SPARSE: Privacy-Aware and Collusion Resistant Location Proof Generation and Verification

Recently, there has been an increase in the number of location-based services and applications. It is common for these applications to provide facilities or rewards for users who visit specific venues frequently. This creates the incentive for dishonest users to lie about their location and submit fake check-ins by changing their GPS data. To solve this issue, different distributed location proof schemes have been proposed to generate location proofs for mobile users. However, these schemes have some drawbacks: (1) they are vulnerable to either Prover-Prover or Prover-Witness collusions, (2) the location proof generation process is slow when users adopt a long private key, and (3) their implementation requires some hardware changes on mobile devices. To address these issues, we propose the Secure, Privacy-Aware and collusion Resistant poSition vErification (SPARSE) scheme to generate private location proofs for mobile users. SPARSE has a distributed architecture designed for ad-hoc scenarios in which mobile users generate location proofs for each other. Since we do not integrate any distance bounding protocol into SPARSE, it becomes an easy-to-implement scheme in which the location proof generation process is independent of the length of the users' private key. We provide a comprehensive security analysis and simulation which show that SPARSE provides privacy protection as well as security properties for users including integrity, unforgeability and non-transferability of the location proofs. Moreover, it achieves a highly reliable performance against collusions.

[1]  Hai Liu,et al.  Spatiotemporal correlation-aware dummy-based privacy protection scheme for location-based services , 2017, IEEE INFOCOM 2017 - IEEE Conference on Computer Communications.

[2]  Serge Vaudenay,et al.  Practical and provably secure distance-bounding , 2013, J. Comput. Secur..

[3]  Matthew K. Franklin,et al.  Privacy-preserving alibi systems , 2012, ASIACCS '12.

[4]  Gang Wang,et al.  On the validity of geosocial mobility traces , 2013, HotNets.

[5]  Maria Luisa Damiani,et al.  Location privacy models in mobile applications: conceptual view and research directions , 2014, GeoInformatica.

[6]  Guohong Cao,et al.  Toward Privacy Preserving and Collusion Resistance in a Location Proof Updating System , 2013, IEEE Transactions on Mobile Computing.

[7]  Matthew Warren,et al.  A Hybrid Location Privacy Protection Scheme in Big Data Environment , 2017, GLOBECOM 2017 - 2017 IEEE Global Communications Conference.

[8]  Sébastien Gambs,et al.  PROPS: A PRivacy-Preserving Location Proof System , 2014, 2014 IEEE 33rd International Symposium on Reliable Distributed Systems.

[9]  Cédric Lauradoux,et al.  How secret-sharing can defeat terrorist fraud , 2011, WiSec '11.

[10]  Laurent Bussard,et al.  Distance-Bounding Proof of Knowledge to Avoid Real-Time Attacks , 2005, SEC.

[11]  Serge Vaudenay,et al.  The Bussard-Bagga and Other Distance-Bounding Protocols under Attacks , 2012, Inscrypt.

[12]  M SanjaY,et al.  A Privacy Preserving and Collusion Resistance in a Location Proof Updating System , 2018 .

[13]  Alec Wolman,et al.  Enabling new mobile applications with location proofs , 2009, HotMobile '09.

[14]  Reza Curtmola,et al.  LINK: Location Verification through Immediate Neighbors Knowledge , 2010, MobiQuitous.

[15]  Srdjan Capkun,et al.  Realization of RF Distance Bounding , 2010, USENIX Security Symposium.

[16]  Urs Hengartner,et al.  VeriPlace: a privacy-aware location proof architecture , 2010, GIS '10.

[17]  Prasant Mohapatra,et al.  STAMP: Enabling Privacy-Preserving Location Proofs for Mobile Users , 2016, IEEE/ACM Transactions on Networking.

[18]  Serge Vaudenay,et al.  Challenges in Distance Bounding , 2015, IEEE Security & Privacy.