Survey on Location Authentication Protocols and Spatial-Temporal Attestation Services

By Samih Eisa, Miguel Pardal / 11-01-2022 / In categories Blog

blog, survey

Location Authentication Protocols and Spatial-Temporal Attestation Services

Survey

Ferreres, Ana Isabel González-Tablas et al. “Survey on Location Authentication Protocols and Spatial-Temporal Attestation Services.” EUC Workshops (2005).

The wide deployments of Location-Based Services (LBS), nowadays, promotes various security advantages, gained from the use of location authentication protocols that verify the locations of mobile users. A service provider, for instance, may require that users must be located at specific locations to gain access to the service or it may require that mobile users provide spatial-temporal evidence that testifies locations where events happened (e.g. where a payment transaction was done).

This blog post provides a summary of one of the earliest survey paper in the topic of location authentication protocols and spatial-temporal attestation services, focus mainly on foundational elements and methods. The survey reviewed a number of recent works, back then, and identified several protocols and services as well as highlighted the lack of general framework to analyse the security aspects of the reviewed works against an identified threat model.

Location Authentication Protocols

In general, location authentication protocols involve two main entities: a prover (P) entity, a mobile user who has unique identifier; and a verifier (V) entity, which assures the location of P through evidence provided by P in a protocol where P is active at the evidence acquisition time. Moreover, there is also a set of locating entities, which are part of the positioning infrastructure, collaborates with V. An adversary in these protocols can manipulate the physical characteristics of P and aim at making V accepts false location claims.

Two types of location authentication protocols have been defined:

  1. Distance-Bounding protocols, where V authenticates that P is within a defined distance from V based on the measurement of the round trip latency using fast challenge-response exchange of messages between the two parties (P and V). The main assumption here is that the signals used to transmit the exchanged messages have constant propagation speed. However, this method assumes that the devices have special hardware that can be used to perform the protocol. Another types of distance-bounding protocols are based on broadcasting tokens through a set of short-range beacons (location entities). In these approaches, the tokens can be received by P if the distance less than the upper-bound distance limit.

  2. Absolute Positioning Protocols, where the goal of these protocols is to authenticate the absolute position of P, with some resolution, using triangulation techniques and based on simultaneous execution of several distance-bounding protocols or based on authenticated ranging using signals broadcasted by the global navigation satellite systems (GNSS).

Spatial-Temporal Attestation Services

Attestation services generate, collect and verify spatial-temporal evidences of an entity or action made by an entity on certain data. They use trusted third parties (TTP) to generate the evidence and the main goal of these services is to provide unforgeable, non-transferable and verifiable spatial-temporal evidence that testifies the location of P. Most of the existing services in the literature used as evidence generation mechanisms like digital signatures, secure seals or authentication tokens.

Two kinds of attestation services have been defined:

  1. Spatial-temporal certification services that provide certificate-like or credential-like spatial-temporal evidences on the conditions of an entity.

  2. Spatial-temporal stamping services that provide evidence about the spatial-temporal conditions under which a document exist or a transformation is made by an entity on a document.

In Summary, the survey reviewed and presented existing location authentication protocols and spatial-temporal attestation services and emphasised on the lack of common framework to analyse security aspects of these protocols. Open issues like the efficiency of the protocols and services, privacy, and the defence mechanisms against Denial of Service (DoS) attacks are subjects for further study in the future.