Abstract
The secure storage of the sensitive data in mobile devices is an urgent issue. Most of the existed encryption algorithms are location independent, which means the encrypted data can be decrypted anywhere. In this work, we propose a novel location-based encryption model using a fuzzy vault scheme. First, we may choose a proper encryption algorithm, a symmetric algorithm or an asymmetric encryption algorithm, to encrypt the sensitive data in mobile devices. Then, the crucial issue comes to securely storing the secret key in the encryption algorithm, and it will be solved in the secret key protection phase by applying a fuzzy vault scheme using a location-based digital fingerprint, which represents the valid user in the valid location region. We bind the digital fingerprint and the secret key together to construct a fuzzy vault for storing the both securely. We simulate our model on an Android device and make some performance and security analysis on it. The main contribution of our model is applying a fuzzy vault scheme which uses the location information captured by the user’s mobile devices to securely protect the secret key used in the cryptosystem for encrypting the users sensitive data on the user’s mobile devices.
Similar content being viewed by others
References
Abolghasemi MS, Sefidab MM, Atani RE (2013) Using location based encryption to improve the security of data access in cloud computing. In: Proceedings of international conference on advances in computing, communications and informatics (ICACCI). Mysore, pp 261–265
Al-Fuqaha A, Al-Ibrahim O (2007) Geo-encryption protocol for mobile networks. Comput Commun 30:2510–2517
Andalib AS, Abdulla-Al-Shami M (2013) A novel key generation scheme for biometric cryptosystems using fingerprint minutiae. In: Proceedings of 2013 international conference on informatics, electronics and vision (ICIEV). Bangladesh, pp 1–6
Askarov A, Sabelfeld A (2007) Gradual release: unifying declassification, encryption and key release policies. In: Proceedings of IEEE symposium on security and privacy (SP’07). California, pp 207–221
Baidu Inc. (2015). Baidu Map Api. http://developer.baidu.com/map/
Bui FM, Hatzinakos D (2008) Secure methods for fuzzy key binding in biometric authentication applications. In: Proceedings of IEEE 42nd asilomar conference on signals, systems and computers. California, pp 1363–1367
Gartner Inc. Forecast: PCs, ultramobiles, and mobile phones, worldwide. http://www.gartner.com/document/2780117.2011-2018, 2Q14 Update 2015
Google Inc. Nexus 5 - Google. http://www.google.com/nexus/5/. 2015
Juels A, Sudan M (2006) A fuzzy vault scheme. Des Codes Cryptogr 38(2):237–257
Junglas IA, Watson RT (2008) Location-based services. Commun ACM 51:65–69
Kao Y, Zhang X, Studer A, Perrig A (2012) Mobile encryption for laptop data protection (MELP). IET Inf Secur 6:291–298
Karimi R, Kalantari M (2011) Enhancing security and confidentiality on mobile devices by location-based data encryption. In: Proceedings of 17th IEEE international conference on networks (ICON). Singapore, pp 241–245
Liao H, Chao Y (2008) A new data encryption algorithm based on the location of mobile users. Inf Technol J 7:63–69
Liu Z, Groszschaedl J, Hu Z, Jarvinen K, Wang H, Verbauwhede I (2016a) Elliptic curve cryptography with efficiently computable endomorphisms and its hardware implementations for the internet of things. IEEE Trans Comput 14(8):1–14
Liu Z, Huang X, Hu Z, Muhammad KK, Seo H, Zhou L (2016b) On emerging family of elliptic curves to secure internet of things: ECC comes of age. IEEE Trans Dependable Secur Comput. doi:10.1109/TDSC.2016.2577022
Nguyen TH, Wang Y, Nguyen TN, Li R (2013) A fingerprint fuzzy vault scheme using a fast chaff point generation algorithm. In: Proceedings of IEEE international conference on signal processing, communications and computing (ICSPCC). Kunming, pp 1–6
Scott L, Denning DE (2003) Location based encryption and its role in digital cinema distribution. In: Proceedings of the 16th international technical meeting of the satellite division of the institute of navigation (ION GPS/GNSS). Portland, pp 288–297
Stinson DR (2005) Cryptography: theory and practice, 3rd edn. Chapman and Hall/CRC Press, Florida
Studer A , Perrig A (2010) Mobile user location-specific encryption (MULE): using your office as your password. In: Proceedings of the third ACM conference on wireless network security. New Jersey, pp 151–162
Uludag U, Pankanti S, Jain AK (2005) Fuzzy vault for fingerprints. Lect Notes Comput Sci 3546:310–319
Wu Z, Wu J, Wu Y, Yang M, Zhao C, Li M (2013) A mobile data protection method based on location information. China Patent No. 2013105479836
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare no conflict of interest.
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Additional information
Communicated by V. Loia.
This work was supported by the Key Program of the Natural Science Foundation of Zhejiang Province China (No. LZ17F020002), Zhejiang Province Science and Technology Innovation Team (No. 2013TD03) and was also partially supported by the Research Projects of Zhejiang Qianjiang Talents Project (No. 2013R10071).
Rights and permissions
About this article
Cite this article
You, L., Chen, Y., Yan, B. et al. A novel location-based encryption model using fuzzy vault scheme. Soft Comput 22, 3383–3393 (2018). https://doi.org/10.1007/s00500-017-2583-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-017-2583-x