I read a long thread where the whole issue was revolving around deriving decryption keys from GPS location. This has huge issues, as being present at a location is not needed to know the location. Maps can give us coordinates without getting near the actual location.
Someone suggested to stick a QR code at the actual location, perhaps in a non trivial place like under a table in a caffee. You need to physically go there to get it, or at least delegate someone to go there, but clearly you need a physical presence. My problem with this approach however is that once you acquire the code on the sticker, you no longer need to stay there.
Consider this then: A small cheap and disposable machine, like a Raspberry buried in a wall, can be programmed with a random key that is fixed by owner and not exportable. There is a running program that answers wireless requests to decrypt arbitrary data under said fixed key. So the actual message to be ultimately obtained is encrypted with a one time random key, which itself is encrypted with the fixed key and appended. Sender needs to have the fixed key. Receiving user being present at location can decrypt by requesting the attached one time key to be decrypted over wireless. Since one time keys are not predictable in advance and fixed key is secret, user needs to be present at the site to obtain decryption of each new message.
What could be the less obvious threats to the security of this scheme? Obtaining a search warrant or breaking concrete wall in which the device is buried is a significant effort that is above most attackers.
