Secure location verification: a security analysis of GPS signal authentication
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
A survey on RFID security and provably secure grouping-proof protocols
International Journal of Internet Technology and Secured Transactions
Realization of RF distance bounding
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Group distance bounding protocols
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
GeoEnc: geometric area based keys and policies in functional encryption systems
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Position-based quantum cryptography: impossibility and constructions
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Secure localization using dynamic verifiers
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
A formal approach to distance-bounding RFID protocols
ISC'11 Proceedings of the 14th international conference on Information security
A position paper on data sovereignty: the importance of geolocating data in the cloud
HotCloud'11 Proceedings of the 3rd USENIX conference on Hot topics in cloud computing
AMORES: an architecture for mobiquitous resilient systems
Proceedings of the 1st European Workshop on AppRoaches to MObiquiTous Resilience
Feasibility of position-based multivariate cryptosystems for WSN
International Journal of Internet Technology and Secured Transactions
Proceedings of the 4th conference on Innovations in Theoretical Computer Science
Geolocation of data in the cloud
Proceedings of the third ACM conference on Data and application security and privacy
Secure localization and location verification in wireless sensor networks: a survey
The Journal of Supercomputing
Hi-index | 0.00 |
We consider what constitutes identities in cryptography. Typical examples include your name and your social-security number, or your fingerprint/iris-scan, or your address, or your (non-revoked) public-key coming from some trusted public-key infrastructure. In many situations, however, where you are defines your identity. For example, we know the role of a bank-teller behind a bullet-proof bank window not because she shows us her credentials but by merely knowing her location. In this paper, we initiate the study of cryptographic protocols where the identity (or other credentials and inputs) of a party are derived from its geographic location.We start by considering the central task in this setting, i.e., securely verifying the position of a device. Despite much work in this area, we show that in the Vanilla (or standard) model, the above task (i.e., of secure positioning) is impossible to achieve. In light of the above impossibility result, we then turn to the Bounded Storage Model and formalize and construct information theoretically secure protocols for two fundamental tasks: Secure Positioning; and Position Based Key Exchange. We then show that these tasks are in fact universal in this setting --- we show how we can use them to realize Secure Multi-Party Computation.Our main contribution in this paper is threefold: to place the problem of secure positioning on a sound theoretical footing; to prove a strong impossibility result that simultaneously shows the insecurity of previous attempts at the problem; and to present positive results by showing that the bounded-storage framework is, in fact, one of the "right" frameworks (there may be others) to study the foundations of position-based cryptography.