Enhancement to the Privacy-Aware Authentication for Wi-Fi Based Indoor Positioning Systems

Indoor location-based application and services based on Wi-Fi have serious problems in terms of privacy since attackers could track users by capturing their MAC addresses. Although several initiatives have been proposed by scientific community to properly address authentication by strongly preserving privacy, there are still improvements and steps that need to be developed as it is not clearly stated what would occur if a device is lost, stole or compromised. It has not been said how an affected user should proceed in such case. In this situation, this work provides an enhancement to a previous solution based on pseudo-certificates issued by third-party authorities for anonymous authentication of mobile devices. The proposed scheme provides privacy to users willing to remove a device that has been stolen or lost. The proposed system offers security while maintaining minimal cryptographic overhead.