Paper 2018/345
In-region Authentication
Mamunur Rashid Akand and Reihaneh Safavi-Naini
Abstract
Location information has wide applications in customization and personalization of services, as well as secure authentication and access control. We introduce {\em in-Region Authentication (inRA)}, a novel type of authentication, that allows a prover to prove to a set of cooperating verifiers that they are in possession of the correct secret key, and are inside a specified (policy) region of arbitrary shape. These requirements naturally arise when a privileged service is offered to registered users within an area. Locating a prover without assuming GPS (Global Positioning System) signal however, incurs error. We discuss the challenge of designing secure protocols that have quantifiable error in this setting, define and formalize correctness and security properties of the protocols, and propose a systematic approach to designing a family of protocols with provable security where error can be flexibly defined and efficiently minimized. We give a concrete instance of this family that starts with two verifiers, prove its security and evaluate its application to four different policy regions. Our results show that in all cases false acceptance and false rejection of below $6\%$ can be achieved. We compare our results with related works, and propose directions for future research.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Minor revision. ACNS 2018
- Keywords
- In-regionDistance boundingAuthentication
- Contact author(s)
- mdmamunurrashid akan @ ucalgary ca
- History
- 2018-04-16: received
- Short URL
- https://ia.cr/2018/345
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/345, author = {Mamunur Rashid Akand and Reihaneh Safavi-Naini}, title = {In-region Authentication}, howpublished = {Cryptology {ePrint} Archive, Paper 2018/345}, year = {2018}, url = {https://eprint.iacr.org/2018/345} }