research-article

Ensemble: cooperative proximity-based authentication

Authors:

Andre Kalamandeen,

Anthony LaMarcaAuthors Info & Claims

MobiSys '10: Proceedings of the 8th international conference on Mobile systems, applications, and services

Pages 331 - 344

https://doi.org/10.1145/1814433.1814466

Published: 15 June 2010 Publication History

Abstract

Ensemble is a system that uses a collection of trusted personal devices to provide proximity-based authentication in pervasive environments. Users are able to securely pair their personal devices with previously unknown devices by simply placing them close to each other (e.g., users can pair their phones by just bringing them into proximity). Ensemble leverages a user's growing collection of trusted devices, such as phones, music players, computers and personal sensors to observe transmissions made by pairing devices. These devices analyze variations in received signal strength (RSS) in order to determine whether the pairing devices are in physical proximity to each other. We show that, while individual trusted devices can not properly distinguish proximity in all cases, a collection of trusted devices can do so reliably. Our Ensemble prototype extends Diffie-Hellman key exchange with proximity-based authentication. Our experiments show that an Ensemble-enabled collection of Nokia N800 Internet Tablets can detect devices in close proximity and can reliably detect attackers as close as two meters away.

References

[1]

Near Field communication (nfc). http://www.nfc-forum.org/resources/faqs.

[2]

P. Bahl and V. N. Padmanabhan. RADAR: An in-building RF-based user location and tracking system. In INFOCOM: Proceedings of IEEE Conference on Computer Communications, volume 2, pages 775--784, Tel-Aviv, Isreal, March 2000.

[3]

D. Balfanz, D. Smetters, P. Stewart, and H. Wong. Talking to strangers: Authentication in ad-hoc wireless networks. In Proc. Network and Distributed Systems Security Symposium, San Diego, CA, 2002.

[4]

V. Brik, S. Banerjee, M. Gruteser, and S. Oh. Wireless device identification with radiometric signatures. In MobiCom '08: Proceedings of the 14th ACM international conference on Mobile computing and networking, pages 116--127, New York, NY, USA, 2008. ACM.

Digital Library

[5]

W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, pages 644--654, November 1976.

[6]

D. B. Faria and D. R. Cheriton. Detecting identity-based attacks in wireless networks using signalprints. In WiSe '06: Proceedings of the 5th ACM workshop on Wireless security, pages 43--52, New York, NY, USA, 2006. ACM.

Digital Library

[7]

M. Hazas, C. Kray, H. Gellersen, H. Agbota, G. Kortuem, and A. Krohn. A relative positioning system for co-located mobile devices. In MobiSys '05: Proceedings of the 3rd international conference on Mobile systems, applications, and services, pages 177--190, New York, NY, USA, 2005. ACM.

Digital Library

[8]

L. E. Holmquist, F. Mattern, B. Schiele, P. Alahuhta, M. Beigl, and H.-W. Gellersen. Smart-its friends: A technique for users to easily establish connections between smart artefacts. In UbiComp '01: Proceedings of the 3rd International Conference on Ubiquitous Computing, September 2001.

Digital Library

[9]

S. Jana, S. N. Premnath, M. Clark, S. K. Kasera, N. Patwari, and S. V. Krishnamurthy. On the effectiveness of secret key extraction from wireless signal strength in real environments. In MobiCom '09: Proceedings of the 15th ACM international conference on Mobile computing and networking, pages 321--332, New York, NY, USA, 2009. ACM.

Digital Library

[10]

T. Kindberg and K. Zhang. Validating and securing spontaneous associations between wireless devices. In ISC '03: Proceedings of the 6th Information Security Conference, Bristol, UK, 2003.

[11]

J. Krumm and K. Hinckley. The nearme wireless proximity server. In UbiComp '04: Proceedings of the 8th International Conference on Ubiquitous Computing, pages 283--300, Notthinham, UK, September 2004. Springer.

[12]

A. Ladd, K. Bekris, G. Marceau, A. Rudys, L. Kavraki, and D. Wallach. Robotics-based location sensing using wireless ethernet. In MobiCom '02: Proceedings of the 8th ACM International Conference on Mobile Computing and Networking, Atlanta, GA, USA, 2002.

Digital Library

[13]

A. LaMarca, Y. Chawathe, S. Consolvo, J. Hightower, I. Smith, J. Scott, T. Sohn, J. Howard, J. Hughes, F. Potter, J. Tabert, P. Powledge, G. Borriello, and B. Schilit. Place lab: Device positioning using radio beacons in the wild. In Proceedings of the Third International Conference on Pervasive Computing, Lecture Notes in Computer Science. Springer-Verlag, May 2005.

