Slashdot Mirror

← Back to Stories (view on slashdot.org)

Authentication Via Geographical Location?

Posted by Cliff on from the where-am-I-now? dept.

RudeDude asks: " While reading Cryptonomicon I became a bit paranoid about encryption and digital signatures but it has me thinking a bit as well. I'm trying to visualize a way to prove my physical location in a cryptographically strong way and I can't think of one. My digital signature proves who I am, but wouldn't it be nice if I could also give proof of my physical location at a given time stamp? I've thought of only a few things that would be very hardware dependent, etc. but what I really think would be cool would be something that is as strong as digital signatures. Some sort of GPS/MD5 signature that a third party could confirm so that it would be impossible to spoof my location. " This question has been asked a bit by people looking to restrict services to various countries, but currently one can't be sure if the IP a person is using is really the location from which the connection is being made. Would a system like the one described above be a possible answer?

"This is mostly just a thought experiment, but I am curious to see what other Slashdot readers could maybe dream up. In my opinion (and I'm sure many others as well) my current meatspace coordinates usually mean much less than my network 'location' does, but I can think of many times where proving my meatspace location could be just as important as proof of identity."

15 of 159 comments (clear)

  1. Base it on a SecurID-type model? by The+Dodger · · Score: 3

    Hmmmmmmmmm... How about a gadget that combines a GPS receiver with a SecurID-style method of embedding your physical location, along with your digital signature, into a string of numbers.

    The idea is, you're doing whatever you're doing, wherever in the world, on whatever computer. Let's say you're logging into something - you just use the Gadget the same way as we use SecurID cards/fobs today - tap in the string of digits that appears on the screen. Actually, it would have to be longer than six digits. Perhaps using Hexadecimal would be better, although that would mean that the Gadget would need a better display... Well, most GPS receivers I've seen are capable of displaying text anyway.

    Anyway, if you do that, the equivalent of the ACE Server (the server that authenticates SecurID users) at the other end can authenticate you and determine where you are.

    Only problem is I can't figure out how to make this an open system, without opening it to abuse, in the same way that if we all knew what algorithm RSA use for SecurID, we'd be able to come up with the 6-digit code, simply by knowing a fob's serial number.

    Also, how to use it to digitally sign emails...

    Hmmmmm... Further thought required.


    D.

  2. Re:But... by SEWilco · · Score: 3

    Let's see.. the induction charger in my bed was working, so my battery is charged. When I step by the window, my phone chirped in my ear to tell me the GPS unit and the phone are working. I just need to polish the webcam lens in my forehead, and I'll be ready to step out in Public where I have nothing to hide. I sure am not going to be like that sap last week that couldn't prove that he wasn't at the bar robbery...

  3. Impossible in the general case by DrZircon · · Score: 3

    A simple hardware solution is not enough - the hardware needs to be permanently fixed to the same location as the person (i.e. physically embedded and all that that implies) and needs to be non-spoofable. Embedded solutions present the rather daunting prospect of spoofers removing the apparatus.... (Think Leila in Futurama and her job chip)

    The only other way to achieve position guarantees would involve trusted 3rd parties (postion escrow anyone?) and we all know how much we trust those kinds of solutions! (Unless we are talking about people who are detained at the government's pleasure)

  4. Doesn't this exist already? by edibleplastic · · Score: 3
    At least in theory? Unless I misread/misunderstood this article/question, Quova can pinpoint the geographic location of Internet users in real time. Would this be what is needed?

    Of course then you'd have to deal with spoofing...

  5. Re:But... by DrWiggy · · Score: 3

    Errmm.... surely if his GPS data is encrypted with his private key then isn't that enough to "prove" that at least he believes that his GPS is with him?

    The problem here is dealing with the GPS data. You basically have to prove that the data has come a GPS receiver that has been unmodified. There is nothing stopping me fixing the stream of GPS data to the application signing it, to make it look as though I was anywhere in the world. Therefore there are several areas you have to lock down to make sure that this data is authenticable:

    1. The position determined by the GPS receiver is accurate, and can not be manipulated by somebody with a small transceiver nearby convincing the GPS receiver that you are located somewhere else. On a 3 or 4 satellite track, you may not be able to move youself very far, but in the US you could probably "cross" a state boundary, and in Europe you could probably mangle things around to move across country borders.

    2. Once you can be sure that the data being received by the GPS receiver is genuine, you have to get it into the PC untampered. What's more, it has to make it all the way to being signed without being vulnerable to tampering at any point. If the longitude and latitude is stored somewhere in memory location 'X' just before being signed, I could conceivably tamper with it.

    3. You then of course have to sign it, and then ensure that this mechanism is strong and that it can't be manipulated either at this stage or further along the transmission.

    The problem really is that signing the location is the wrong approach - you have both your private and public key, and you can sign *ANYTHING* you want to authenticate it as belonging to you, but in actual fact, you need the GPS receiver to store the private/public pair and not divulge it to anybody else. How then, do you stop people tampering with the receiver?

