European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi,

UAE

DATA ENCRYPTION USING THE DYNAMIC LOCATION AND SPEED OF MOBILE NODE

Hamad Hatem, Faculty of Engineering, Department of computer, Islamic University, Gaza Palestine. hhamad@iugaza.edu.ps Elkourd Souhir, Faculty of Engineering, Department of computer, Islamic University, Gaza Palestine. el_kourd@yahoo.com

Abstract: The development of applications and services of mobile phones, created a phenomenon of spying and deceptions through these mobiles. So, it is necessary to think of finding a solution for this problem. In this paper we propose a new method to protect such applications and services. This method depends on one of the available services (GPS) by using the coordinate. A mobile receiver with GPS service register a set of coordinates and velocity during movement and estimate the next position. Our algorithm is to generate the secret key which uses this new coordinate and the dynamic tolerance distance (DTD) to increase its practicality. The security analysis shows that the probability to break this key is almost impossible due to the dynamic coordinates and DTD and adjusting the length of the Random key. This security is tested in real time using j2me software where the experimental study shows that the ciphertext can only be decrypted under the restriction interval of DTD. It illustrates that our secret key (Sec_key) is more effective and practical for data transmission in mobile environment compared with static method. Keys: mobile phone, GPS, DTD, data Encryption.

1. INTRODUCTION
Every day, we hear about the innovation of new applications and services for a mobile phones that facilitates users to perform routine work through mobile phone like Business, using the GPS to detect his location, paying utility bills, purchase online tickets, observing stock, weather reports and online TV. Users can make calls, send messages (SMS, MMS etc), also download a different kind of software, games and music etc. The most important mobile services that are used these days can be categorized into a voice call, MMS, and SMS messages, entertainment services (video, music, voice, ring tones, pictures, dating, gaming etc), utility services (news, weather, bank connections, event calendar, corporate application), public services (public authority communication, customer services) and mobile solution in conventional industry (remote control, information gathering, monitoring) [10]. In recent years, usages of mobile phone internet services and mobile messaging services include SMS and MMS, as well as Mobile e-mail is growing rapidly which make the Business and communication through mobile have become crucial part in daily routine life. Computer viruses are well known and are dangerous risk for corporate computer environment. These malicious programs can steal the confidential user information, or the crashed email server etc. Mobiles are equipped with same as PCs; it has an operating system, text editor, spreadsheet editor and database processing. The cell phone users have also the facility to exchange executable files, and modern cell phones are also connected to internet. Mobile phones are facing more threats that the PCs are facing, due to dynamic mobile environment.
Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

