Location-based encryption can prevent stolen data from being decrypted outside a particular facility. Modernized Loran, hard to spoof and hard to jam, with good repeatable position accuracy and signal availability, shows strong potential for securing sensitive data.

The emergence of the Internet and personal computers has produced unprecedented information content and access and placed volumes of data at practically anyone's fingertips. While the spread of such technology has increased efficiency and knowledge, it has also made information theft easier and more damaging.

One common form of information theft is the unauthorized copying and distribution of copyrighted material. Today, one can obtain pirated versions of the latest movies, often before release, by making a quick visit to a file-sharing network or a less-than-reputable shop. Surprisingly, the pirated material often comes from Hollywood insiders, such as the employees of the post-production shop, or individuals who receive pre-release screener DVDs.

Theft of equipment containing sensitive or valuable information has also become widespread. Laptops containing personal information such as social security numbers, personal financial information, credit-card numbers, and so on make attractive targets. These thefts can happen in the most surprising places. Qualcomm CEO Irwin Jacobs left his laptop unattended for a few minutes to field questions from a business audience after a speech — and it disappeared.

These emerging problems have stimulated interest and significant growth in the field of information security. Geoencryption or location-based encryption furnishes a means to enhance security, and is suitable to these two scenarios, digital film distribution and laptop security.

The terms geoencryption and location-based encryption refer to a security algorithm that limits the access (decryption) of information content to specified locations and/or times. More generically, the restriction can be based on any set of navigation parameters. The algorithm does not replace any of the conventional cryptographic algorithms, but instead adds an additional layer of security.

In its basic form, location-based encryption can ensure that data cannot be decrypted outside a particular facility. Any attempts to access the secure information at an unauthorized location will result in a failure of the decryption process. For example, a digital movie file can only be decrypted inside the theater to which it is sent. In the scenario of laptop security, the valuable information on the laptop or hard drive can be encrypted so that it can be accessed only at the laptop owner's home or office. The theft of such data has the potential of jeopardizing personal and national security.

Geoencryption increases security by augmenting current cryptosystems, such as passwords. Even today, many people do not employ very strong passwords. Eight-character passwords of mixed numbers and letters can be recovered within 60.5 hours on supercomputers that have a speed of 1 billion passwords per second. Even with very strong passwords, geoencryption provides extra security because it prevents authorized users from accessing sensitive data at unsecured locations.

Digital Film Distribution

Figure 1 Geoencryption overview

Logan Scott, Dorothy Denning, and colleagues at Geocodex proposed and developed the idea of geoencryption for digital film distribution. FIGURE 1 shows a modified version of the system. A content provider (sender) distributes the encrypted film (cipher text) to an authorized user (recipient). This is done via many methods such as satellite data links and, as such, may be readily available to unauthorized users.

Films encrypted using the geoencryption protocol can be decrypted only at a specified location (theaters). That means that the decryption process should fail and not reveal information about the plaintext if there is an attempt to decrypt the data at another location. This should be true whether it is by an authorized or unauthorized user. Therefore, the geoencryption algorithm can be used to ensure that film cannot be retrieved, except at the theater by authorized personnel.