research-article

ProxiMate: proximity-based secure pairing using ambient wireless signals

Authors:

Alexander Varshavsky,

Narayan MandayamAuthors Info & Claims

MobiSys '11: Proceedings of the 9th international conference on Mobile systems, applications, and services

Pages 211 - 224

https://doi.org/10.1145/1999995.2000016

Published: 28 June 2011 Publication History

Abstract

Forming secure associations between wireless devices that do not share a prior trust relationship is an important problem. This paper presents ProxiMate, a system that allows wireless devices in proximity to securely pair with one another autonomously by generating a common cryptographic key directly from their shared time-varying wireless environment. The shared key synthesized by ProxiMate can be used by the devices to authenticate each others' physical proximity and then to communicate confidentially. Unlike traditional pairing approaches such as Diffie-Hellman, ProxiMate is secure against a computationally unbounded adversary and its computational complexity is linear in the size of the key. We evaluate ProxiMate using an experimental prototype built using an open-source software-defined platform and demonstrate its effectiveness in generating common secret bits. We further show that it is possible to speed up secret key synthesis by monitoring multiple RF sources simultaneously or by shaking together the devices that need to be paired. Finally, we show that ProxiMate is resistant to even the most powerful attacker who controls the public RF source used by the legitimate devices for pairing.

References

[1]

W. Diffie and M. Hellman, "New directions in cryptography," IEEE Trans. on Information Theory, vol. 22, no. 6, pp. 644--654, 1976.

Digital Library

[2]

A. Varshavsky, A. Scannell, A. LaMarca, and E. de Lara, "Amigo: Proximity-based authentication of mobile devices," in In Proceedings of UbiComp 2007: Ubiquitous Computing, 2007, pp. 253--270.

Digital Library

[3]

A. Molisch, Wireless Communications. Wiley-IEEE Press, 2005.

Digital Library

[4]

G. Brassard and L. Salvail, "Secret key reconciliation by public discussion," Advances in Crytology Proc. - Eurocrypt '93, Lecture Notes in Computer Science, vol. 765, pp. 410--423, 1994.

Digital Library

[5]

C. H. Bennett, G. Brassard, and J.-M. Robert, "Privacy amplification by public discussion," SIAM J. Comput., vol. 17, no. 2, pp. 210--229, 1988.

Digital Library

[6]

T. S. Rappaport, Wireless Communications: Principles and Practice. Prentice Hall PTR., 2001.

Digital Library

[7]

"Technical report WINLAB, Rutgers University, strongly secure pairing of wireless devices in physical proximity, http://www.winlab.rutgers.edu/~suhas/CliqueTR2010.pdf."

[8]

"http://gnuradio.org/trac."

[9]

T. M. Cover and J. A. Thomas, phElements of Information Theory. John Wiley, 1991.

Digital Library

[10]

Q. Wang, S. R. Kulkarni, and S. Verdu, "A nearest-neighbor approach to estimating divergence between continuous random vectors," in Int. Symp. on Inform. Theory, 2006, pp. 242--246.

[11]

S. Jana, S. N. Premnath, M. Clark, S. K. Kasera, N. Patwari, and S. V. Krishnamurthy, "On the effectiveness of secret key extraction from wireless signal strength in real environments," in Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MobiCom '09), September 2009, pp. 321--332.

Digital Library

[12]

S. Mathur, W. Trappe, N. Mandayam, C. Ye, and A. Reznik, "Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel," in Proc. of the 14th annual conference on mobile computing and systems (MobiCom 2008), San Francisco, CA, Sept 2008.

Digital Library

[13]

C. Ye, S. Mathur, A. Reznik, Y. Shah, W. Trappe, and N. Mandayam, "Information-theoretically secret key generation for fading wireless channels," Accepted for publication at the IEEE Trans. on Information Forensics and Security, June 2010, preprint available at http://arxiv.org/abs/0910.5027, 2010.

Digital Library

[14]

B. Azimi-Sadjadi, A. Kiayias, A. Mercado, and B. Yener, "Robust key generation from signal envelopes in wireless networks," in CCS '07: Proceedings of the 14th ACM conference on Computer and communications security, 2007, pp. 401--410.

Digital Library

[15]

D. Halperin, W. Hu, A. Sheth, and D. Wetherall, "Tool release: gathering 802.11n traces with channel state information," SIGCOMM Comput. Commun. Rev., vol. 41, pp. 53--53. {Online}. Available: http://doi.acm.org/10.1145/1925861.1925870

Digital Library

[16]

A. Kalamandeen, A. Scannell, E. de Lara, A. Sheth, and A. LaMarca, "Ensemble: cooperative proximity-based authentication," in Proceedings of the 8th international conference on Mobile systems, applications, and services. New York, NY, USA: ACM, 2010, pp. 331--344. {Online}. Available: http://doi.acm.org/10.1145/1814433.1814466

Digital Library

[17]

R. Mayrhofer and H. Gellersen, "Shake well before use: Intuitive and secure pairing of mobile devices," IEEE Transactions on Mobile Computing, vol. 8, no. 6, pp. 792--806, 2009.

