Abstract

Digital content distribution and propitiatory research driven industries face persistent risks from intellectual property theft and unauthorized redistribution. Conventional encryption schemes such as AES, TDES, ECC, and ElGamal provide strong cryptographic guarantees, but they remain fundamentally agnostic to where decryption takes place. In practice, this means that once a decryption key is leaked or intercepted, any adversary can misuse the key to decrypt the protected content from any location. This paper presents a location-dependent cryptosystem in which the decryption key is not transmitted as human- or machinereadable data, but implicitly encoded in precise time-of-flight differences of ultra-wideband (UWB) data transmission packets. The system leverages Ciholas DWETH101 hardware and a custom TiCK (Timing-encoded Cryptographic Keying) protocol to map a 32-byte SHA-256–derived AES key onto scheduled transmission timestamps. Only receivers located within a predefined spatial region can observe the packet timings that align with the intended “time slot” pattern, enabling them to reconstruct the key and decrypt the secret. Receivers outside the authorized region observe yield incorrect keys. A complete prototype is implemented that encrypts and transmits audio data using our cryptosystem, and only when the receiver is within the authorized data they are able to decrypt the data. Our evaluation demonstrates that the system (i) removes the need to share decryption passwords electronically or physically, (ii) ensures the decryption key cannot be recovered by the eavesdropper, and (iii) provides a non-trivial spatial tolerance for legitimate users.

References

• Ansi x9.52-2016: Triple data encryption algorithm modes of operation. Technical report, Accredited Standards Committee X9, Financial Industry Standards, 2016. Specifies Triple DES (TDES) modes widely used for data protection in the financial services industry.
• Payment card industry data security standard, version 4.0. Technical report, PCI Security Standards Council, 2022. Recommends strong cryptography such as AES and modern public-key schemes for protecting cardholder data across payment environments.
• Elaine Barker. Recommendation for key management part 1: General. NIST Special Publication 800-57 Part 1 Rev. 5, National Institute of Standards and Technology, 2020. Recommends that cryptographic keys (e.g., AES keys) be protected and distributed via secure key management mechanisms distinct from the channels carrying the encrypted data.
• Ciholas, Inc. Anchors. https://cuwb.io/docs/v3. 3/system-components/anchors/, 2020. CUWB 3.3 (Bernoulli) Documentation.
• Morris Dworkin. Recommendation for block cipher modes of operation: Methods and techniques. NIST Special Publication 800-38A, National Institute of Standards and Technology, 2001. Defines standard modes of operation for block ciphers such as AES and 3DES for data protection in a wide range of applications.
• Taher ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4):469–472, 1985. Original description of the ElGamal cryptosystem, a building block for many practical public-key schemes used for confidentiality and authentication.
• Omar Flor-Unda, Lino Casado, Wilmer Aguilar, and Mar´ıa Mu˜noz. A comprehensive analysis of the worst cybersecurity incidents: Lessons learned. Informatics, 10(3):71, 2023.
• Ralph Holz, Johanna Amann, Olivier Mehani, Matthias Wachs, and Thomas C. Schmidt. A survey of SSL/TLS deployment on the internet. In Proceedings of the 2011 IEEE Conference on Network and Service Management (CNSM), pages 163–170, 2011. Documents widespread deployment of block ciphers (e.g., AES) and public-key primitives (including ECC) in Internet-scale services such as web and cloud platforms.
• Stephen Kent and Karen Seo. Security architecture for the internet protocol. Request for Comments 4301, Internet Engineering Task Force (IETF), December 2005. Defines the IPsec architecture for providing confidentiality, integrity, and authentication for IP packets.
• Neal Koblitz. Elliptic curve cryptosystems. Mathematics of Computation, 48(177):203–209, 1987. Introduces ellipticcurve cryptography, which is now widely deployed in protocols and products for secure communication and data protection.
• Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Reducing discrete logarithms in a finite field to discrete logarithms in a subgroup. Journal of Algorithms, 16(2):173– 190, 1993. Analyzes the discrete logarithm problem and underpins the hardness assumptions used for discrete-log-based cryptosystems.
• Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996. Survey of cryptographic primitives such as block ciphers and public-key schemes and their deployment in real-world applications across multiple industries.
• Miller IP Law. The double-edged sword of technology transfer: Risks and rewards, 2024. Highlights that the risk of intellectual property theft increases when transferring technology, especially across borders.
• Kunal Mukherjee, Zachary Harrison, and Saeid Balaneshin. Z-rex: Human-interpretable gnn explanations for real estate recommendations. In KDD Workshop on Machine Learning on Graphs in the Era of Generative AI (MLoG-GenAI), Toronto, Canada, 2025. Oral presentation.
• Kunal Mukherjee and Murat Kantarcioglu. Llm-driven provenance forensics for threat intelligence and detection. arXiv preprint / manuscript, 2025. Under submission; preprint available.
• Kunal Mukherjee, Joshua Wiedemeier, Qi Wang, Junpei Kamimura, John Junghwan Rhee, James Wei, Zhichun Li, Xiao Yu, Lu-An Tang, Jiaping Gui, and Kangkook Jee. Proviot: Detecting stealthy attacks in iot through federated edge-cloud security. In Applied Cryptography and Network Security (ACNS), LNCS 14585, pages 241–268. Springer, 2024.
• Kunal Mukherjee, Joshua Wiedemeier, Tianhao Wang, Muhyun Kim, Feng Chen, Murat Kantarcioglu, and Kangkook Jee. Interpreting gnn-based ids detections using provenance graph structural features. 2023. Under submission; preprint available.
• Kunal Mukherjee, Joshua Wiedemeier, Tianhao Wang, James Wei, Feng Chen, Muhyun Kim, Murat Kantarcioglu, and Kangkook Jee. Evading provenance-based ml detectors with adversarial system actions. In Proceedings of the 32nd USENIX Security Symposium, Anaheim, CA, USA, 2023.
• Kunal Mukherjee, Jonathan Yu, Partha De, and Dinil Mon Divakaran. Provdp: Differential privacy for system provenance dataset. In Applied Cryptography and Network Security (ACNS), 2025.
• National Institute of Standards and Technology. Advanced encryption standard (aes). Federal Information Processing Standards Publication FIPS 197, NIST, November 2001. Defines AES with key sizes of 128, 192, and 256 bits (AES-256).
• National Institute of Standards and Technology. Secure hash standard (shs). Federal Information Processing Standards Publication FIPS 180-4, NIST, 2015. Defines the SHA-1 and SHA-2 families of hash functions, including SHA-256.
• Qorvo, Inc. Dw1000: Ieee 802.15.4-2011 uwb wireless transceiver, 2025. Product page for the DW1000 ultrawideband transceiver.