Slashdot Mirror
Geo-Encryption: Global Copyright Defense?
An Anonymous Coward writes: "CIO Insight has a story on the copyright-protection scheme devised by Georgetown professor Dorothy Denning. Geo-encryption uses GPS technology to keep information scrambled until it reaches a precise location anywhere in the world. Denning has started a new company, GeoCodex, to capitalize on the technology." I can't wait for the Crypto-Gram article about this one..
GPS Civilian Signal Degradation Turned Off May 1st 2000.
It was around 100 meters in any direction from your current location. And yes, it was by the U.S. government to prevent people from bombing the White House. As if a bomb big enough, off by 100 meters, would actually miss the white house.
They removed it sometime last year, I believe. With 9-11, there are rumors they may impose the restriction again, but that's assuming any primary threats have missiles capable of using GPS.
This restriction would pose little or no problem to people using it for the purposes this article describes. GPS correction is available through a "post-processing" method. You position a GPS base station at a known location. If you take samples at exactly the same time from different locations, those locations are off by exactly the same error vector. So, you simply compare the base station samples to the base station position to get the error vector, and apply this error vector to the roaming samples to get your almost-exact position.
I say almost exact because signals are disrupted by various things. Light and sound are waves; they move at a constant speed as long as the travel medium doesn't change. As a consequence, like sound, light is affected by the doppler effect. It usually isn't significant, but can throw your results off nonetheless.
Clouds, rain, snow, buildings, etc. can also affect the results, as well as the SNR (signal to noise ratio -- measures the amount of readable data to background noise). If the SNR is high, it's unlikely the results will be thrown off significantly. All these problems are virtually unavoidable unless the weather is clear, you have a high channel capacity on your GPS device (8 is usually good, I think available satellites above the horizon range from about 8-11, high on elevated terrain), and there are few if any buildings around.
You need at least n+1 satellites in reach to get nth-dimensional results. So, for planar (2d) positions (latitude/longitude, or azimuth or whatever) you need 3 satellites, and 4 for spatial (3d, 2d + a z-position, your elevation).
The more satellites, the more precise your results are. If the base station is within 500 metres away, and you have real-time correction (which would still help with climate problems), you can get sub-centimetre accuracy.
Dorothy E. Denning and Peter F. MacDoran wrote a article on the subject which was published in Computer Fraud & Security in February of 1996.
To read the article click here.
In addition, her home page is at http://www.cs.georgetown.edu/~denning/.
Some juicy bites from her publications:
..My conclusion is that modern encryption is predominately a privacy
Is Encryption Speech? A Cryptographer's Perspective
enhancing technology rather than speech. Although encryption might be
regarded as a manner of speech, it is unlike other methods in that it
contributes nothing to communication.
One implication of this interpretation is that regulation of encryption
would not violate the First Amendment. Another is that restrictions on
the use of encryption could not be used as a basis for prohibiting the
use of an obscure foreign language or any other ordinary language.
Testimony Before U.S. House of Representatives, May 3, 1994.
"..The Clipper Chip and associated key escrow system is a technically
sound approach for ensuring the security and privacy of electronic
communications. Clipper's SKIPJACK encryption algorithm provides
strong cryptographic security, and the key escrow system includes
extensive safeguards to protect against unauthorized use of keys. The
more advanced chip, Capstone, further provides all the cryptographic
functionality needed for information security on the National
Information Infrastructure."
And there's even more, go and see by yourself. I'm really waiting for the comments from the cryptograhical community on this systems..
V.
Prof. Denning used to be one of the chief supporters of the government's Clipper key escrow system:
Click here to read a letter she wrote at the time.
There must be something they are not telling about, as this sounds really dumb to me.
GPS is really simple in principle. There are 24 satellites in 12 hour orbits, with orbital planes arranged so that at least 4 are up for anyone on the planet at any time. Each satellite sends its own encrypted signal (actually, 2 such) to everyone who can receive it.
The reciever decodes the signal, and checks the time lag between when each satellite's signal was received. That's it. All of the geolocation is deduced from the relative lags of the signals broadcast for all to receive.
Four satellites are needed as the receiver's clock is probably off; two signals are sent as the easily decoded civilian one has errors put in to reduce accuracy (SA - Selective Availability), while the other signal has a military grade encryption.
That's it. My signals differ from yours only based on the relative time delay between them.
So, this is subject to a replay attack - simply record the signal at the desired location and replay it to a receiver at your actual location. This would work even for the military grade encryption, but would require a sensor at the actual target location of the geo-encryption.
To do this near to (within 4000 km or so, so that the same satellites are up) of the target location, record the signal. Figure out the relative time delay's. Playback the signal multiple times with the appropriate lags for the other location. As the receiver uses a convolutional decoder and an omnidirectional antenna, if you do this right, the receiver will lock onto the time shifted satellite, and will come up with the wrong position.
