Location-Enhanced Authenticated Key Exchange
This addresses security and privacy challenges in authentication for users and service providers, though it appears incremental as it builds on existing cryptographic techniques like attribute-based encryption.
The paper tackles the problem of secure session establishment and mutual authentication by introducing LOCATHE, a generic protocol that integrates location, user attributes, access policy, and services into multi-factor authentication, resulting in features like forward secrecy, zero-knowledge password proofs, and two-tiered privacy authentication.
We introduce LOCATHE (Location-Enhanced Authenticated Key Exchange), a generic protocol that pools location, user attributes, access policy and desired services into a multi-factor authentication, allowing two peers to establish a secure, encrypted session and perform mutual authentication with pre-shared keys, passwords and other authentication factors. LOCATHE contributes to: (1) forward secrecy through ephemeral session keys; (2) security through zero-knowledge password proofs (ZKPP), such that no passwords can be learned from the exchange; (3) the ability to use not only location, but also multiple authentication factors from a user to a service; (4) providing a two-tiered privacy authentication scheme, in which a user may be authenticated either based on her attributes (hiding her unique identification), or with a full individual authentication; (5) employing the expressiveness and flexibility of Decentralized or Multi-Authority Ciphertext-Policy Attribute-Based Encryption, allowing multiple service providers to control their respective key generation and attributes.