Professional Documents
Culture Documents
16 22111021 DrashtantSinghRathod
16 22111021 DrashtantSinghRathod
16 22111021 DrashtantSinghRathod
CRITIQUED BY :
DRASHTANT SINGH RATHOD (22111021)
In this paper, they explored the use of smart contracts for secure car sharing, and
proposed a novel approach that leverages the benefits of blockchain technology.
Our method involves creating a blockchain-based platform that uses smart
contracts to automate the process of car sharing, from booking and payment to
access control and dispute resolution. By doing so, we eliminate the need for
intermediaries and reduce the risk of fraud and misuse.
This work proposes a novel peer-to-peer car booking and payments system, named
SC2Share. SC2Share works along the existing car access provision protocols such as
SePCAR and uses a smart contract to register car sharing offers, match requests
and settle payments.
RELATED WORK
SePCAR (Symeonidis et al., 2017) is a car sharing system that extends earlier work
detailed in (Symeonidis et al., 2016) and offers high security and privacy features.
The system is made up of numerous functional parts. Just those that are pertinent
to our system are listed. Users who want to hire a car are known as consumers,
while users who are prepared to share their cars are known as owners. Authorities
are the bodies in charge of making sure that the entire system is legal and of
settling any conflicts between users.
The SePCAR protocol begins with the owner and customer agreeing on the specifics
of the reservation. The system server encrypts these booking details and generates
an access token because they contain sensitive information like the identities of the
owner, customer, and the car as well as the length of time and location that it was
SC2Share: Smart Contract for Secure Car Sharing
2
used. The consumer can then retrieve this access token from a public ledger where
it is kept. A customer then uses this token to unlock the car without disclosing his
personal information. The secrecy of the car key and reservation information is
likewise guaranteed by SePCAR.
SYSTEM MODEL
Their system model consists of multiple entities:
➢ Car Owner Nodes: Car owners can register their cars on the platform
and use their nodes to manage the sharing of their cars, including
setting the rental fee and approving rental requests.
➢ User Nodes: Users can also register on the platform and use their
nodes to search for available cars, make rental requests, and pay for
the rentals.
➢ Car: Available/ Underused car that is to be shared. The provision to
access the car is handled by any robust protocol, say SePCAR.
➢ Blockchain Network: The platform uses a blockchain network to store
the smart contracts, transaction records, and other data related to car
sharing.
3
METHODOLOGY
Providing a high level overview of how their system works. It consists of seven steps
described below.
1. Firstly, On the blockchain, an owner deploys a smart contract and funds it with x
amount of ether.
2. A customer also deposits x ether in the deployed smart contract and submits a
request to hire the vehicle.
4. Once the specifics are agreed upon, the owner uses his private key to sign and
the customer's public key to encrypt the booking information. After encrypting the
information, he sends it to the smart contract storage and grants the customer
access to the vehicle. The customer can access and decrypt the encrypted
information stored in the smart contract using his private key. However, They do
not encrypt all of the data kept in booking details.
4
b. Data that remain unencrypted include Car plate number, Location of
the car, Car type, Car access rights and Type of the car.
5. The customer has access to the vehicle and utilizes it for the predetermined
period of time.
6. The customer finishes the car rental transaction by returning the owner's vehicle
to the predetermined place after finishing the journey.
7. After the procedure is complete, the owner and the customer can each withdraw
their earnings and balances in turn.
5
Figure 2: Algorithms for SC2 Share
NOVELTIES
The major merit of this study is the full decentralization of the car booking and
payments system which they called SC2Share, making it possible to incorporate it
with car access provision protocols. This would facilitate a secure and private car
sharing environment without the need of any intermediary.
6
➢ Handling of cancellations and extra time requests: The smart contract is
designed in such a way that it is able to handle cancellations and extra time
requests by deducting the required extra amount from the consumer's
deposit and transferring it to the owner.
➢ Multi-party security and privacy: The system ensures the security and privacy
of all parties involved in the car sharing process, including car owners,
renters, and platform operators, by utilizing cryptographic techniques such
as encryption, hashing, and digital signatures.
➢ Extra time surcharge: The system allows car owners to charge extra for
extended usage of the car by the renters and automatically deducts the
required amount from the renter's deposit.
SHORTCOMINGS
I found quite a few shortcomings of this paper. First and foremost, there is no
evidence of the real-world testing of their proposed smart contract for secure car
sharing. While they conducted experiments on a simulated environment, it is
unclear how the system would perform in real-world scenarios.
In the Algorithm 1 section of the smart contract, the line 7 and 8 indicate x amount
of ethers are being deposited by the consumer and the owner both as a caution
money. It is explicitly written in the paper that this x amount is same for both owner
and the consumer. I do not agree with this same amount of x ethers. There should
only be a penalty amount for the car owner that should be deposited by him and
this amount should be less than the x ethers that the consumer will deposit.
In the same section, line 11 and 12 indicate two nested conditions, when the owner
allows car usage and the owner wants to cancel. These two nested conditions do
not make much of a sense to me. I feel that there was no need for this nested
condition as the corresponding ‘else’ statement is already given in the algorithm. If
the owner wants to cancel, it can cancel by following the else path.
In line 21 of the same section, where the consumer takes extra time, algorithm 3 is
initiated. But there is no call to algorithm 4 provided inside algorithm 3. There
should be a call to algorithm 4 inside algorithm 3 at line number 6.
7
Figure 3: Algorithm for SC2 Share Main and Car access
Also I felt that there is a lack of comparative analysis in the paper. The authors did
not compare their proposed system with existing car-sharing platforms or other
similar blockchain-based solutions. This makes it difficult to evaluate the
effectiveness of the proposed system in comparison to others.
Also the proposed system relies heavily on the Ethereum blockchain, which has
known limitations in terms of scalability and transaction fees. This could limit the
adoption of the system in the long run.
8
REFERENCES
[1] Madhusudan, A., Symeonidis, I., Mustafa, M., Zhang, R., & Preneel, B. (2019).
SC2Share: Smart Contract for Secure Car Sharing. Proceedings of the 5th
International Conference on Information Systems Security and Privacy.
https://doi.org/10.5220/0007703601630171
[2] Symeonidis, I., Aly, A., Mustafa, M. A., Mennink, B., Dhooghe, S., & Preneel, B.
(2017). SePCAR: A Secure and Privacy-Enhancing Protocol for Car Access Provision.
Computer Security – ESORICS 2017, 475–493.
https://doi.org/10.1007/978-3-319-66399-9_26
[4] Symeonidis, I., Mustafa, M.A., and Preneel, B. (2016). Keyless car sharing system:
A security and privacy analysis. In IEEE International Smart Cities Conference (ISC2
2016), pages 1-8