Master’s Project proposal

Location based encryption and decryption of files

Ashish Korpe

Summer 2015

Approved by:

______

Advisor: Dr. Edward ChowDate

______

Committee Member: Dr. Jia RaoDate

______

Committee Member: Dr. Jonathan VenturaDate

  1. Introduction:

In a world bursting with ever increasing information, hacking and gaining illegal access to important information is on the rise. In the digital age, one could be looted based on the information they let out. Security of information has thus gained additional importance these days. One of the important research being carried out today is providing security by restricting access to important documents based on the location of the user trying to access it, i.e. location based secure access. There are several strategies that were proposed for the location based secure access. One strategy is to encrypt the data based on the geolocation of the intended receivers with option of include their credentials. The other strategy is to verify the source of the access and ensure that it comes from certain specified areas, even before data is delivered. In the former, the encrypted data can be distributed ahead of time while in the latter, the data will not be delivered unless the locations of the receivers are validated and and within the specified ranges at specific locations. Either cases the capability for verifying the authenticity of location info is critical. In this proposed research project we focus on the former strategy.

1.1Basic Terms:

App: An application used generally on a smartphone.

LBED: Location Based Encryption Decryption.

1.2Related work:

A significant amount of work has been done on this front by Dorothy E. Denning, Barry J. Glick, Ronald S. Karpf and Mark E. Seiler. They have gained the patent for “SYSTEM AND METHOD FOR DELIVERING

ENCRYPTED INFORMATION IN ACOMMUNICATION NETWORK USING LOCATION IDENTITY AND KEY TABLES” [1]. Their work details the ideology of location based encryption and decryption of files in order to overcome the many problems faced by the conventional cryptographic methods [2]. It also shows the possible shortcomings in using conventional cryptographic methods like RSA for including location as a key component [3]. The main applications of this ideology as mentioned by the authors are in digital cinema distribution and secure GPS [4]

The authors discuss an application in military [8] where the firing of missiles could be done only from a specific position. Authors in [10] discuss applying geo encryption technology in cloud computing to provide better security to cloud based environments and applications. We are not dealing with cloud based computing here. Research is also being carried out on applying geo-fencing in an energy efficient manner [9]. The author here proposes a novel way to implement privacy by exploiting signals broadcasted from cellular radio network infrastructure at that location. We are trying to implement privacy through an additional layer of cryptography irrespective of the positioning technology used (GPS/ cellular network/Wi-Fi/Cell-Id. The author puts forth the idea of replacing geo data with network proximity,in [7]. In this paperwhere, they try to replace the need of using GPS all the time by using Wi-Fi scanning and thus making location services energy efficient.

The authors for the above mentioned patent have specified the use of a central server for same applications like digital cinema. In this project, we are trying to implement the ideology of location based access where the owner of a file/document can provide access to this document based on the user’s receiver’s[EC1] location. Here, the proposed implementation entails assumes users having the apps on their smartphones and a central server. The server will store the file sent and intimate validate the receiver of the location he should be in/at to access the file.

1.3 Motivation:

Popular and widely used smartphone operating systems Android and iOS do not yet have applications to achieve location based access to their documents. The availability of an ‘app’ providing location based access will be greatly beneficial for the iOS and Android users.

1.4 Previous work:

This system has been implemented by GeoCodexTM in June 2010 for windows platform using the LBED (Location based Encryption Decryption) technology. GeoCodexTM claim that their application works successfully [5][6]. Comments on the metrics they used to make such claims. Discuss how their techniques or systems can be improved[EC2].

  1. Project goal:

The goal of this project is to design and create an android and an IOS app which successfully encrypts and decrypts files based on the user’s location. The app will enable the sender to encrypt his file on the server with the recipient’s desired location and then send a link to the recipient to gain access to the file. The sender will also send the key to decrypt the file through the server. The recipient, on getting the intimation from the server will be able to gain access to the file when he gets to the specific location. The recipient will have to apply the key and decrypt the file. The system will allow only one or one group of intended recipients to access the file at a particular location. A futuristic extension for this project could be allowing multiple users to gain access to the file at multiple locations.

