Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Trusted Location Based Services


Published on

A virtual presentation for the paper "Trusted Location Based Services"
Presented on the 10th of December 2012 at the ICITST conference (

Published in: Technology
  • Be the first to comment

Trusted Location Based Services

  1. 1. Trusted Location Based Services IAIK Institute forApplied Information Processing and Communications Graz University of Technology Peter Teufl -
  2. 2. Myself PHD in 2012: Knowledge discovery in security related applications Lectures: Computer networks, smartphone security Current projects, research: Smartphone security, cloud security, Android malware IAIK
  3. 3. IAIK Prof. Reinhard Posch e-Government NFC security Design and verification Cryptography Java security Smartphone IAIK
  4. 4. Contents Location Based Services (LBS) and mobile devices Trusted services - Proving that you are at a location at a specific time Qualified digital signatures, cryptographic RFID tags Two prototypes based on Trusted Location Based Services (T-LBS) Using two smartphones Using a cryptographic RFID Tag Security IAIK
  5. 5. Location Based Services Location Based Services (LBS) Success attributed to recent popularity of smartphones (especially iOS, and Android) Examples: Maps, navigation, Point-Of-Interests, context-aware applications (Google Now, Siri, etc.) Service: How accurate is the user’s location? Can it be used to prove that the user is at a certain place? IAIK
  6. 6. LBS - Security? No security - in terms of proving that the user is at the claimed location Missing: Trusted GPS receivers, cryptographic measures, support of the operating system, defences against external influences Why? Not necessary for current applications (maps, navigation...) Users benefit from accurately providing their location ...and simply not possible with one user’s IAIK
  7. 7. LBS - Trust? Current technology on smartphones cannot provide trusted locations We rely on a Trusted Third Party (further denoted as TTP) This party verifies the location/time claim of a user User, TTP use digital signatures to sign the location/time information We present two ways of implementing such a TTP Two users with smartphones, where one user represents the TTP One user with a smartphone: TTP based on cryptographic RFID IAIK
  8. 8. Qualified Signatures Austrian Citzien Card Smartcard (on top of national health insurance card: ecard) Mobile Signature Solution (Signature is created on an external HSM) Smartcards cannot be deployed on smartphones (at least not in a simple way) Thus: deployment of mobile signature solution Based on two channels: Internet and SMS (mTans) IAIK
  9. 9. Mobile Signature Login - 1st step: Login - 2nd step:Phone Number/Password entering the mTan SMS to phone number with IAIK
  10. 10. Cryptographic Tag RFID tag, which is capable of executing cryptographic operations Tag stores assymetric key pair Private key cannot be extracted from tag Tag creates a digital signature with this private key Communication with NFC enabled IAIK
  11. 11. Components, Definitions Service Provider (SP): An application service provider that employs trusted location based services User: The user who provides a trusted location to a Service Provider (SP) Creates signature with qualified signature (mobile signature) Trusted Third Party (TTP): A trusted party that verifies the claimed location of the user, and also signs the ticket which is already signed by the user Trusted Location Time Ticket (T-LTT): Digitally signed “Location Time Ticket” that contains the correct location and the IAIK
  12. 12. Trusted Location Based Service1: The user initiates a session with the SP User Service Provider 1 (SP) 22: The SP requests a T-LTT from the user Signature Creation Signature Verification 5 Signature Verification3: The user signs his current location and 3 4time (LTT) and sends it to the TTP Trusted Third Party 1 … Access from User to service of SP (TTP) 2 … Request for T-LTT from SP to User4: The TTP verifies the LTT and the 3 … Request for T-LTT from User to TTP Signature Signature 4 … TTP sending T-LTT to User Creation Verificationsignature and signs the LTT (> T-LTT) 5 … User showing T-LTT to SP Location Time Source Source5: The user sends the T-LTT to the SP6: SP can now verify the T-LTT and provide a location/time specific service to the IAIK
  13. 13. Prototype Overview Protoype A Protoype B Smartphone Service Provider Smartphone Service Provider T-LTT T-LTT User A (SP) User A (SP) Nonce LTT T-LTT Signed Nonce LTT Public Key T-LTT Smartphone User B Different TTPs TTP Server Cryptographic TTP Location of Tag crypto IAIK
  14. 14. Prototype A - Two Smartphones Scenario A User A needs a trusted location that proves that he/she has been at the location of User B (TTP) User B has a strong interest that User A provides the right location (User A and B do not collaborate to fake the location) Requirements: Two smartphones digital IAIK
  15. 15. Prototype A - Two Smartphones 1: User A signs location/ SP time Prover TTP User 5 Trusted User 2: User A submits LTT to User B (TTP) Smartphone 4 Smartphone 3: TTP verifies LTT and Signature Verification 2 Signature signs LTT > T-LTT Signature Creation Creation Signature 3 1a 1b Location Verification 4: T-LTT returned to User A Source Time Source 5: User A sends T-LTT to IAIK
  16. 16. Security Analysis - Prototype A Main threat to prototype A: When User B (the TTP) and User A have the intention to work together in order to provide the wrong location When User A alone has this intention, the TTP (User B) will not sign the location More advanced threats described in the paper Malware installed on User’s B smartphone. Real User A at another location, fake User A has a IAIK
  17. 17. Prototype B - Cryptographic Tag Scenario B A user is at a specific location at a specific time and needs to prove this. (e.g. a security guard that needs to inspect a certain location) An unremovable cryptographic tag has been placed at this location. With a smartphone, the cryptographic tag and an external server the user can prove that he was at the location at a given time. Threat: User A could fake the time/location (TTP is not a real person, which simplifies certain attacks) IAIK
  18. 18. Prototype B - Cryptographic Tag1a/b: User: Gets public key from Tag SP Prover TTP2a/b: Public key sent to server (looks up User 6 Servertag in DB), User gets nonce from server 5c 5c 5a 5c Signature 5a Creation Smartphone3a/b: Tag returns signed nonce Signature 5a 4b 4a Signature Verification 5b Verification Time4a/b: Server verifies tag signature, Source Signature 2b Creation 2a Locationnonce, sends LTT to user Source 3b 3a5a/b/c: User signs LTT, Server verifies 1b Crypto Tag 4bLTT, signs LTT > T-LTT, returns T-LTT 1a Location Source6: User sends T-LTT to IAIK
  19. 19. Security Analysis - Prototype B Main threat to prototype B TTP is not a real person, which makes it easier for User A to create the T- LTT at another location (e.g. sending someone else to the location and creating the digital signature remotely) Compared to Prototype A TTP is always trusted: more possible scenarios More IAIK
  20. 20. Current State Prototypes are implemented Scenario A: User A/B have an accident, photos and report are signed by both users User B verifies location claim of User A Scenario B: Deployment of cryptographic tags, location/time log on a IAIK
  21. 21. Questions? Thank you for your attention! Please send your questions to Best Regards from Graz, Austria! IAIK