New wireless technologies have opened up the thrilling opportunities in a mobile e-commerce market like financial transactions and online purchasing with sensitive data transfer by using mobile phones. But on the other hand different kind of malicious software are stealing confidential user data that is becoming cause of the loss of money. Thus; the security is the most important issues in such kind of services. Due to this security threats users confidentiality, integrity and availability are at risk. So there is a need to protect these applications and services by attacker to remove vulnerabilities. In this paper we give new solution to protect the mobile phone service like MMS and SMS attacked by spoofing, in which we use one of the available services (GPS) by using the coordinate of receiver mobile phone. we propose a new method of key security where the receiver Mobile phone register some coordinates and speed during the travel and thus can chart the course of movement. Through this path we can predict the next coordinate expected after a certain time. Since the GPS receiver in mobile phone is inaccurate and inconsistent depending on how many satellite signals are received [2]. It is difficult for a receiver to decrypt the ciphertext at the same location which is exactly matched with the target coordinate. It is impractical by using the inaccurate GPS coordinate as a key for data encryption. Consequently, a Dynamic Toleration Distance (DTD) is designed in the secret key. The receiver Mobile phone determine the DTD and the sender mobile phone can decrypt the ciphertext within the range of DTD. On the other hand, extensive research has been done on data encryption for wireless networks and mobile node transmission, for example: In [2] Hsien-Chou L. & Yun-Hsiang C., proposed a location Data Encryption Algorithm LDEA. This protocol is not strong enough because they are using the static location which is latitude/longitude coordinate of mobile node and they are using a static Toleration Distance (TD) to overcome the inaccuracy and inconsistence of GPS receiver. However, in our proposal we apply a dynamic location of mobile node and dynamic tolerance distance which makes our protocol very strong to attack. In [3] Ala Al-Fuqaha & Omar Al-Ibrahim , proposed a geo-encryption protocol by restricting the decryption of a message to a particular location and time period. The encryption of this protocol is limited to a static location and can not be used in dynamic location. In [4] Scott & Denning et al., proposed a data encryption algorithm by using the GPS, called Geo-Encryption. GeoEncryption was based on the traditional encryption system and communication protocol. For the sender, the data was encrypted according to the expected PVT (Position, Velocity and Time) of the receiver. However, the PVT-to-GeoLock mapping function is the primary mechanism to ensure that the data can be decrypted successfully. In [5] V. Vijayalakshmi & Dr. T.G. Palanivelu., proposed a Secure Localization Using Elliptic Curve Cryptography in Wireless Sensor Networks, where Determining the physical positions of sensors is a fundamental and crucial problem in wireless sensor network operation. Their location based authentication scheme is built on the ID-based cryptography by using ECC and ECC key exchange. In [6] Mundt , proposed a location dependent digital rights management system. Location is essential for controlling access to resources protected by the digital rights. A trusted device which incorporates a precise secure clock and a GPS receiver is implemented . In [7] Liao et al., proposed a static location-dependent data encryption approach for mobile information system. The approach is based on a reverse hashing principle. A series of session keys is generated based one-way hash function. They are generated for mobile client and server in a secure network simultaneously. When the mobile client is operated in an insecure network of the outdoor environment, the session key is incorporated with the GPS coordinate for ensuring the data is decrypted at the desired location. In [8] P. S. Pandian, proposed a Wireless Sensor Network for Wearable Physiological Monitoring systems uses an array of sensors integrated into the fabric of the wearer to continuously acquire and transmit the physiological data to a remote monitoring station. Then the data is correlated to study the overall health status of the wearer. The use of physiological sensors with miniaturized electronics to condition, process, digitize and wireless transmission integrated into the single module. These sensors are strategically placed at various locations on the vest. In general view of security recent we can It is clear that the secret things be strong with moving objects rather than of things fixed and this is the result of continuous movement and change the location of this point, we present the idea Almottaga success and give amazing results. The rest of the paper is organized as follows. In Section 2, we precisely describe in details the protocol of security in mobile phone. Then, in Section 3, we present the algorithm of our protocol. In Section 4, we provide the study of security
Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

of analysis privacy and authentication. We show that the number of secrets maintained in the Protocol. In Section 5 we identify how our protocols are affected by collusion among users. Finally, we make concluding remarks in Section 6.

2. DETAILED DESCRIPTION OF THE PROTOCOL

In this protocol, the mobile receiver with GPS service, register a set of coordinates and velocity during movement and estimate the next position. This new coordinate is applied in the secret key with dynamic tolerance distance (DTD). DTD is designed to overcome the inaccuracy and inconsistent problem of GPS receiver and to increase its practicality. This protocol protect the message of type Multimedia Messaging Service, or MMS, which is a standard way to send messages that include multimedia content to and from mobile phones. It extends the core SMS (Short Message Service) capability which only allowed exchange of text messages up to 160 characters in length. The most popular use is to send photographs from camera-equipped handsets, although it is also popular as a method of delivering news and entertainment content including videos, pictures, text pages , sounds and speech through mobile connectivity. 2-1 The Path equations for MN movement Suppose the receiver mobile node starts at time t0 at a location whose longitude and latitude values are L0(X0,Y0), which are assumed to be initially known in the path , the mobile phone with GPS service readings Lt(Xt,Yt) at time t with t = t1, t2, t3, . . such that ti = t0 + i*r where r is a fixed time unit interval whose value is arbitrary but known. The movement of node itself is arbitrary in any direction and any velocity. The next position is given by the following equations according to the law of Speed: xt=x0+ti*v*cos yt=y0+ti*v*sin Add 1 to 2 we get xt+yt= x0 + y0 + ti*v*(cos + sin ) . (3) (1) (2)

were v is the velocity of mobile node given by :

v=

y y t 1 2 xt xt 1 2 ) +( t ) ( r r

is the angle between two coordinate as see in figure1 given by:

= arctan(

yt yt 1 ) xt xt 1

and the distance between two coordinate given by:

d = ( xt xt 1 ) + ( y t y t 1 )
The path equation is : ():{y(t)=an*xn(t) +an-1*xn-1(t) + .a1*x(t) +a0 ..(4)

Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

Each time the GPS read this parameter "latitude, longitude, Altitude and velocity" we do the following test in the program : - If the value of velocity is high (v100km/h) means the distance of the next coordinate is very short because the time is constant, so his movement is uniform which make the function of path () in (4) linear ( n=1 ) (): y(t) =a1*x(t) +a0 But if the velocity is not high, the path equation follow the size of coordinate belong to the path equation (). If most of the general coordinates Belong to a path , so the path equation is linear: y(t) =a1*x(t) +a0 - If the value of velocity is less high (v<100km/s) we find a polynomial that fit this points, in general is probably a cubic Function (n=3) 2-2 The estimation of the next coordinate At time t=t+1 the algorithm estimate the next position ct+1=(xt+1,yt+1) In : xt+1 =x0+v*t*cos +a*t2 were a is a constant. Substitute the value of xt+1 in the path equation () of (4) to get yt+1. 2-3 Dynamic tolerance distance A dynamic Toleration Distance (DTD) is designed to increase its practicality in the interval of encrypt or decrypt the data, because the GPS receiver have problem in inaccuracy and inconsistent. To calculate DTD we do the following step: - Replace the values of latitude into the path function () - Find the absolute values of the difference between the longitude values and the values in the previous step - Select the maximum value to be DTD - DTD is multiplied by 10000 to be an integer and divided by 5.4 * from the estimation of CoordTrans tool of Franson Company, the values are 5.4 and 6 for latitude and longitude corresponding to 1 m [2], the mathematic equation of DTD are : y'i=f(xi) , where 0<i<t+1 and f is function of path DTD = max (yi-y'i)*10000/5.4 the result is in meter

3. THE ALGORITHM OF PROTOCOL

Step 1. "The path Equation"

Input ci(xi.yi) ,t0,r,vi where 0<i<n Let ti=t0+i*r Xt=x0+vi*ti*cos

Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

yt=y0+vi*ti*sin So xt+yt =x0+y0+vi*ti(cos + sin)

= arctan(
and

yt yt 1 ) xt xt 1

let A =[a1,a2,an] is a set of all points B ={am A / am ()} , B is a Set of points which lies on the curve () If size(B) size(A)/2 Then f(A)= () If v>100 km/h , ()= {y(t)=a*x(t)+a0 } Else ()= {y(t)=an*xn(t)+an-1*xn-1(t)+..+a1*x(t)+a0} It is often that the path function is cubic Step 2. "the estimate coordinate "

For t= ti+1 Xt+1=xo+v*ti+1*cos +a*t2 Yt+1=((xt+1))

Step 3. "the dynamic tolerance distance" For ci=(xi,yi) , 0<i<n

DTD=(Max |yi-f(xi)|)*1000/5.4

4. SECURITY ANALYSIS
In this section, we will show the generation of our proposed secret key .

After the receiver mobile estimates the new coordinate and computes DTD, he sends it to the sender by using asymmetric encryption algorithm. This parameter is applied to encrypt the message sent by the sender.
4 -1 Generation of secret key
Our purpose of secret key given in figure 3 mainly includes the estimated coordinates and DTD that are computed in the last section . The steps to compute the secret key is as follows: -Transform estimate latitude/longitude coordinates Enter the estimate coordinate (xt+1,yt+1) multiply the estimate latitude by( 10000/Dtd*6) and the longitude by ( 10000/Dtd *5.4) to obtain the coordinate in meter and in the interval of encryption and decryption [2]. The set of coordinates is generally included inside the ellipse shape that take (x0, y0) and (xt+1 , yt+1) Located on the perimeter of the ellipse as in Fig. 1.

Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

Figure1 Distribution of coordinate in ellipse shape

- Ellipse function From figure 2 the new axes given by x' = xcos ysin (5) y' = xsin +ycos The function of ellipse given by :
2 2

x' x y' y R( X , Y ) = a + b =1 (6)

Substitute (5) in (6) to get (7)

X*cos y*sin x R(X,Y) = a

where

x*sin + y*cos y =1 + b

(7)

