law too.
All this means that it cannot be business as usual in software-defined automobile companies. So the question these companies now face is: How do you develop a software-defined car and make it absolutely safe or innovate further — processes that need an incredible amount of user data — without compromising the privacy of customers or breaking the law?
The problems with the current encryption solution
Let’s imagine a scenario that involves personal privacy.
Imagine a car owner or user needs to be able to share their car data with a third party — perhaps an insurance company so that they can get reduced insurance premiums or a MaaS (Mobility as a Service) company to resolve a dispute. Obviously the data owner will not want any other third party to access their data during the transfer process.
Some readers of this blog may say: ‘How hard can it be?” The data must just be encrypted from the OBDX port and sent over the air (OTA) or any other way.
But sending car data is not as easy as sending a single file to someone else. There are two challenges:
These two questions are challenging the current encryption solution — Public Key Encryption or PRE — on efficiency and scalability.
In our opinion, the best way to securely share continuously generated data sources currently is to use Proxy re-encryption or PRE, and not PKE.
Let’s talk about PKE first. The operating logic of PKE is:
1. User Alice uses the symmetric key to encrypt data and generates ciphertext C1.
2. Bob’s public key is used to encrypt the symmetric key to generate ciphertext C2.
3. Bob decrypts C2 with his own private key to obtain the symmetric key.
4. Bob uses the symmetric key to decrypt C1 to obtain the data.
PRE has several advantages over PKE. The operating logic of PRE is:
1. User Alice uses the symmetric key to encrypt data and generates ciphertext C1.
2. Alice’s own public key is used to encrypt the symmetric key to generate ciphertext C2.
3. Generates a re-encryption key for the proxy when receiving an authorization request.
4. The proxy re-encrypts the ciphertext C2 into the ciphertext C3 that Bob can decrypt.
5. Bob decrypts C3 to obtain the symmetric key.
6. Bob uses the symmetric key to decrypt C1 to obtain the data.
Why is PRE better?
PRE is not only more efficient than PKE, it is also more scalable. The scalability of the PRE system is also divided into two aspects. One is the increase of participants (one data source has different end users), the other is the constant increase of user data (once the car is turned on, data is continuously generated).
When adding participants, PRE needs to generate a re-encryption key for the new participant, while the traditional PKE system needs to generate C2 for each new participant. The cost for this is similar, but when Alice uploads new data (new = encrypted with a different key), Alice only needs to update C2 once in the PRE. In the traditional PKE scheme, however, Alice needs to update it once for each receiver. Therefore, PRE has many advantages over PKE such as high efficiency and small transmission volume.
I’d also like to emphasise that although PRE technology looks complicated, its actual cost is lower than that of PKE.
PRE is the future
As I’ve stated before, I believe the best way to share continuously generated data sources currently is to use Proxy re-encryption. Besides vehicles, this technology can also be used in other areas in the automotive industry. For instance, it can facilitate secure data sharing between different suppliers, 4S shop data verifications, or even help bridge data islands inside companies.
When it comes to sensitive data sharing with different parties for data mining or training models, we may come to some other solutions that level up the secure data sharing to privacy computation. Multi-Parties Computation, Federated learning or FHE (Fully Homomorphic Encryption) have become superhot techniques and have started to make a lot of new scenarios possible to be commercialized because they provide another way to share data with an encrypted format but the receiver can still manipulate the data for their own purposes such as training their models on ciphertext.
We hope to address these topics in later blog posts.