Composable Anonymous Proof-of-Location With User-Controlled Offline Access

Abstract

A proof-of-location (pol) is a digital credential issued to a user after proving their location to an issuer. The user can use the pol at a later time to prove to a verifier that they have been present at a claimed location. A secure Proof-of-Location (POL) system requires that pols be unforgeable and non-transferable to other users. POL systems can be used to provide fine-grained authentication and authorization and must ensure the privacy of the pol owner against the issuer and the verifier while allowing efficient presentation of pols combined with other credentials when needed. Efficiency is in terms of communication overhead in user-verifier POL sessions, which has particular significance in high-volume pol verification scenarios. We first propose a POL system that (i) is provably secure in a simulation-based framework, allowing a pol to be securely used with other credentials, and (ii) provides anonymity against the issuer and the verifier. We then extend the system to allow pols to be stored on a public distributed ledger system and selectively be presented to the verifiers by the user. This is the first POL system that satisfies the above properties. We implement POL algorithms on a mobile phone and present our experimental results showing the practicality of the system. Our proposed scheme is highly scalable compared to existing systems, reducing the user-verifier POL communication overhead by up to a factor of 94.