



























Dave Singelée, DistriNet (Group T), KU Leuven
Xavier Carpent, University of Nottingham
Takahito Yoshizawa, COSIC, KU Leuven
Farhad Aghili, Sirris
Aysajan Abidin, COSIC, KU Leuven
Bart Preneel, COISC, KU Leuven
Multiple authentication solutions are widely deployed, such as OTP/TOTP/HOTP codes, hardware tokens, PINs, or biometrics. However, in practice, one sometimes needs to authenticate not only the user but also their location. The current state-of-the-art secure localisation schemes are either unreliable or insecure, or require additional hardware to reliably prove the user's location. This paper proposes CARPOOL, a novel, secure, and reliable approach to affirm the location of the user by solely relying on location-bounded interactions with commercial off-the-shelf devices. Our solution does not require any additional hardware, leverages devices already present in a given environment, and can be integrated effortlessly with existing security components, such as identity and access control systems. To demonstrate the feasibility of our work and to show that it can be deployed in a realistic closed environment setting, we implemented a proof of concept realisation of CARPOOL on an Android phone and multiple Raspberry Pi boards and integrated CARPOOL with Amazon Web Services (AWS) Cognito.
BibTeX
@misc{cryptoeprint:2025/1502,
author = {Sayon Duttagupta and Dave Singelée and Xavier Carpent and Takahito Yoshizawa and Farhad Aghili and Aysajan Abidin and Bart Preneel},
title = {{CARPOOL}: Secure And Reliable Proof of Location},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/1502},
year = {2025},
doi = {10.1145/3750555.3811885},
url = {https://eprint.iacr.org/2025/1502}
}
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。