2016 IEEE International Conference on Pervasive Computing and Communications Demonstrations
Demo Abstract: Location Fingerprint Evidence and
Authorisation Using WiFi Channel Characteristics
Chitra Javali∗† , Girish Revadigar∗† , Daniel Pletea‡ , and Sanjay Jha∗
∗ School
of Computer Science and Engg. UNSW Australia, Sydney, Australia
† National ICT Australia (NICTA), Sydney, Australia
‡ Philips Research, Eindhoven, Netherlands
Email: {chitraj, girishr, sanjay}@cse.unsw.edu.au; [email protected]
Abstract—Location based services are widely being adopted
by many commercial applications where mobile users receive
incentives/rewards based on their location. In such applications,
mobile users may submit their location with the assistance of
various location apps which are capable to locate the mobile
devices. However, there is always a possibility that users may
submit false location to the service providers and gain benefits
which they are not entitled of. Hence, it is necessary for service
providers to request for location evidence which confirms the
user’s location claim. In this paper, we propose a novel solution for
producing secure location fingerprint evidence and authorisation
exploiting wireless signal characteristics and error tolerant fuzzy
extractor. Our mechanism is secure and can detect modifications
of the location evidence. The evidence generated cannot be shared
with other mobile users, and hence our solution is suitable for
real-time applications.
Keywords—Location based services, Location fingerprint evidence, Wireless physical layer, Fuzzy extractor.
I.
I NTRODUCTION
Recently the increased and wide usage of wireless handheld mobile devices has led to the emergence of new applications based on the location of the user. Location based
service providers enable beneficial services to mobile users
based on their geographical position/location. Few applications
like Foursquare, Swarm [1] rely on user’s reviews of restaurants, shops etc,. for which in turn users win incentives. In
such scenarios users may lie and provide a review for the
restaurants/shops they had never visited, or may help their
friends to gain benefits. Additionally various applications of
health-care systems, and other organisations may also provide special permissions and/or access to resources based on
user’s current/previous location. Location fingerprint evidence
enables a user to prove his/her position and also allows a
location based service provider to trust/authorise the evidence.
Theses evidences are certificates/tokens provided by a wireless
infrastructure say Wi-Fi access point (AP) to a mobile user.
The location fingerprint evidence produced at a particular
time instant must assure (i) it is unique to a user’s location and
(ii) a location based service provider must be able to regenerate
it when required. The procedure must be robust and secure [2],
[3] to ensure that the user or any other attacker must not be
able to modify the evidence and submit it to gain benefits for
some other location or time. The procedure must also not allow
mobile users to share their location evidence.
In this paper, we present our solution to produce location
fingerprint evidence that is unique to a user which exploits
978-1-5090-1941-0/16/$31.00 ©2016 IEEE
Pal
Prover
1. Request Location Evidence
2. Ack
3. Location Fingerprint Evidence
5. Submit
Location
Evidence
4. Update
8. Response
6. Request for data
7. Submit
Service Provider
Server
Fig. 1: System design and protocol flow sequence between the
four system components.
wireless physical layer characteristics [4] i.e., received signal
strength indicator (RSSI). In order to verify the location
evidence, we employ fuzzy extractor [5] based mechanisms.
This evidence is reproducible only by a location based service
provider to authorise a user’s location. We believe our proposed
protocol as shown in Figure 1 is the first to use fuzzy extractor
and RSSI to produce location fingerprint evidence and be able
to verify its legitimacy.
Our contributions:
•
We propose a novel solution for producing location
fingerprint evidence and authorisation using radio frequency signals and fuzzy extractor which is errortolerant and information theoretically secure. Our solution is secure, deployable with the existing infrastructure and defends against modification and sharing
of the fingerprint evidence.
•
We implement our solution using WiFi capable devices and demonstrate experimentally that our solution
is robust and suitable for practical applications.
The organisation of the paper is as follows: Section II
explain the basics of wireless channel characteristics and
fuzzy extractors required for our protocol. Section III presents
our system components, protocol implementation and security
analysis. In Section IV we explain the procedure to demonstrate our work and Section V concludes the paper.
Q7
d > (wavelength/2)
Access Point
User
AP
Adversary
Q6
RSSI (dBm)
Q5
Q4
Q3
Q2
Q1
Adversary
Q0
0
User
(a) A mobile phone communicating with an AP and an adversary placed at a
distance greater than λ/2 from the user’s mobile device and AP.
