Position Based Cryptography

  • Nishanth Chandran
  • Vipul Goyal
  • Ryan Moriarty
  • Rafail Ostrovsky
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5677)

Abstract

We consider what constitutes identities in cryptography. Typical examples include your name and your social-security number, or your fingerprint/iris-scan, or your address, or your (non-revoked) public-key coming from some trusted public-key infrastructure. In many situations, however, where you are defines your identity. For example, we know the role of a bank-teller behind a bullet-proof bank window not because she shows us her credentials but by merely knowing her location. In this paper, we initiate the study of cryptographic protocols where the identity (or other credentials and inputs) of a party are derived from its geographic location.

We start by considering the central task in this setting, i.e., securely verifying the position of a device. Despite much work in this area, we show that in the Vanilla (or standard) model, the above task (i.e., of secure positioning) is impossible to achieve. In light of the above impossibility result, we then turn to the Bounded Storage Model and formalize and construct information theoretically secure protocols for two fundamental tasks:
  • Secure Positioning; and

  • Position Based Key Exchange.

We then show that these tasks are in fact universal in this setting – we show how we can use them to realize Secure Multi-Party Computation.Our main contribution in this paper is threefold: to place the problem of secure positioning on a sound theoretical footing; to prove a strong impossibility result that simultaneously shows the insecurity of previous attempts at the problem; and to present positive results by showing that the bounded-storage framework is, in fact, one of the “right” frameworks (there may be others) to study the foundations of position-based cryptography.

References

  1. 1.
    Aumann, Y., Rabin, M.O.: Information theoretically secure communication in the limited storage space model. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 65–79. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  2. 2.
    Brands, S., Chaum, D.: Distance-bounding protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  3. 3.
    Bussard, L.: Trust Establishment Protocols for Communicating Devices. Ph.D thesis, Eurecom-ENST (2004)Google Scholar
  4. 4.
    Cachin, C., Maurer, U.M.: Unconditional security against memory-bounded adversaries. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 292–306. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  5. 5.
    Capkun, S., Cagalj, M., Srivastava, M.: Secure localization with hidden and mobile base stations. In: IEEE INFOCOM (2006)Google Scholar
  6. 6.
    Capkun, S., Hubaux, J.-P.: Secure positioning of wireless devices with application to sensor networks. In: IEEE INFOCOM, pp. 1917–1928 (2005)Google Scholar
  7. 7.
    Chandran, N., Goyal, V., Moriarty, R., Ostrovsky, R.: Position based cryptography. Cryptology ePrint Archive (2009), http://eprint.iacr.org/2009/
  8. 8.
    Di Crescenzo, G., Lipton, R.J., Walfish, S.: Perfectly secure password protocols in the bounded retrieval model. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 225–244. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Ding, Y.Z.: Oblivious transfer in the bounded storage model. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 155–170. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Ding, Y.Z.: Error correction in the bounded storage model. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 578–599. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Dziembowski, S.: Intrusion-resilience via the bounded-storage model. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 207–224. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Dziembowski, S.: On forward-secure storage. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 251–270. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Dziembowski, S., Maurer, U.M.: On generating the initial key in the bounded-storage model. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 126–137. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Dziembowski, S., Pietrzak, K.: Intrusion-resilient secret sharing. In: FOCS 2007: Proceedings of the 48th Annual IEEE Foundations of Computer Science (2007)Google Scholar
  15. 15.
    Goldwasser, S., Kalai, Y.T., Rothblum, G.N.: One-time programs. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 39–56. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  16. 16.
    Katz, J.: Universally composable multi-party computation using tamper-proof hardware. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 115–128. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  17. 17.
    Lu, C.-J.: Encryption against storage-bounded adversaries from on-line strong extractors. J. Cryptology 17(1), 27–42 (2004)MathSciNetCrossRefMATHGoogle Scholar
  18. 18.
    Maurer, U.M.: Conditionally-perfect secrecy and a provably-secure randomized cipher. J. Cryptology 5(1), 53–66 (1992)MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Moran, T., Shaltiel, R., Ta-Shma, A.: Non-interactive timestamping in the bounded storage model. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 460–476. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. 20.
    Sastry, N., Shankar, U., Wagner, D.: Secure verification of location claims. In: WiSe 2003: Proceedings of the 2003 ACM workshop on Wireless security, pp. 1–10 (2003)Google Scholar
  21. 21.
    Singelee, D., Preneel, B.: Location verification using secure distance bounding protocols. In: IEEE Conference on Mobile Adhoc and Sensor Systems Conference (2005)Google Scholar
  22. 22.
    Vadhan, S.P.: Constructing locally computable extractors and cryptosystems in the bounded-storage model. J. Cryptology 17(1), 43–77 (2004)MathSciNetCrossRefMATHGoogle Scholar
  23. 23.
    Vora, A., Nesterenko, M.: Secure location verification using radio broadcast. In: Higashino, T. (ed.) OPODIS 2004. LNCS, vol. 3544, pp. 369–383. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  24. 24.
    Zhang, Y., Liu, W., Fang, Y., Wu, D.: Secure localization and authentication in ultra-wideband sensor networks. IEEE Journal on Selected Areas in Communications 24, 829–835 (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Nishanth Chandran
    • 1
  • Vipul Goyal
    • 1
  • Ryan Moriarty
    • 1
  • Rafail Ostrovsky
    • 2
  1. 1.Department of Computer ScienceUCLAUSA
  2. 2.Department of Computer Science and MathematicsUCLAUSA

Personalised recommendations