Contribution to Proof-of-Location Systems
Date
2023-05-03
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Proof-of-Location (POL) is a type of credential system that allows a user to obtain proof-of-location tokens (pol), attesting their visit to some location at some time, that they can later present to another party for receiving services. POL is gaining popularity due to its numerous applications, including location-based rewards, multi-factor authentication, and access control. POLs require a secure technique to verify
the user’s location or proximity to a trusted infrastructure node as a prerequisite for issuing a pol token. Distance bounding protocols satisfy the required security properties that securely put an upper bound between two entities in real-time, and are thus considered an essential building block in designing proof-of-location systems. In this thesis, a number of shortcomings in POL systems and in distance bounding protocols are identified and addressed. The thesis is divided into two parts – the first part focuses on the modeling and designing of POL systems, physical attack on infrastructure nodes of POL systems, composability of POL with other protocols, user-controlled access of pol tokens, and verifying a sequence of pol tokens that are stored on an untrusted user’s device. The second part concentrates on the building block of POL systems – the distance bounding protocols, which offer cryptographic security to verify the proximity between two entities. The research aims to address the challenges of existing distance bounding protocols, such as high implementation costs and vulnerability to attacks using directional antennas and collusion of multiple users. Consequently, the contributions of this thesis are presented in five sections, each covering one or more research problems, including providing a solid foundation for the design and analysis of POL systems and designing provably secure POL schemes that protect user anonymity against pol issuer and verifier, protecting against location tampering attacks on infrastructure nodes, ensuring user-controlled pol accessibility when the user is offline, preserving security guarantees when POL is composed with other protocols, proving a subsequence of POL tokens while ensuring efficient storage and user anonymity, designing distance bounding protocols that do not require multiple rounds in the fast-exchange phase, and protecting distance bounding protocols from novel attacks while ensuring user anonymity.
Description
Keywords
proof-of-location, distance bounding protocol, location information security, location information privacy, location-based services
Citation
Akand, M. M. R. (2023). Contribution to Proof-of-Location systems (Doctoral thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca.