Ok, not the question on the tip of your tongue, but bear with me. Geoencryption, or geo-encryption, boils down to: How about if you could only access data when you’re at a certain spot?
It’s not a new idea: the brains behind it, Dorothy Denning, a veteran of cryptology has been talking about it for at least a decade. When people were last getting excited about it, in the wake of 9/11, it was all about movie studios being able to release films digitally confident that only movie theaters could decrypt them, or coded messages to embassies only be deciphered within the building itself. Now we probably know better: with more accurate GPS, and with GPS in phones, one could imagine much more portable uses, such as transmissions to the field that could only be deciphered once the recipient is in location, or automatically encrypting data if a device is moved without authorisation.
But not much seems to have actually happened since then. The website for Geocodex, the company she helped set up, doesn’t seem to have an active web site — this one is blank, and has been since its inception (it was registered under the name Mark Seiler, a movie executive who set up the company in around 2000.) She does have a string of patents, though, the most recent of which was approved on November 28. Of course, the patent isn’t new: It was filed five years ago to the month. But it does seem to be the only one that mentions geo-encryption. So does this mean something will now happen?
Geo-Encryption: Global Copyright Defense? from Slashdot, April 2002
How Geo-Encryption Makes Copyright Protection Global, CIO Insight, April 2002
Using GPS to Enhance Data Security at GPS World
and a profile of Dorothy Denning by Anne Saita, Information Security, Sept 2003, her homepage at the Center on Terrorism & Irregular Warfare and at Georgetown U.
update Dec 13 2006: after writing to Dorothy Denning I received this back from Mark Seiler:
It is still a bit premature for us to discuss GeoCodex publicly. Granted, after seven years, the word “premature” seems strange in any context. However, there are still other, related patent filings that we anticipate receiving shortly. This is not to say that we are not active while waiting on the patent office. This past year we began field trials for several different geo-encryption applications and additional test deployments will be on-going in 2007.
We to expect to start making announcements towards the middle of the year. If you’d like, we’ll make a note and give you a “heads up” at the appropriate time.
Although it’s taken much longer than we would have hoped, we still believe that geo-encryption – and GeoCodex in particular – offers a unique solution to the problem of protecting digital content.
There was something in a similar vein, called CyberLocator. Developed by some smart people, it used GPS as well. However, it was a regional system, since it used signal timing analysis through a service provider to neuter the problem of a user spoofing the GPS data to local software by correlating raw GPS signal timing at the user with the service provider (must have at least one common GPS satelite viewable by both the service and the user). Because of this, the location signature is not based solely on the lat/lon/alt of a user. Because this also has time related properties as part of the location signature, it would a be small jump to integrate with timestamp authorities/services.
The original usage was to confirm roughly the location of a user for purposes of online gambling (is the user inside the state of Nevada, for example). Apparently had successful demos in front of the Nevada State Gaming Commission, but the people behind it went quiet after a partnership with QinetiQ stalled due to the privatization of QinetiQ. Currently they are supposedly licensing the technology through Global Cyber Licensing LLC. They demonstrated this with older SiRFstar II chips, so using the newer SiRFstar III chips should yield much better urban performance.