Metrics:
In order to evaluate the project, i.e. the apps, we evaluate the systems based on measure the following metrics:

  1. 1. Degree of accuracy with respect to detection of location through the app. The error margin for the app shall be in meters i.e. the location shall be accurately detected to a few (50) meters. To test this feature, we can install the apps and test them across the UCCS campus. The campus being spread over a large portion of area could assist the testing. We restrict the access to an area within a 50 meter radius. We proceed with the assumption that the GPS signals are reliable and detect the location pretty accurately. Moreover, we do not consider jamming or compromising the GPS signals.
  1. The time taken by the app to provide access to the file. The total time taken by the app has many components like the time taken to encrypt the file on the sender’s side, time taken by the sender to encrypt the keythat is required to decrypt the file, the time taken by the receiver app to decrypt the key and then use the key to access the file.
  2. The memory consumed by the app on the smartphone for installation and working.
  1. Project plan:

This project is to be completed by the end of term, summer 2015.

  1. Applications: In order to demonstrate location based access, we need to think of more areas where this could be applied. Criteria like usage of the location services of the smartphone, the size of the file being sent/encrypted and decrypted need to be taken into consideration. Possible applications could be militarized zones[8] and hospitals or clinical environments.
  2. Feasibility study: A feasibility study of usability of the apps needs to be done. This has been implemented as a windows app. The performance metrics for the intended apps should be comparable to the existing windows app.
  3. Development and Test plan: A detailed plan including the technologies to be used for development and testing the apps.

June 15, 2015 / Summer semester begins
June 27, 2015 / Submit draft of project proposal
June 30, 2015 / Approved project proposal
July 4, 2015 / Analysis and design of the web application
July 11, 2015 / Completion of implementation
July 14, 2015 / Test the web app on both platforms(IOS and Android)
July 17, 2015 / Completed project work and draft report
July 18, 2015 / Complete project report
July 20, 2015 / Complete project defence
August 7, 2015 / End of Summer 2015 term
  1. Deliverables:

Working iOS and Android web applications which allow encryption and decryption of files based on the user’s location and a master project report which details the design, implementation and evaluation of LBED apps.

References:

[1]

[2]Scott, L. and Denning, D. E.,“Location Based Encryption and its Role in Digital Cinema Distribution,” ION GPS/GNSS 2003, September 9-12, Portland

[3] Geo Location Based RSA Encryption Technique Ayesha Khan

[4] Scott, L. and Denning, D. E.,“Geo-Encryption: Using GPS to Enhance Data Security,”GPS World, April 2003

[5] Location-Based Encryption / Decryption (L-BED) WHITE PAPER GeoCodex, LLC June 2010

[6]

[7]Namiot, Dmitry, and Manfred Sneps-Sneppe. "Geofence and network proximity."Internet of Things, Smart Spaces, and Next Generation Networking. Springer Berlin Heidelberg, 2013. 117-127

[8]Rajeswari, V., V. Murali, and A. V. S. Anil. "A Navel Approach to Identify Geo-Encryption with GPS and Different Parameters (Locations And Time)."IJCSIT) International Journal of Computer Science and Information Technologies3.4 (2012).

[9]Bareth, Ulrich. "Privacy-aware and energy-efficient geofencing through reverse cellular positioning."Wireless Communications and Mobile Computing Conference (IWCMC), 2012 8th International. IEEE, 2012.

[10]Abolghasemi, Meer Soheil, Mahdi Mokarrami Sefidab, and Reza Ebrahimi Atani. "Using location based encryption to improve the security of data access in cloud computing."Advances in Computing, Communications and Informatics (ICACCI), 2013 International Conference on. IEEE, 2013.

[EC1]Receivers is more specific than users. The auther can be the “user” of such lcoation based secure system.

[EC2]Discussion of related work should include how the proposed work are different from prior work.