    Thinking about it, I think that may be the best approach - the GPS does the crypto internally, and you build measures to ensure that it can't be tampered with. Even then, you still have to make sure you're talking to a real GPS receiver etc. so challenge/response stuff may have to be added in. Nasty.

  6. The future is here by CaptainZapp · · Score: 3
    Actually that works pretty well with GSM phones (and probably other standards too).

    The SIM is your encrypted device. To activate it you need a PIN, which could be considered your digital signature and presto:

    The location of Your SIM is trackable within a couple 100 yards or so.

    The problem of course is, that the location is attached to the device. Nobody prevents you from sticking it under a car and pretend that you went all the way from Malmoe to Lissabon.

    That's probably also the most tricky issue with your question:

    How can you make a position dependant signature device independant, or at least (if you use a device) make it non-functional if you're not physically there.

    --
    ich bin der musikant

    mit taschenrechner in der hand

    kraftwerk

  7. Pseudo-random data stream? by AlphaOne · · Score: 3

    Since GPS uses pseudo-random data streams, couldn't you prove your position at a particular time by somehow inserting the timestamp data from the four satellites you're talking to into the digital signature?

    Or would that be easily faked?

    I'm not a GPS expert, so I don't really know for certain.

    -C
    --

    --
    All opinions presented here aren't mine.
    1. Re:Pseudo-random data stream? by HuskyDog · · Score: 4
      Some of my colleagues here at the British MOD have a GPS simulator which they use for various navigation research tasks. Basically you connect your GPS receiver antenna input to this box of tricks, then type a lat/lon, date and time into the simulator and voila!

      So, the bottom line is that anything that relies on GPS data can be faked. Obviously these simulators are expensive, but I presume that the GPS receiver manufacturers all have them, so there most be quite a few in the world.

  8. Re:Location Authenticator? by billybob2001 · · Score: 3
    How about having to provide a DNA sample?

    Extremely easy when surfing pr0n.

  9. Re:But... by henley · · Score: 4

    Errmm.... surely if his GPS data is encrypted with his private key then isn't that enough to "prove" that at least he believes that his GPS is with him?

    The chain of trust is therefore:

    • Exchange public keys
    • Validate trust in public keys (as per normal)
    • Owner validates trust in GPS location
    • Owner encrypts / signs position information packet from GPS with private key
    • Receiver party validates postion against public key

    At the end of this exchange, the receiver trusts that the owner believes s/he's in the position exchanged between them.

    This doesn't cover the case that the authentic Owner is trying to spoof his location, but I don't believe that was the question - which I read as "How can I prevent someone masquarading as me from a remote location at a given time?"

    --

    --
    I'd rather have a bottle in front of me than a frontal lobotomy
  10. But... by komet · · Score: 4

    even if you could prove that your GPS receiver was at position X at time T, how would you prove that YOU were also there? Unless it's implanted under your skin...

    Of course, it really depends what you want to do. In Switzerland, devices are being installed into trucks which register position and time in order to collect road taxes. The device is attached to the vehicle and tampering with the fixing will probably get you a heavy fine.

    --
    Any technology which is distinguishable from magic is not sufficiently advanced.
  11. Mobile computing? by Engmir · · Score: 4

    Come on, this cant' be a serious idea. With the increase in mobile computing, you can't expect anyone to have his/her computer in a fixed place... Besides you can use a proxy that's not in the same location as you are, so that won't prove your identity either...

  12. Fringe benefits for various internet sites by Brento · · Score: 5

    The internet gambling industry has been looking for something like this for quite a while. If people can prove they're inside physical areas that are allowed to gamble, suddenly internet gambling is wide open for companies like Harrah's and Caesar's to take on. Currently they can't do it for fear of being sued in areas where gambling is illegal.

    The drawback: pr0n users in the bible belt would be suddenly unable to hit their favorite sites. Site operators would restrict content to areas where they could be certain of legalities.

    And even worse, Amazon could now target prices based on the economy of your neighborhood.

    --
    What's your damage, Heather?
  13. A solution of sorts by Peter+Eckersley · · Score: 5
    GPS isn't really enough. You need to have something which you couldn't have had if you were anywhere else. Satellites could give you this, but only if they beamed different, cryptographically secure, messages in different directions.

    The simplest example would be an "authentication satellite", where Jane asks the satellite,

    "is Bob really in France?"

    ...Satellite sends encrypted message for Bob in the direction of France...

    If Bob knows the contents of the message, he's in France.

    Of course, Bob could just have a tranceiver in France.... so.... quantum encrypt it in a single photon :). Single photon quantum encyption is nearly good enough for Earth-satellite links, IIRC.

    None of this fixes the "problem" (is it really a bad thing?) mentioned elsewhere in this discussion, that physical devices and people are separable...

    --
    Fixing copyright
  14. only on slashdot by nomadic · · Score: 5

    So we go from people complaining that new technology can be used to track them to complaining that new technology can't be used to track them.
    --