Digital Library

[14]

S. Mathur, W. Trappe, N. Mandayam, C. Ye, and A. Reznik. Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In MobiCom '08: Proceedings of the 14th ACM international conference on Mobile computing and networking, pages 128--139, New York, NY, USA, 2008. ACM.

Digital Library

[15]

R. Mayrhofer and H. Gellersen. Shake well before use: Authentication based on accelerometer data. In Proceedings of the 5th International Conference on Pervasive Computing. Springer, 2007.

Digital Library

[16]

V. Otsason, A. Varshavsky, A. LaMarca, and E. de Lara. Accurate gsm indoor localization. In UbiComp '05: Proceedings of the 7th International Conference on Ubiquitous Computing, Tokyo, Japan, September, 2005.

Digital Library

[17]

N. Patwari and S. K. Kasera. Robust location distinction using temporal link signatures. In MobiCom '07: Proceedings of the 13th annual ACM international conference on Mobile computing and networking, pages 111--122, New York, NY, USA, 2007. ACM.

Digital Library

[18]

S. Saroiu and A. Wolman. Enabling new mobile applications with location proofs. In HotMobile '09: Proceedings of the 10th workshop on Mobile Computing Systems and Applications, February 2009.

Digital Library

[19]

Y. Shaked and A. Wool. Cracking the bluetooth pin. In MobiSys '05: Proceedings of the 3rd International Conference on Mobile Systems, Applications and Services, Seattle, WA, June 2005.

Digital Library

[20]

D. Smetters, D. Balfanz, G. Durfee, T. Smith, and K. Lee. Instant matchmaking: Simple, secure virtual extensions to ubiquitous computing environments. In UbiComp '06: Proceedings of the 8th International Conference on Ubiquitous Computing, Irvine, CA, September 2006.

[21]

F. Stajano and R. J. Anderson. The resurrecting duckling: Security issues for ad-hoc wireless networks. In Proceedings of the 7th Security Protocols Workshop, Cambridge, UK, 1999.

Digital Library

[22]

A. Varshavsky, A. Scannell, A. LaMarca, and E. de Lara. Amigo: Proximity-based authentication of mobile devices. In J. Krumm, G. D. Abowd,

[23]

A. Seneviratne, and T. Strang, editors, Ubicomp, volume 4717 of Lecture Notes in Computer Science, pages 253--270. Springer, 2007.

[24]

W. Xu, W. Trappe, Y. Zhang, and T. Wood. The feasibility of launching and detecting jamming attacks in wireless networks. In MobiHoc '05: Proceedings of the 6th International Symposium on Mobile Ad-hoc Networking and Computing, New York, NY, USA, 2005. ACM.

Digital Library

Cited By

Meng RXu BXu XSun MWang BHan SLv SZhang P(2025)A survey of Machine Learning-based Physical-Layer Authentication in wireless communicationsJournal of Network and Computer Applications10.1016/j.jnca.2024.104085235(104085)Online publication date: Mar-2025
https://doi.org/10.1016/j.jnca.2024.104085
Bhatti DSaleem SLee HKim K(2024)A dynamic symmetric key generation at wireless link layer: information-theoretic perspectivesEURASIP Journal on Wireless Communications and Networking10.1186/s13638-024-02396-y2024:1Online publication date: 27-Aug-2024
https://dl.acm.org/doi/10.1186/s13638-024-02396-y
Shao CMuta O(2024)TONARI: Reactive Detection of Close Physical Contact Using Unlicensed LPWAN SignalsACM Transactions on Internet of Things10.1145/36485725:2(1-30)Online publication date: 15-Feb-2024
https://dl.acm.org/doi/10.1145/3648572
Show More Cited By

Index Terms

Ensemble: cooperative proximity-based authentication
1. Applied computing
  1. Computers in other domains
    1. Personal computers and PC applications
2. Software and its engineering
  1. Software organization and properties
    1. Software system structures
      1. Distributed systems organizing principles

Recommendations

Getting closer: an empirical investigation of the proximity of user to their smart phones
UbiComp '11: Proceedings of the 13th international conference on Ubiquitous computing

Much research in ubiquitous computing assumes that a user's phone will be always on and at-hand, for collecting user context and for communicating with a user. Previous work with the previous generation of mobile phones has shown that such an assumption ...
Proximity Detection with Single-Antenna IoT Devices
MobiCom '18: Proceedings of the 24th Annual International Conference on Mobile Computing and Networking