The above replay attack would require a wide bandwidth (few 100 mbps) record capability and (for the time shifted version) a good ephemeris - both easily available. AND, it would work even for encryptions using the military signal.
But, you don't have to go to the trouble, as there is test equipment easily available that will do this for you (it's how you test receivers). This would not work for the encrypted military signal though.
Since these people are not stupid, my guess is they will sell a decrypt chip with with a receiver on it, and maybe use tight time delay's windows to hinder replay attacks. Give me $ 30,000 for test / record equipment, and I will break it even so. Since this level is not out of bounds for industrial movie pirates, "This sounds dumb to me."
I havent had a chance to read it, but the patent for the method is 5,757,916
(http://patft.uspto.gov/netahtml/srchnum.htm and enter the number)
From the abstract: "A method and apparatus for authenticating the identity of a remote user entity where the identity of such user entity is authenticated by use of information specific to geodetic location of the user entity but that changes constantly, making "spoofing" the host device extremely difficult. The invention is preferably implemented utilizing satellite positioning technology to produce the identifying information."
Rig a signal that LOOKS like the coordinates of the correct location and you'll fool the thing into thinking it's in the correct room. Really this is like having 3D cartesian coordinates as the decryption password. Big yawn.
Eat at Joe's.
So once all media is constrained by GPS coordinates, the US gov't could selectively deny unfavored nations access to GPS data, rendering all their DVDs, CDs and eBooks useless?
Sound unlikely? It's interesting that the US is pressuring Europe to shelve its own GPS system.
Domination through media denial: "You want your mTV? Meet our demands."
Kevin Fox
This same idea is used in Greg Egan's SF novel
'Distress', published in June 1997.
This system as described in her paper uses two non-standard GPS receivers, one in the server and one in the client. These GPS receivers are used for client authentication by challenging the client to produce a signature that correctly locates the client to an authorized location and local time within a specified time frame.
The signature is only valid for a 5ms period and corresponds to actual locations of GPS satellites as currently measured by the server.
1) Server asks: at this GPS time marker, two seconds from now, tell me where you are.
2) Client and server wait for the GPS clocks to get to the specified point.
3) Client measures GPS satellite delays, calculates it's position at that moment, builds signature packet (think something like MD-5 digest for this step).
4) Server measures GPS satellite delays at that same moment and waits for the Client response.
5) Client transmits signature.
6) Server receives signature, reads out the location as calculated by the client as well as the digest, applies it's own measurements to the calculated location and verifies the digest was based on actual GPS satellite locations.
7) Server begins transmission of requested stream.
This defeats the faraday cage model unless your system is monitoring the GPS constellation and precise enough to replicate their actual locations within the time frame required for signature production and transmission. This is possible, but the parameters are intentionally chosen to defeat this attack and it's likely they can be improved as the tech gets better. All that's needed is that the valid stays ahead of the hackers.
There's simply no way to plug your GPS receiver simulator into the client and spoof it that way because the inputs needed by the client to produce its signature are the calculated GPS satellite delays, not the actual location provided by "normal" GPS with a NEMA serial interface. You're back to the faraday cage hack, which is probably very expensive.
Since the goal of security is to make it more expensive to acquire the information than it is worth, the approach here seems sound.
The encryption used to conceal the stream payload is the same highly effective encryption that everyone else is using and is vulnerable to the same attacks. Assume it's 4096-bit RSA covering 128-bit IDEA or better. The stream is "secure".
IANASE (security expert), but I do develop network security products for a living...
Regards, Ross
This one is going to be fun to crack! I love it when the ENTIRE WORLD can join together to solve a technical puzzle like this. Her scheme assumes that I am willing to buy this hardware and use the formats that she recommends. Well fuck her! I'm going to use different formats and different hardware. There has never yet been an "uncrackable" encryption scheme. At some point along the way -- it breaks down and fails. And as soon as we find that point you can kiss this mechanism goodbye! They make the shit... we crack it.
This idea has serious flaws which may undermine the security of the encryption.
If an attacker has some idea of where the location is the GPS data will unlock, he can test the data agaist a range around that location. Given a GPS resolution of about 10 meters, there are 10,000 possible values per square kilometer. Testing a block of data against an area 10 kilometers on a side gives only a million possible permutations; child's play for modern computers. 100 kilometers on a side is 100 million permutations.
Interesting article, when it doesn't mention a couple other patents that are specific about using GPS for decrypting data, with satellite TV mentioned specifically!
Look at these patents
5,640,452 ( July 1997 ) Location-sensitive decryption of an encrypted message
6,317,500 ( November 2001 ) Method and apparatus for location-sensitive decryption of an encrypted signal.
These look more on the mark for protecting movies, video, whatever...