5
10
15
20
Index
25
30
35
(b) RSSI characteristics of the two legitimate devices
show similar variation. The singnals observed by an
adversary differ from the two legitimate devices.
Fig. 2: Communication between the devices and wireless signal characteristics.
II.
P RIMITIVES
In this section, we explain the two important building
blocks of our scheme: wireless channel characteristics and
fuzzy extractor.
A. Wireless Channel Characteristics
We exploit the unique spatial temporal characteristics [4],
[6] of wireless signals to generate the location fingerprint
evidence. In an indoor environment when two transceivers
are communicating over wireless medium, the following
properties hold true:
Reciprocity: The signal characteristics observed by the two
devices will be similar when they exchange packets within the
channel coherence time, which is typically few milliseconds.
High correlation: If the two devices exchange multiple packets
over a period of time and measure the channel characteristics,
the signal variation captured by the two devices will be highly
correlated.
Multi-path effects: If any other device is capturing the
communication between the two transceivers and is located
away from the transceivers at a distance greater than λ/2,
where λ is the wavelength of the carrier frequency being
used, the signal characteristics observed by this device will
be entirely different.
Figure 2 illustrates the above properties of wireless channel. Figure 2a shows a user’s mobile device and an AP communicating and another device, say an adversary placed at a
distance greater than λ/2 from the AP. From Figure 2b, we can
observe that the RSSI captured by the two legitimate parties
are correlated whereas the RSSI observed by the adversary are
entirely different. Figure 3 demonstrates the multi-path effects,
where the RSSI measured by two mobile devices from the
same AP does not have same variation when placed at least
few centimetres away from each other.
B. Fuzzy extractor
We employ fuzzy extractor [5] based mechanisms in our
protocol as it is error tolerant and information theoretically
secure mechanism [7]. It consists of two procedures generation ‘Gen’ and reproduce ‘Rep’ as shown in Figure 4. The
Fig. 3: RSSI characteristics of two mobile devices connected
to a common access point showing different variation.
w
P
Gen
R
(a) ‘Gen’ Procedure
w´~ w
P
Rep
R
(b) ‘Rep’ Procedure
Fig. 4: Gen and Rep procedures of Fuzzy extractor.
procedures have the following properties:
a. The ‘Gen’ procedure takes an input w M , where M is a
metric space. It produces an output R {0, 1}l and a helper
string P . The ‘Rep’ procedure takes w 0 M and P as inputs.
b. If the distance, dis(w , w 0 ) ≤ t, where t is a threshold, then
‘Rep’ produces the identical R as ‘Gen’.
III.
S YSTEM D ESIGN
A. System Components
In our architecture we consider the following components:
(a) Prover: a person’s mobile device who intends to prove
his/her present/previous position or place to a location based
service provider.
(b) Pal (friend): an access point that provides a location
fingerprint evidence to a prover upon request.
(c) Server: a database storage used to store the data provided
by the pal.
(d) Service Provider: a location based service provider who authorises or verifies the location fingerprint evidence submitted
by the prover.
B. Protocol
The components of our system and the sequence of communication between them is shown in Figure 1. The prover
requests to the pal i.e., the AP for a location fingerprint
evidence. The pal acknowledges the request and begins to
capture the signals from the prover. At the same time the
prover also captures the signals from the pal. After completion
of message exchanges for a short duration, the pal generates a
unique location fingerprint evidence and submits to the prover.
The pal also stores the evidence details in the server along
with the unique identity of the prover. During authorisation,
the prover presents the location fingerprint evidence and RSSI
to the service provider. The service provider requests for
corresponding information from the server and checks the
integrity and authenticity of the information submitted by the
prover. If the security requirements are legitimate then the
service provider sends a response accordingly else it denies
the services to the prover.
C. Implementation
We have used Android based smartphone as prover, Intel
NIC 5300 laptop as pal. Two separate laptops were deployed
for server and service provider. MySql database was used at the
server. For generating the evidence, the ‘Gen’ procedure is performed by the pal after completion of message exchanges. The
RSSI measured by the pal is the input w to ‘Gen’. Quantisation
is applied to the RSSI to produce R i.e., location fingerprint
evidence and P . Pal stores this information in the server.
