English

Location-Enhanced Authenticated Key Exchange

Cryptography and Security 2016-02-18 v4

Abstract

We introduce LOCATHE (Location-Enhanced Authenticated Key Exchange), a generic protocol that pools location, user attributes, access policy and desired services into a multi-factor authentication, allowing two peers to establish a secure, encrypted session and perform mutual authentication with pre-shared keys, passwords and other authentication factors. LOCATHE contributes to: (1) forward secrecy through ephemeral session keys; (2) security through zero-knowledge password proofs (ZKPP), such that no passwords can be learned from the exchange; (3) the ability to use not only location, but also multiple authentication factors from a user to a service; (4) providing a two-tiered privacy authentication scheme, in which a user may be authenticated either based on her attributes (hiding her unique identification), or with a full individual authentication; (5) employing the expressiveness and flexibility of Decentralized or Multi-Authority Ciphertext-Policy Attribute-Based Encryption, allowing multiple service providers to control their respective key generation and attributes.

Keywords

Cite

@article{arxiv.1510.08007,
  title  = {Location-Enhanced Authenticated Key Exchange},
  author = {Marcos Portnoi and Chien-Chung Shen},
  journal= {arXiv preprint arXiv:1510.08007},
  year   = {2016}
}

Comments

This is an extended version of 2016 International Conference on Computing, Networking and Communications (ICNC 2016), Workshop on Computing, Networking and Communications (CNC), 2016, pp. 201-205

R2 v1 2026-06-22T11:30:18.144Z