Implications of Position in Cryptography

In our daily lives, people or devices frequently need to learn their location for many reasons as some services depend on the absolute location or the proximity. The outcomes of positioning systems can have critical effects e.g., on military, emergency. Thus, the security of these systems is quite important. In this thesis, we concentrate on many security aspects of position in cryptography. The first part of this thesis focuses on the theory of distance bounding. A distance bounding protocol is a two-party authentication protocol between a prover and a verifier which considers the distance of the prover as a part of his/her credential. It aims to defeat threats by malicious provers who try to convince that they are closer to the verifier or adversaries which seek to impersonate a far-away prover. In this direction, we first study the optimal security bounds that a distance bounding protocol can achieve. We consider the optimal security bounds when we add some random delays in the distance computation and let the prover involve distance computation. Then, we focus on solving the efficiency problem of public-key distance bounding because the public-key cryptography requires much more computations than the symmetric-key cryptography. We construct two generic protocols (one without privacy, one with) which require fewer computations on the prover side compared to the existing protocols while keeping the highest security level. Then, we describe a new security model involving a tamper-resistant hardware. This model is called the secure hardware model (SHM). We define an all-in-one security model which covers all the threats of distance bounding and an appropriate privacy notion for SHM. The second part of this thesis is to fill the gap between the distance bounding and its real-world applications. We first consider contactless access control. We define an integrated security and privacy model for access control using distance bounding (DB) to defeat relay attacks. We show how a secure DB protocol can be converted to a secure contactless access control protocol. Regarding privacy (i.e., keeping anonymity in a strong sense to an active adversary), we show that the conversion does not always preserve privacy, but it is possible to study it on a case by case basis. Then, we consider contactless payment systems. We design an adversarial model and define formally the contactless payment security against malicious cards and malicious terminals. Accordingly, we design a contactless payment protocol and show its security in our security model. The last part of this thesis focuses on positioning. We consider two problems related to positioning systems: localization and proof of location. In localization, a user aims to find its position by using a wireless network. In proof of location, a user wants to prove his/her position e.g., to have access to a system or authorize itself. We first formally define the problem of localization and construct a formal security model. We describe algorithms and protocols for localization which are secure in our model. Proof of location has been considered formally by Chandran et al. in CRYPTO 2009 and it was proved that achieving security is not possible in the vanilla model. By integrating the localization and the secure hardware model, we obtain a model where we can achieve proof of location.

Vaudenay, Serge
Lausanne, EPFL

 Record created 2018-11-21, last modified 2018-11-26

Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)