Close physical proximity among wireless devices that have never shared a secret key is sometimes used as a basis of trust. In these cases, devices in close proximity are deemed trustworthy while more distant devices are viewed as potential adversaries. ...
Experiences with using iBeacons for Indoor Positioning
ISEC '16: Proceedings of the 9th India Software Engineering Conference

iBeacon is a protocol standardized by Apple based on Bluetooth Low Energy which allows broadcasting devices (e.g. beacons) to emit signals and a compatible receiver (e.g. smartphone) to capture and interpret the same. iBeacon seems useful in indoor ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MobiSys '10: Proceedings of the 8th international conference on Mobile systems, applications, and services

June 2010

382 pages

ISBN:9781605589855

DOI:10.1145/1814433

General Chair:
Sujata Banerjee
Hewlett-Packard Labs., USA
,
Program Chairs:
Srinivasan Keshav
University of Waterloo, Ontario, Canada
,
Alec Wolman
Microsoft Research Redmond, USA

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

In-Cooperation

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 June 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

MobiSys'10

Sponsor:

SIGMOBILE

MobiSys'10: The 8th International Conference on Mobile Systems, Applications, and Services

June 15 - 18, 2010

California, San Francisco, USA

Acceptance Rates

Overall Acceptance Rate 274 of 1,679 submissions, 16%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

97
Total Citations
View Citations
826
Total Downloads

Downloads (Last 12 months)35
Downloads (Last 6 weeks)11

Reflects downloads up to 23 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Meng RXu BXu XSun MWang BHan SLv SZhang P(2025)A survey of Machine Learning-based Physical-Layer Authentication in wireless communicationsJournal of Network and Computer Applications10.1016/j.jnca.2024.104085235(104085)Online publication date: Mar-2025
https://doi.org/10.1016/j.jnca.2024.104085
Bhatti DSaleem SLee HKim K(2024)A dynamic symmetric key generation at wireless link layer: information-theoretic perspectivesEURASIP Journal on Wireless Communications and Networking10.1186/s13638-024-02396-y2024:1Online publication date: 27-Aug-2024
https://dl.acm.org/doi/10.1186/s13638-024-02396-y
Shao CMuta O(2024)TONARI: Reactive Detection of Close Physical Contact Using Unlicensed LPWAN SignalsACM Transactions on Internet of Things10.1145/36485725:2(1-30)Online publication date: 15-Feb-2024
https://dl.acm.org/doi/10.1145/3648572
Cao YDhekne AAmmar MKim YKim JKoushanfar FRasmussen K(2024)UWB-Auth: A UWB-based Two Factor Authentication PlatformProceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3643833.3656113(185-195)Online publication date: 27-May-2024
https://dl.acm.org/doi/10.1145/3643833.3656113
Wu YWei DGuo CHuang W(2023)Physical Layer Authentication Based on Channel Polarization Response in Dual-Polarized Antenna Communication SystemsIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.326362418(2144-2159)Online publication date: 2023
https://doi.org/10.1109/TIFS.2023.3263624
Lu BWang LWang WYu KGarg SJalil Piran MAlamri A(2023)On-Body Device Clustering for Security Preserving in Internet of ThingsIEEE Internet of Things Journal10.1109/JIOT.2021.311104110:4(2852-2863)Online publication date: 15-Feb-2023
https://doi.org/10.1109/JIOT.2021.3111041
Xue XYu SSong M(2023)Secure Device Trust Bootstrapping Against Collaborative Signal Modification AttacksIEEE INFOCOM 2023 - IEEE Conference on Computer Communications10.1109/INFOCOM53939.2023.10229007(1-10)Online publication date: 17-May-2023
https://doi.org/10.1109/INFOCOM53939.2023.10229007
Ghose NLazos LLi M(2022)In-Band Secret-Free Pairing for COTS Wireless DevicesIEEE Transactions on Mobile Computing10.1109/TMC.2020.301501021:2(612-628)Online publication date: 1-Feb-2022
https://doi.org/10.1109/TMC.2020.3015010
Wu YWei DZhang QHuang WMeng X(2022)Physical Layer Authentication Based on Continuous Channel Polarization Response in Low SNR scenes2022 IEEE 33rd Annual International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC)10.1109/PIMRC54779.2022.9977892(1116-1121)Online publication date: 12-Sep-2022
https://doi.org/10.1109/PIMRC54779.2022.9977892
Wang YLiu Y(2022)RC2PAS: Revocable Certificateless Conditional Privacy-Preserving Authentication Scheme in WBANsIEEE Systems Journal10.1109/JSYST.2022.315274216:4(5675-5685)Online publication date: Dec-2022
https://doi.org/10.1109/JSYST.2022.3152742
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents