PROPS: A PRivacy-Preserving Location Proof SystemReport as inadecuate

PROPS: A PRivacy-Preserving Location Proof System - Download this document for free, or read online. Document in PDF available to download.

1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE 2 LAAS-TSF - Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique LAAS - Laboratoire d-analyse et d-architecture des systèmes Toulouse

Abstract : A secure location-based service requires that a mobile user certifies his position before gaining access to a resource. Currently, most of the existing solutions addressing this issue assume a trusted third party that can vouch for the position claimed by a user. However, as computation and communication capacities become ubiquitous with the large scale adoption of smartphones by individuals, we propose to leverage on these resources to solve this issue in a collaborative and private manner. More precisely, we introduce PROPS, for PRivacy-preserving lOcation Proof System, which allows users to generate proofs of location in a private and distributed way using neighboring nodes as witnesses. PROPS provides security properties such as unforgeability and non-transferability of the proofs, as well as resistance to classical localization attacks. I. INTRODUCTION A Location-Based Service LBS takes advantage of the position of its users to deliver a service tailored to their current or past geolocated context. In practice, the position that a user transmits to an LBS is often computed determined by his own device. Thus, a malicious user can lie about his position by having his device transmitting a location of his choice. This type of attack can have a severe impact on applications such as real-time traffic monitoring, location-based access control, discount tied to the visit of a particular shop or local electronic election, to name a few. To counter this threat, an LBS should require its users to prove their actual or past position before granting them access to resources. This notion has been formalized through the concept of location proof LP, which is a digital certificate attesting the position of a user at a specific moment in time. A location proof architecture is a trusted architecture that users can interact with to acquire LPs in a secure manner. However, relying on a dedicated architecture to certify the position of users raises important privacy concerns. First, the location privacy of users can be breached due to their regular interactions with the infrastructure traceability issue. Another issue is for a malicious user to collect proof on behalf of another user with whom he colludes. This problem is known as the terrorist fraud in the literature of distance-bounding protocols. Furthermore, since often a LP is actually mainly a timestamped signature of a position, there is no mean for a user to change the granularity of the position endorsed by a LP without risking to tamper with its integrity. This property would be particularly interesting with respect to data minimization as it would enable a user to reveal only the granularity of his position street, district, town,. . . needed by the LBS to ensure its functionality. Finally, in most of the current architectures 16, 27, 24, LPs are stored

Keywords : Privacy Location-based services Proof

Author: Sébastien Gambs - Marc-Olivier Killijian - Matthieu Roy - Moussa Traoré -



Related documents