Secure Verification of Location Claims - PowerPoint PPT Presentation

About This Presentation
Title:

Secure Verification of Location Claims

Description:

... frequency at the speed of light ) and sound (ultrasound at the speed of sound) ... l R AND elapsed time d( v , l ) . (c-1 s-1) 11/7/09. By Alvaro E. Escobar. 5 ... – PowerPoint PPT presentation

Number of Views:24
Avg rating:3.0/5.0
Slides: 14
Provided by: Alv87
Learn more at: https://www.cse.fau.edu
Category:

less

Transcript and Presenter's Notes

Title: Secure Verification of Location Claims


1
Secure Verification of Location Claims
  • In the physical world, identity is not the only
    thing that matters.
  • Physical location of the requester plays an
    important role in determining access rights.
  • Secure Verification of Location Claims comes
    natural in the physical world but not in
    information systems.
  • Location verification enables the Secure
    Verification of Location Claims.
  • Secure Verification of Location Claims benefits
  • It is Natural .
  • No need to establish shared secrets in advance.

2
Secure Verification of Location Claims
  • Let be a set of Verifiers V, Prover p and Region
    R.
  • location determination problem verifier
    actively seeks provers exact location.
  • In-region verification problem prover claims a
    location and verifier accepts or rejects it.
  • In-region verification problem is easier to
    tackle.
  • p claims to be in R and v ? V accepts or rejects.

3
Secure Verification of Location Claims
  • Model Assumptions
  • No attempt to verify exact location of the
    prover.
  • Attempt t verify location claims for regions R
    near V.
  • Verifier and prover communicate using RF (radio
    frequency at the speed of light ) and sound
    (ultrasound at the speed of sound).
  • Prover must be able to bound its processing
    delay (time to digest signal).
  • Prover and verifier know region R a priori.

4
Secure Verification of Location Claims
  • Model Protocol
  • Does not require Cryptography
  • Does not require time synchronization
  • Does not require any prover verifier agreement.
  • Suitable for low-cost sensor networks (low CPU
    and Memory reqs.).
  • Uses Time-of-Flight to estimate distance.
  • p ---RF---? v p reports location l
  • v ---RF---? p v sends nonce N (at light
    speed c)
  • p --Sound-? v p sends nonce N (at sound
    speed s)
  • v accepts location claim iff
  • l R AND elapsed time d( v , l ) . (c-1
    s-1)

5
Secure Verification of Location Claims
  • Possible Attacks
  • Prover tries to cheat by delaying response.
  • Not good. Will appear to be further away.
  • Prover tries to cheat by starting response
    transmission early.
  • Not possible. Nonce is randomly generated and
    must be known before response.
  • p ---RF---? v p reports location l
  • v ---RF---? p v sends nonce N (at light
    speed c)
  • p --Sound-? v p sends nonce N (at sound
    speed s)
  • v accepts location claim iff
  • l R AND elapsed time d( v , l ) . (c-1
    s-1)

6
Secure Verification of Location Claims
  • Processing Delay
  • Prover requires some time (?p) to process nonce
    N.
  • Prover is aware of its ?p and reports it to the
    verifier.
  • p ---RF---? v p reports location l and
    ?p
  • v ---RF---? p v sends nonce N (at light
    speed c)
  • p --Sound-? v p sends nonce N (after ?p
    seconds)
  • v accepts location claim iff
  • l R AND elapsed time d( v , l ) . (c-1
    s-1) ?p

7
Secure Verification of Location Claims
  • Possible Attacks.again.
  • Prover tries to cheat by reporting location l at
    border of region R and overstating processing
    delay ?p.
  • Verifier shrinks allowable region by s.?p.
  • ROA(v,?p) Region Of Acceptance where location
    claims are permitted by v if the claimed
    processing delay is ?p.
  • ROA(v,0) R

8
Secure Verification of Location Claims
  • Non-uniform Regions
  • ROA must be a circle since signals travel at the
    same speed in all directions.
  • ROA must be wholly contained in region R so as to
    not accept a location claim outside of R.
  • ROA should be largest circle that fits within R.

ROA(v,0)
.p
.v
ROA(v,?p)
R
9
Secure Verification of Location Claims
  • Non-uniform Regionscontinue.
  • Let ROA(?p) region where at least one verifier
    node can prove location claim.
  • ROA(?p) ?ROA(v,?p)
  • More than one verifier might be eligible.
  • Prover does not gain any advantage by selecting a
    different verifier.
  • Coverage ROA(?p) / R

10
Secure Verification of Location Claims
  • Possible Attacks.once more.
  • remote actuation complice inside R helps
    remote attacker.
  • Low-delay remote actuation of sonic signals is
    infeasible.

11
Secure Verification of Location Claims
  • Rejected Variants
  • (radio, sound) ? (radio, radio)
  • Error term ?p.c would be very large (may exceed R
    and verifier may not accept location claims at
    all.
  • (radio, sound) ? (sound, radio) or (sound, sound)
  • May attack with laser-based remote bugging of
    sound.

12
Secure Verification of Location Claims
  • Protocol Variant
  • Keyed Echo Protocol
  • All verifiers and a prover share a key, therefore
    verifier can verify that a particular prover is
    inside R.
  • p ---RF---? v p reports location l and
    ?p
  • v ---RF---? p v sends nonce N (at light
    speed c)
  • p --Sound-? v p sends nonce N (after ?p
    seconds)

13
Secure Verification of Location Claims
  • Future Work
  • More precise region verification.
  • Location-limited channels Comm. Mechanism
    restricted to short range.
  • GPS (Global Positioning System) Do not address
    security
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Secure Verification of Location Claims" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!