Location Authentication, Tracking, and Emergency Signaling through Power Line Communication: Designs and Protocols for New Out-of-Band Strategies

We propose using Power Line Communication (PLC) as a second channel for data origin authentication, and we present a system architecture and protocol for doing so taking advantage of existing infrastructure for communicating over power lines. Our system connects a user’s computer to a secure electric meter in his building via a secure Human Authorization Detector (HAD). The meter, which has a unique secret identifier and encryption key, communicates securely with the trusted Power Grid Server (PG) through PLC. Upon request from an Internet Application Server (AS), the user sends a location certificate to the AS, obtained via PLC from the PG and signed by the PG. Because PLC requires physical access to the meter permanently attached to the building, our system offers fine-grain location authentication. The user authorizes certificate requests by reading the HAD’s display including transaction details and pushing a button, thus mitigating the threat of malware on the user’s computer maliciously requesting or forwarding location certificates unauthorized by the user. Our system provides strong location authentication useful to many on-line applications, including banking and SCADA systems. We present our architecture and protocols in sufficient detail to permit further implementation and analysis. We also outline applications for anti-theft and emergency signaling.