In this lesson we discuss a location-based encryption technique called geoencryption. It intends to enhance the protectional data, and only allow them to be decrypted at certain geolocations area with certain speed and on certain time. It was published in proceeding of the 2003 national technical meeting of the Institute of Navigation. It was published by Logan Scott and Dorothy Denning. It intends that traditional data protection technique to include context and geolocation information, requirement, and constraints. These informations are used in key construction process to enhance the security or the protection of the data. Dr. Dorothy E Denning continued to extend and enhance these techniques as patterns based on these basic techniques as of 2017. In the traditional hybrid data encryption algorithms, for the encryption process we can use different elements to produce session key. Or here in this graph, we use random key generation to produce symmetric key for encrypting the plaintext. And then we use a sender's private key to encrypt the symmetric key only, using the RSA or any symmetric key algorithms. The ciphertext and the encrypted symmetric key are then sent over the unprotected channel to the receiver. They can then be sent over to the receiver. The receiver then use the public key of the sender to decrypt that encrypted symmetric key. The ciphertext is then fully into the decryption symmetric key module to recover the plaintext. The RSA algorithm is about 1,000 times slower than the AES algorithm, and therefore it is only proper to use AES to encrypt a symmetric key, and not using the symmetric key. And only use it to encrypt a symmetric key, and using AES symmetric key to encrypt a whole plaintext. In the proposed GeoEncryption Algorithm, the center on the top wheel end enters the intended receiver’s location, position, it's velocity, assuming that this may be a jet, or maybe a Navy ship. Note that the Dorothy, at that time was, and still is, with naval post graduate school. And the intended receiving time. They call this contact information PVT. This low PVT information goes through a mapping called PVT to GeoLock Mapping module to produce a bitstream they call GeoLock. This GeoLock bitstream is then bit exclusive or with a symmetric key. The resulting bits are then sent over and encrypted by a symmetric algorithm module similar to the hybrid algorithm in previous slide to generate the GeoEncrypted Symmetric Key. And to be sent over in an unprotected channel to the receiver. On the receiving side, with the concern of GPS spoofing, they proposed to use anti-spoof enhanced GPS Receiver to derive the correct PVT information. The PVT information is then mapped to the GeoLock bitstreams like the senders PVT to GeoLock module. The GeoEncrypted key will be decrypted with the public key of the sender. Then there are exclusive with GeoLock bitstream to recover the symmetric key. The proposed scheme, not just consider the location, but also consider the traveling speed of the receiver and the receiving time. We can further extend this concept to include the other context informations easily. In 2013, Professor Todd Humphreys has demonstrated spoofing of GPS signal to fool a $80 million yacht off course on the Mediterranean Sea. We will discuss this anti-spoofing kind of GPS technique in a future lesson. In principle, one could cryptographically bind a set of location and time specification to the ciphertext file. And build a device that would decrypt a file only when within the specific location and time constraint. However, there are certain potential problems with such an approach. First, the resulting file reveals a physical location of the intended recipient. When there's an enemy involved, you don't want that. First of all, it provides vital information to someone who wants to spoof the device. Second, the device is vulnerable to tampering. It may be possible to modify it so as to completely bypass the location check. The modified device would decrypt all the received data without even acquiring its location and verify that it is correct. Alternatively, an adversary might compromise the keys and view a modified decryption device without the location check. Either way, the modified device could be used anywhere and location will be irrelevant. Here is a notational diagram of a PVT GeoLock Mapping function, where the latitude, and longitude, and the time in three dimensions comes to the input. And we show you three grids here. Here, a regular three dimension grid of longitude, latitude, and time values, has been created. Each table cell contains an associate GeoLock value which will be used to perform inclusive [INAUDIBLE] with the symmetric key. The GeoLock value corresponding to the bitstream to the big O with a key. If the grid size is set to be 10 meters, there will be 5.1 times 10 to the power of 12 grids in the whole wide world. If the grid size is set to be 1 meter, there will be 5.1 times 10 to the power of 14 grids in the whole wide world. If the grid size is set to even smaller, like 0.1 m, which is the military kind of grade, kind of GPS can do, there will 5.1 times 10 to the power of 16 grids. Therefore if we manually create this grid data, it would be a long process and require a lot of storage. It is interesting to imagine that a jet need to come within 1 meter by 1 meter grid at 2 Mach speed to decrypt the specific top secret messages. The pilot may need to try multiple times.