( x max x min) 2 (ymax ymin) b= 2 a=

Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

Figure 2. Moving the ellipse form in new axes xt + 1 cos 2 yt + 1 y= sin 2 y y = arctan( t t 1 ) xt xt 1 Substitute the estimate coordinate (xt+1,yt+1) in the ellipse function, then R( xt+1 , yt+1) = w, w is fractional number. x=
- Hash function: Is a function that takes a variable length input and converts to a fixed length output, called hash value or

hash digest [3]. Hash functions are relatively easy to compute but significantly harder to reverse. Beside one-way , the other important property of hash functions is collision-free: It is hard to generate two inputs with the same hash value [9]. The MD5 hash algorithm is utilized and generates a 128-bit digest for the combined result. Then, the digest is split into two 64-bit values then swapped to complicate the sec-keys. This step causes that the target coordinate is unable to be derived from the sec_key. - Final key Using XOR function between the secret key left (secL_key) and the random key (R_key) with 128 bit, we get the final key left Also Using XOR function between the secret key right (secR_key) and the random key (R_key) with 128 bit, we get the final key right .then we merge between this two key we get the final key. Final_Lkey = R_key xor secL_key and Final_Rkey = R_key xor secR_key Final _key = Final_Lkey & Final_Rkey

Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

Estimate latitude xt+1

Estimate longitude yt+1

*1000*DTD*6 Take the integer part

*1000*DTD*5.4 Take the integer part

Ellipse function

Hash function

Sec_key split Left Sec_key swep Right Sec_key

Right Sec_key

Left Sec_key

R Key

Final_ Lkey

Final_ Rkey

Figure 3 Procedure for final key generation 4 -2 The secret key process The process of secret key is shown in Figure. 4. When the estimated coordinate and DTD are given by the mobile receiver then a Sec_key is generated from this data and the random-key generator, the final key is issued , called R-key. Then, the final-key for encrypting the plaintext is generated by exclusive-or R-key with sec_key. The final-key can be used for the symmetric encrypt algorithm, such as DES, AES, triple-DES, etc. The asymmetric encryption algorithm is used to transmit the estimate coordinate, DTD, R_key and public key by the receiver to the sender which is applied to generate the final key where the public and the private keys are generated on the receiver side. This final key is used to encrypt the different type of messages lake audio, video, image, speech and text. If the acquired coordinate is matched with the estimate coordinate within the range of DTD, the ciphertext can be decrypted back to the original plaintext. Otherwise, the result is indiscriminate and meaningless. When the sender receives this data, he sends the encrypted data to the receiver. The receiver decrypt the ciphertext using the data send It to the sender.

Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

Mobile phone with GPS

``

Plain text

Symmetric Encryption

Cipher text

Symmetric Decryption

Plaintext

Final_key

Sec key

Generate Sec_key

Generate Sec_key Sec key

Final_key

R_key

DTD

(xt+1, yt+1) Cipher text

DTD

R _key

Asymmetric Decryption

Asymmetric Encryption

R_key

Plaintext=(xt+1,yt+1), DTD, R_key

Privet key

Public_key

Plaintext= (xt+1, yt+1), DTD, R_key

Sender

Receiver

Figure 4 process of secret key

4 -3 Strongest of key The strongest of key depends on the dynamic path for the receiver MN and DTD. Therefore, the probability to break the secret key is impossible because no one knows the estimate coordinate since it is not yet at this position. Also DTD can be a fractional number with small interval which makes the key more secure. The random key is incorporated by the secret key which makes the final key very strong. 5. EXPERIMENTAL STUDY AND RESULTS A prototype was implemented to illustrate and evaluate the practicality of sec_key algorithm. Simulation figures using j2me software are shown bellow. The Encryption part: The plain text is encrypted using the parameters sent in the asymmetric encryption In Fig.5a, the user chooses encrypt button to encrypt the plaintext. By typing next, the input information is shown in Fig. 5b. After the Encrypt button is pressed in fig. 5c, the plaintext file is encrypted as shown in Fig. 5d. The Decryption part: The cipher text is decrypted using the parameter calculated in the algorithm. In Fig.5e, the User chooses the decryption option. After the Decryption button is

Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

pressed the user detects the estimated coordinate and Dynamic Toleration Distance (DTD)as in Fig. 5f. Then by pressing the button next the ciphertext file decrypted as shown in Fig. 5g. This means: "Open the folder to see the decryption file". If the acquired coordinate meets the constraint of target coordinate and DTD, the content of the decryption file is the same as the plaintext file which is saved in the folder as shown in Fig. 5h. Otherwise, the content is indiscriminate and meaningless.

