SBIR-STTR Award

DAT, Inc. has invented and developed an authentication technology that employs as the source of a shared secret a source of dynamic entropy whose origins lie within chaotic, natural physical processes. By using a secret whose value is based on location and must be measured at that location, DAT has been able to add new layers of control to the authentication process. These new layers of control effectively add two new access control credentials: - where have you been - where are you now The DAT technology can be employed to provide a location-based authentication system that cannot be spoofed, predicted or otherwise subverted. The technology combines this powerful, location-specific random entropy (noise) with known technologies in a unique way to provide a powerful new method of user and data packet authentication that is based on location. DAT proposes to study the uniqueness of these signatures in a wireless environment in order to discriminate between approved and unapproved users for granting access to a LAN. Issues such as building construction, activity within the RF spectrum, spatial granularity and temporal stability will all be examined.

Benefits:
The DAT system uses physics to disable and defeat the tools of hackers. Since the technology can be used as the authentication basis for any environment, including wireless, the development of this system will provide immediate benefit to Defense, general government and commercial sectors for securing the wireless and wired communities in a consistent manner. The demonstration of the technology in a variety of wireless applications can be used to showcase its applicability to healthcare, banking/finance, risk management, and secure VPNs.

Keywords:
wireless, authentication, physics, entropy, location

The DAT system brings location awareness and physics-based random numbers to the wireless security and access control environment. It uses a small passive RF device to capture a signature from a location, and then employ the signature in the future to determine where a person is when he logs in. The RF module also extracts a random number from the environment whose value is truly not predictable (think of Brownian motion). The system employs these physics based random numbers as part of a challenge response process to establish who is doing what from when, where, and on what device, and are used to create dynamic encryption keys that change with each person and with each session. This project will design, build and deploy into an Army facility a limited size secure wireless system employing the physics based elements studied in Phase I. This should be used for testing and red-teaming studies by Army. The system will fuse 7 different credentials into an incalculable, continually changing authentication system. DAT believes that a physics based authentication system is ideally suited to an immediate, revolutionary and significant strengthening of wireless network systems with minimal impact on costs and current method of operation.

Keywords:
Wireless Security, Physics-Based Authentication, Dynamic Re-Keying, 7 Factor Authentication, True Random Numbers, Location Awareness, Pl5 Security