Paper at ACM Mobisys 2011

My paper titled 'ProxiMate: Proximity-based Secure Pairing using Ambient Wireless Signals' has been accepted at the 9th Annual International Conference on Mobile Systems, Applications and Services (ACM Mobisys) to be held at Washington D.C.. The paper is about how existing wireless signals, such as FM radio and TV signals, can be used by radios in close proximity to generate a shared secret, and then use that secret to communicate securely. By building a shared key in this manner, it is hoped that the problem of identity spoofing and eavesdropping on wireless links can be addressed. The principles at work in ProxiMate are: (i) Small-scale fading: the wireless channel between a distance RF source (such as an FM radio tower) and a receiver, behaves as a random process, thereby serving as a source of randomness, and (ii) receivers that are within half a wavelength of each other can observe highly correlated (but not identical) versions of these random processes, allowing wireless devices in proximity access to a shared source of common randomness that is not available to any sufficiently distant adversary. ProxiMate is a proof of concept system built on software-defined radio and evaluated using ambient FM and TV signals. It is intended to be information-theoretically secure -- meaning, the key generation phase does not need to assume a computationally bounded adversary -- as opposed to say, Diffie Hellman, which must assume a computationally bounded adversary in order to guarantee that the observations available to the adversary will not allow it to compute the key. On a side note, D.C. is one of the more boring cities to have a conference once you have done the museums circuit. Anyhow, looking forward to it!


Commercial localization in shopping malls using GNURadio

I came across a company named Path Intelligence that is selling equipment to track consumer's locations passively using their cellphone signals inside shopping centers, malls, etc. ostensibly for the purpose of tracking consumer behavior. Apparently, their 'equipment' is centered around the GNUradio platform and uses triangulation based schemes for localization. What is interesting to me is that:

(1) They manage to use signals from cellphone even when the phone is not in a voice call (There must be some beacons!?)
(2) They manage to simultaneously localize multiple phones.
(3) The company website claims accuracy of 1-2 meters

It appears that early adopters of their solution are in the UK. A large mall can be covered by 20 of their 'boxes'.

The Privacy issue:
"The Information Commissioner's Office (ICO) expressed cautious approval of the technology, which does not identify the owner of the phone but rather the handset's IMEI code - a unique number given to every device so that the network can recognise it."

So they don't just track the pure signal but they also demodulate the IMEI code - a reverse lookup may reveal IMEI -> Phone number -> identity but would probably require the cooperation of the carrier. Unlike MAC addresses in 802.11 networks, the IMEI cannot be changed as easily. From a privacy perspective, it appears that the IMEI is therefore a really bad thing (it is unencrypted) as it could potentially allow one to be spied upon (location traces, etc etc.) There are various other privacy issues especially when such a technology is put into effect without having shoppers sign disclosure forms. The page on slashdot has many interesting user comments.
Some links are here, here and here.

Here is an email from Toby Oliver, the owner and CEO of Path Intelligence explaining the technology in an effort to allay concerns.

Here is a particularly insightful comment from Slashdot that brings out the 'value' of location information rather than worrying about privacy:


"My shop usage data have great financial value (otherwise the shops wouldn't pay to install surveillance systems) and the shop's surveillance is involuntary - I am not given a choice whether to allow them track me or not, except if I avoid transmitting wireless signals while near their shop. As the data collection is not voluntary and my shop usage data have financial value, I demand payment from shops using this system. I want a share of my shop usage data's financial value."

I think this makes a good case for researching PHY-layer based location privacy. Having simple omni transmitters is equivalent to relinquishing one's privacy as well as volunteering usage data for free.