Figure 5 Simulation prototype

To encrypt and decrypt different type of data we have implemented this protocol practically, where we have moved by car on the highway and streets of a subsidiary with different speeds. We studied the effectiveness of the secret key by taking the coordinates close to the estimated coordinates in the path . The analytical study of the movement path of the receiver MN, can be summarized as follows: If the receiver MN travel with high speed in constant time interval, the motion path is a linear function. At time t+1 the expected point is located on the same straight line. So the DTD is very small and hence the success rate of decryption approximately zero. But, if he was moving slowly, the motion path is a polynomial function. Generally take the form of cubic function and the region of DTD is higher. Therefore the difficulty of decryption decreases little bit but it remains more difficult then static method which take large range in distance and big value for static tolerance distance as in [2,3,4]. At last we conclude that the successful rate of decryption increases when the speed decreases and DTD increases. This difference is clear from the figure 6 and 7. - For velocity v> 100 km/h the successful rate given in the figure 6 demonstrate that the DTD generally take a value between 0 and 1, that means the successful rate =100% only if the distance is 0 meter, but by increasing the distance, the successful rate decreases to become 0% for distance greater than 1 meter.

Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

10

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

Figure 6: successful rate vs. distance under various Dtd for v>100km/h
- For velocity v<100 km/h, the DTD varies with the form of path function. the value of DTD increases only if the path function is polynomial and decreases if it is linear. The successful rate given in figure 7 demonstrates that by increasing DTD, the successful rate decreases which means that the successful rate is 100% only if the distance is 0 meter, but by increasing the distance the successful rate becomes 0% .

Figure 7: successful rate vs. distance Under various DTD for v<100km/h

6. CONCLUSION
In this paper we proposed a new security algorithm that uses a complex secret key to encrypt all type of messages transmitted between mobile phone. This secret key is made from dynamic coordinate, dynamic tolerance distance (DTD) and velocity of Mobile phone. In this algorithm, a mobile receiver with GPS service, register a set of coordinates and velocity during movement and estimate the next position. The algorithm uses this new coordinate and the dynamic tolerance distance (DTD) to generate the secret key. This parameter and the type of movement made our system more secure than the static encryption, which depends only on the position of MN and the static tolerance distance. We implemented this algorithm using J2ME software and we test it for different locations and speeds. The results shows that when the Mobile phone is moving fast, the success rate of decryption is approximately zero. Because the DTD is very small and the region of decryption is narrow. whereas, When it moves slowly the difficulty of

Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

11

European, Mediterranean & Middle Eastern Conference on Information Systems 2010 (EMCIS2010) April 12-13 2010, Abu Dhabi, UAE

decryption decreases little bit but it remains more difficult then static method. Thus, it shows the strength of our algorithm whish is stronger than static method.

References
Ali I. Gardezi, 2006. ' Security In Wireless Cellular Networks' .This paper is available online at http://cse.wustl.edu/~jain/cse574-06/ftp/CellularSecurity/index.html Hsien-Chou L.and Yun-Hsiang C.2008. ' A New Data Encryption Algorithm Based on the Location of Mobile Users'. InformationTechnology Journal, Vol. 7, No. 1, p. 63-69. Ala Al-Fuqaha and Omar Al-Ibrahim. 2007. ' Geo-encryption protocol for mobile networks'. ELESEVIER Computer Communications. No. 30, p. 25102517 Scott,L and De Denning et al. 2003. 'Using GPS to enhance data security Geo-Encryption GPS world'. V. Vijayalakshmi & Dr. T.G. Palanivelu . 2008. 'Secure Localization Using Elliptic Curve Cryptography in Wireless Sensor Networks'. IJCSNS International Journal of Computer Science and Network Security, VOL.8 No.6 Mundt ,TM. 2005. 'location dependent digital rights management system' .In proceeding the 10th IEEE symposition on computers and communication pp: 617622 Liao et al. 2007. 'A location-dependent data encryption approach for mobile information system'. in the 9th international conference on Advanced communicate technology 1:625-628 P. S. Pandian . 2008. 'Wireless Sensor Network for Wearable Physiological Monitoring'. Journal of networks, VOL.3, NO. 5 Richard Walton. 2006. ' Cryptography and trust'. information security technical report Vol. 11, NO. 6 8 7 1 A.aiz M.Maqsood. 2009. ' Information Security Threats Against Mobile Phone Services (Developers Perspective)'. ISSN: 1653-0187 - ISRN: LTU-PB-EX--09/046--SE

Hamad Hatem , Elkourd Souhir Data Encryption using the Dynamic location and Speed of mobile node

12