Browsing by Author "Akand, Md Mamunur Rashid"
Now showing 1 - 2 of 2
Results Per Page
- ItemOpen AccessContribution to Proof-of-Location Systems(2023-05-03) Akand, Md Mamunur Rashid; Safavi-Naeini, Reyhaneh Alsadat; Fong, Philip Wai Leung; Reardon, Joel Christopher; Yanushkevich, Svetlana; Clark, JeremyProof-of-Location (POL) is a type of credential system that allows a user to obtain proof-of-location tokens (pol), attesting their visit to some location at some time, that they can later present to another party for receiving services. POL is gaining popularity due to its numerous applications, including location-based rewards, multi-factor authentication, and access control. POLs require a secure technique to verify the user’s location or proximity to a trusted infrastructure node as a prerequisite for issuing a pol token. Distance bounding protocols satisfy the required security properties that securely put an upper bound between two entities in real-time, and are thus considered an essential building block in designing proof-of-location systems. In this thesis, a number of shortcomings in POL systems and in distance bounding protocols are identified and addressed. The thesis is divided into two parts – the first part focuses on the modeling and designing of POL systems, physical attack on infrastructure nodes of POL systems, composability of POL with other protocols, user-controlled access of pol tokens, and verifying a sequence of pol tokens that are stored on an untrusted user’s device. The second part concentrates on the building block of POL systems – the distance bounding protocols, which offer cryptographic security to verify the proximity between two entities. The research aims to address the challenges of existing distance bounding protocols, such as high implementation costs and vulnerability to attacks using directional antennas and collusion of multiple users. Consequently, the contributions of this thesis are presented in five sections, each covering one or more research problems, including providing a solid foundation for the design and analysis of POL systems and designing provably secure POL schemes that protect user anonymity against pol issuer and verifier, protecting against location tampering attacks on infrastructure nodes, ensuring user-controlled pol accessibility when the user is offline, preserving security guarantees when POL is composed with other protocols, proving a subsequence of POL tokens while ensuring efficient storage and user anonymity, designing distance bounding protocols that do not require multiple rounds in the fast-exchange phase, and protecting distance bounding protocols from novel attacks while ensuring user anonymity.
- ItemOpen AccessIn-region Location Verification Using Distance Bounding(2016) Akand, Md Mamunur Rashid; Safavi-Naini, Reihaneh; Fong, Philip; Jacobson, Michael J. JrLocation-based services have grown rapidly in recent years. Determining the location of a service user, however, appears to come with two seemingly contradictory requirements: on one hand, the location information is needed to be accurate up to a certain level, and on the other hand, the user may want their location information to remain private. The first problem, determining the location of a user is challenging in untrusted settings. An untrusted user may always claim a false location to gain services from a service provider. Sometimes the user may want to claim a shorter distance, and other times a longer one, based on the requirements of the service provider. One of the prominent systems that is being used for the last two decades to validate such claims is distance bounding protocol. Distance (upper) bounding protocol is used to verify that a user (prover) is no farther than a given distance from the verifier. Distance upper bounding protocols have a number of applications, including: secure localization, secure location verification, authentication. A more recent work on distance bounding introduces the dual problem of verifying that a prover is no closer than a given distance from the verifier. The proposed protocol, which is named distance lower bounding, is applicable in scenarios where the privileges are provided to users located far away from the verifier. We propose Distance Range Bounding (DRB) as a new problem that requires a prover to show that its distance from the verifier is between two bounds: a given upper bound and a given lower bound. We provide a formal model that captures security requirements in this scenario. We design a distance range bounding protocol and prove its security with respect to our model. Our protocol is based on two secure distance bounding protocols: a distance upper bounding and a distance lower bounding protocol. We use the two protocols in a way that the new protocol preserves the security property of the original ones and has provable security in DRB model. The distance range obtained by our proposed protocol can be used in the localization algorithms. We use the protocol to design an efficient and robust in-region verification protocol, where the goal is to verify if a user is located within a bounded area/zone. An upfront requirement of location-based services is the users' desire not to reveal their exact location for privacy reasons. In-region location verification systems verify if a user is within a region. Our second contribution is the design of a privacy enhanced location verification system that uses an in-region location verification approach for a given policy area, and verifies whether a location claim is from within the area. The novelty of our work is to use distance range bounding to construct a pseudo-rectangle (P-rectangle) that provides the best coverage for the area, and verify the location claim with respect to the P-rectangle. We define the error in verification decision, and show that it can be reduced by subdividing the area and using multiple rectangles to cover it. We analyze the privacy of the system against an adversary who monitors the radio communication, and use it to infer the location of the prover, and provide methods of protecting against this attack. We discuss our results and propose directions for future research.