Secure Spatial Authentication using Cell Phones

Abstract

The latest estimates suggest that there are over 2 billion cell phone users worldwide. The massive worldwide usage has prompted technological advances which have resulted in more features being packed in the same phone. New dual phones are being built which can connect to both the cellular network and other wireless devices. In this paper we propose to use the omnipresent cell phones and the secure cellular network for access and location control. Using the cellular network adds to the strength of the authentication process and makes the revocation of access for a user easy. Our scheme also provides spatial control of the entity seeking authentication. In a cell phone based authentication system, our scheme provides location based authentication using two different approaches. One approach uses a trusted hardware sensor placed at a location close to the cell phone to validate the presence of the cell phone. Another approach to obtain the desired spatial control is through the use of GPS. The cellular phones would present the authentication server and the cellular network with the GPS coordinates of its current location using a tamper proof GPS module. This approach also prevents wormhole attacks because the cell phone has to provide the same coordinates to both the authentication server and the cellular network