Denning's Geo-crypto
Time Magazine, November 26, 2001: Denning's pioneering a new field she calls geo-encryption. Working with industry, Denning has developed a way to keep information undecipherable until it reaches its location, as determined by GPS satellites. Move studios, for example, have been afraid to release films digitally for the same reasons record companies hate Napster: once loose on the Internet, there's little to stop someone from posting the latest blockbuster DVD on the Web for all to see and download. With Denning's system, however, only subscribers in specified locations -- such as movie theaters -- would be able to unscramble the data. The technology works as well for national security as it does for Harry Potter. Coded messages that the State Department sends to its embassies, for example, could only be deciphered in the embassy buildings themselves, greatly reducing the risk of interception. For now, Denning says, terrorists "may want to bring down the power grid or the finance system, but it's still easier to blow up a building." If she's right, it's due in large part to her.
Google shows one "geo-encryption" patented by CoinCard, which may or may not be a component of Denning's geo-crypto. Because CoinCard is a Canadian company, its geo-encryption may have nothing to do with Denning's. CoinCard uses a system composed of a swipe card and passive card reader to decrypt, described in a programmers' manual: http://www.coincard.com/download/ProgrammerManual.pdf It looks as though these readers could be rigged for GPS transceiving to assure that encrypted data was physically located where intended by the sender, and/or the recipient's card could be programmed to be read only by that card reader. Is this a novel system? How to spoof GPS location? Can bin Laden be in several caves around the world each equipped with a personal-ID GPS passive transceiver? Do caves serve as acoustic resonators to emit recorded whispers up ventilating shafts? What underling was wearing Rumfeld's personal tracker on 9/11? Why was the SecDef frantically trying to recover it before Mrs. Rumfeld's private investigators? And his secondary tracker?
On 22 Nov 2001, at 11:06, John Young wrote:
Time Magazine, November 26, 2001:
Denning's pioneering a new field she calls geo-encryption. Working with industry, Denning has developed a way to keep information undecipherable until it reaches its location, as determined by GPS satellites.
Using a GPS coordinate set as keying material? Hope it's just additional keying material. Knowing the intended destination of something like a movie in transit to a theater seems pretty easy, and the set of GPS coordinates encompassing your average multiplex would seem to be pretty small compared to the usual keyspaces discussed here. -- Roy M. Silvernail [ ] roy@scytale.com DNRC Minister Plenipotentiary of All Things Confusing, Software Division PGP Key 0x1AF39331 : 71D5 2EA2 4C27 D569 D96B BD40 D926 C05E Key available from pubkey@scytale.com I charge to process unsolicited commercial email
On Thu, 22 Nov 2001, Roy M. Silvernail wrote:
Using a GPS coordinate set as keying material? Hope it's just
Given that a GPS receiver gets ephemeris data, almanach data and pseudorandom code from each currently visible sat it has probably to do with the latter. Consider S/A (which may or may not be switched off now, I haven't checked): if you've got a secret part of the key you can refine your position despite deliberate degradation (selective availability) than the party without the key.
additional keying material. Knowing the intended destination of something like a movie in transit to a theater seems pretty easy, and the set of GPS coordinates encompassing your average multiplex would seem to be pretty small compared to the usual keyspaces discussed here.
Um, rethorical question, but from my very limited understanding of GPS, all the satelites do is send a series of time codes. So if you wanted to you could build several transmitters that sent out stuff on the same frequenies. Since you need to be outside to be able to use GPS, or at least "see sky", that would imply that these signals are weak. So building something to spoof GPS should be relatively easy. Seems to me that one could also easily build a system to "brute force" through all possible positions on GPS. Again, I emphasize "very limited understanding of GPS" :) ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :Surveillance cameras|Passwords are like underwear. You don't /|\ \|/ :aren't security. A |share them, you don't hang them on your/\|/\ <--*-->:camera won't stop a |monitor, or under your keyboard, you \/|\/ /|\ :masked killer, but |don't email them, or put them on a web \|/ + v + :will violate privacy|site, and you must change them very often. --------_sunder_@_sunder_._net_------- http://www.sunder.net ------------ On Thu, 22 Nov 2001, Roy M. Silvernail wrote:
On 22 Nov 2001, at 11:06, John Young wrote:
Time Magazine, November 26, 2001:
Denning's pioneering a new field she calls geo-encryption. Working with industry, Denning has developed a way to keep information undecipherable until it reaches its location, as determined by GPS satellites.