During evidence authorisation, the service provider receives
the input w 0 i.e., RSSI and location evidence from the prover
and the corresponding information P from the server. The
service provider regenerates the location fingerprint evidence
from the data obtained by executing the ‘Rep’ procedure. If the
evidence produced is identical to the one stored in the server,
then an acknowledgement of success is sent to the prover
else a failure message is delivered. We have implemented the
procedures in matlab.
identity number is associated to a single prover and also to the
evidence generated.
IV.
Our demonstration will consist of two aspects: (i) Analysis
of physical layer characteristics and (ii) Location fingerprint
evidence generation and authorisation. In the first part, we will
show an experimental set-up as shown in Figure 3 consisting of
one commercially available Wi-Fi AP and two smart-phones.
This set-up will demonstrate the variation of wireless physical
layer characteristics on the two devices and the effect of
multi-path fading in indoor environment. Further, we will be
demonstrating the generation of location fingerprint evidence
using radio frequency signals and its authorisation. We will
be using a laptop with Intel 5300 NIC as an AP. A hand-held
mobile phone will be connected to the AP. The mobile phone is
handed over to a user and is requested to walk around. The AP
and the mobile device communicate over the wireless channel
to capture the signals. The location fingerprint algorithm i.e.,
‘Gen’ procedure is executed by the AP to obtain a unique
fingerprint based on user’s path movement and activities. The
data captured by user’s phone and location evidence is fed
to another algorithm ‘Rep’ running on a laptop which is the
service provider. If the information presented to the ‘Rep’ by
the user is similar to the one given as input to ‘Gen’, then the
fingerprint generated by the service provider will be same as
the fingerprint generated by the AP.
V.
C ONCLUSION
In this paper, we have proposed a novel solution for secure
location fingerprint evidence and authorisation for mobile
users. Our mechanism exploits the unique wireless physical
layer characteristics and fuzzy extractor based mechanisms.
The proposed protocol is information theoretically secure,
error-tolerant and resistant to attacks. The location based
service provider can detect any modification in the evidence
submitted by the prover. Our scheme can be deployed without
requiring any additional infrastructure and hence suitable for
real-time applications.
D. Security Analysis
A passive eavesdropper may try to produce a location
fingerprint evidence that is same as prover by analysing or
capturing the communication between the prover and pal.
From Section II, we know that any device placed away from
the legitimate ones will not be able to capture similar signal
characteristics. Hence the adversary cannot obtain the same
fingerprint evidence as that of the prover. We have implemented Message Authentication Code (MAC) [2] to verify
the authenticity and integrity of the messages received by the
system components. Hence if any active adversary modifies the
content of the message being transmitted, the integrity check
fails and message tampering can be detected. In our protocol
we identify the provers by their unique identification number.
We assume that this number is bound to each prover and cannot
be shared with any other prover. Thus, any prover cannot share
his/her location fingerprint evidence with any other prover as it
contains the unique number embedded in it. Our protocol also
defends against collusion attack where an attacker who is not
present in the vicinity of pal colludes with a prover to obtain a
location fingerprint evidence for herself/himself, as the unique
D EMONSTRATION
ACKNOWLEDGMENT
This work has been funded in part by the EC via grant
agreement no. 611659 for the AU2EU project.
R EFERENCES
[1]
[2]
[3]
[4]
[5]
[6]
[7]
“Foursquare and Swarm apps,” https://foursquare.com/about, accessed:
12-December-2015.
A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of
Applied Cryptography, 1996.
C. Javali, G. Revadigar, W. Hu, and S. Jha, “Poster: Were You in the Cafe
Yesterday?: Location Proof Generation & Verification for Mobile Users,”
in Proc. ACM Conference on Embedded Networked Sensor Systems,
(SenSys), 2015.
T. S. Rappaport, Wireless Communications: Principles and Practice.
Prentice Hall, 2001.
Y. Dodis, R. Ostrovsky, L. Reyzin, and A. Smith, “Fuzzy Extractors:
How to Generate Strong Keys from Biometrics and Other Noisy Data,”
SIAM Journal on Computing, vol. 38, no. 1, pp. 97–139, Mar. 2008.
G. Revadigar, C. Javali, W. Hu, and S. Jha, “DLINK: Dual Link Based
Radio Frequency Fingerprinting for Wearable Devices,” in Proc. IEEE
Conference on Local Computer Networks (LCN), 2015.
T. M. Cover and J. A. Thomas, Elements of Information Theory, 1991.