Using a GPS coordinate set as keying material? Hope it's just additional keying material. Knowing the intended destination of something like a movie in transit to a theater seems pretty easy, and the set of GPS coordinates encompassing your average multiplex would seem to be pretty small compared to the usual keyspaces discussed here. -- Roy M. Silvernail [ ] roy@scytale.com DNRC Minister Plenipotentiary of All Things Confusing, Software Division PGP Key 0x1AF39331 : 71D5 2EA2 4C27 D569 D96B BD40 D926 C05E Key available from pubkey@scytale.com I charge to process unsolicited commercial email
At 11:06 AM 11/22/2001 -0800, you wrote:
Time Magazine, November 26, 2001:
Denning's pioneering a new field she calls geo-encryption. Working with industry, Denning has developed a way to keep information undecipherable until it reaches its location, as determined by GPS satellites. Move studios, for example, have been afraid to release films digitally for the same reasons record companies hate Napster: once loose on the Internet, there's little to stop someone from posting the latest blockbuster DVD on the Web for all to see and download. With Denning's system, however, only subscribers in specified locations -- such as movie theaters -- would be able to unscramble the data. The technology works as well for national security as it does for Harry Potter. Coded messages that the State Department sends to its embassies, for example, could only be deciphered in the embassy buildings themselves, greatly reducing the risk of interception.
For now, Denning says, terrorists "may want to bring down the power grid or the finance system, but it's still easier to blow up a building." If she's right, it's due in large part to her.
I believe several patents have been filed for something along this line (e.g. tamper resistant GPS-smart cards). Mostly to enable casino to satisfy state regulators that their clients are in permitted geographic locales. steve
At 11:06 AM -0800 11/22/01, John Young wrote:
Time Magazine, November 26, 2001:
This is a fascinating idea, but problematic. The simplest approach is easy to spoof. Let's say that you encrypt the data with the GPS coordinates X. The software takes GPS coordinates from a GPS receiver and tries to decrypt the data using these coordinates. Only someone at the right place would be able to figure it out. Naturally, this could be spoofed by replacing the GPS receiver with one that spits out the right coordinates. A better system might rely upon the signals from the satellites themselves. The signals let the GPS receiver measure the time the signal took to travel from the satellite to the receiver. Knowing the distance from three or more satellites makes it possible to triangulate and come up with the real location. A more sophisticated system would encrypt the data with these signals themselves. It might take the data coming from satellites 1,2 and 3 at one particular instant. Only a person in the right location would see the right values at that particular instant. But I think this could be spoofed by time shifting the signals using a TIVO-like mechanism. If you're not in the right location you could pretend to be in another. Maybe they have a more complicated mechanism. Or maybe this is just FUD. -Peter
Denning's pioneering a new field she calls geo-encryption. Working with industry, Denning has developed a way to keep information undecipherable until it reaches its location, as determined by GPS satellites. Move studios, for example, have been afraid to release films digitally for the same reasons record companies hate Napster: once loose on the Internet, there's little to stop someone from posting the latest blockbuster DVD on the Web for all to see and download. With Denning's system, however, only subscribers in specified locations -- such as movie theaters -- would be able to unscramble the data. The technology works as well for national security as it does for Harry Potter. Coded messages that the State Department sends to its embassies, for example, could only be deciphered in the embassy buildings themselves, greatly reducing the risk of interception.
For now, Denning says, terrorists "may want to bring down the power grid or the finance system, but it's still easier to blow up a building." If she's right, it's due in large part to her.
participants (6)
-
Eugene Leitl
-
John Young
-
Peter Wayner
-
Roy M. Silvernail
-
Steve Schear
-
Sunder