Digital Library

[18]

D. Bichleri, G. Stromberg, and M. Huemer, "Key generation based on acceleration data of shaking processes," Ubiquitous Computing 2007, pp. 304--317, 2007.

Digital Library

[19]

D. Liu and P. Ning, "Establishing pairwise keys in distributed sensor networks," in Proceedings of the 10th ACM conference on Computer and communications security, ser. CCS '03. New York, NY, USA: ACM, 2003, pp. 52--61. {Online}. Available: http://doi.acm.org/10.1145/948109.948119

Digital Library

[20]

"Near field communications forum, http://www.nfc-forum.org/."

[21]

J. Wright, Dispelling Common Bluetooth Misconceptions. SANS Technology Institute Security Laboratory, 2007.

[22]

E. Haselsteiner and K. Breitfuss, "Security in near field communication (NFC)," Workshop on RFID Security RFIDSec, 2006.

Cited By

Bhatti DSaleem SLee HKim K(2024)A dynamic symmetric key generation at wireless link layer: information-theoretic perspectivesEURASIP Journal on Wireless Communications and Networking10.1186/s13638-024-02396-y2024:1Online publication date: 27-Aug-2024
https://dl.acm.org/doi/10.1186/s13638-024-02396-y
Wang WLiu XChi ZRay SZhu TQuek TGao DZhou JCardenas A(2024)Key Establishment for Secure Asymmetric Cross-Technology CommunicationProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637670(412-422)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637670
Yang HLi ZLuo CWei BXu W(2024)InaudibleKey2.0: Deep Learning-Empowered Mobile Device Pairing Protocol Based on Inaudible Acoustic SignalsIEEE/ACM Transactions on Networking10.1109/TNET.2024.340778332:5(4160-4174)Online publication date: Oct-2024
https://doi.org/10.1109/TNET.2024.3407783
Show More Cited By

Index Terms

ProxiMate: proximity-based secure pairing using ambient wireless signals
1. Mathematics of computing
  1. Probability and statistics
    1. Probabilistic reasoning algorithms
      1. Random number generation

Recommendations

Using audio in secure device pairing

Secure pairing of electronic devices is an important issue that must be addressed in many contexts. In the absence of prior security context, the need to involve the user in the pairing process is a prominent challenge. In this paper, we investigate the ...
Proximity-based authentication of mobile devices

Securing interactions between devices that do not know each other a priori is an important and challenging task. We present Amigo, a technique to authenticate co-located devices using knowledge of their shared radio environment as proof of physical ...
Seeing-Is-Believing: using camera phones for human-verifiable authentication

Current mechanisms for authenticating communication between devices that share no prior context are inconvenient for ordinary users, without the assistance of a trusted authority. We present and analyse Seeing-Is-Believing (SiB), a system that utilises ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MobiSys '11: Proceedings of the 9th international conference on Mobile systems, applications, and services

June 2011

430 pages

ISBN:9781450306430

DOI:10.1145/1999995

General Chair:
Ashok Agrawala
University of Maryland, USA
,
Program Chairs:
Mark D. Corner
UMass Amherst, USA
,
David Wetherall
University of Wash. & Intel Labs, USA

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

In-Cooperation

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 June 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

MobiSys'11

Sponsor:

SIGMOBILE

MobiSys'11: The 9th International Conference on Mobile Systems, Applications, and Services

June 28 - July 1, 2011

Maryland, Bethesda, USA

Acceptance Rates

Overall Acceptance Rate 274 of 1,679 submissions, 16%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

198
Total Citations
View Citations
985
Total Downloads

Downloads (Last 12 months)39
Downloads (Last 6 weeks)6

Reflects downloads up to 08 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Bhatti DSaleem SLee HKim K(2024)A dynamic symmetric key generation at wireless link layer: information-theoretic perspectivesEURASIP Journal on Wireless Communications and Networking10.1186/s13638-024-02396-y2024:1Online publication date: 27-Aug-2024
https://dl.acm.org/doi/10.1186/s13638-024-02396-y
Wang WLiu XChi ZRay SZhu TQuek TGao DZhou JCardenas A(2024)Key Establishment for Secure Asymmetric Cross-Technology CommunicationProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637670(412-422)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637670
Yang HLi ZLuo CWei BXu W(2024)InaudibleKey2.0: Deep Learning-Empowered Mobile Device Pairing Protocol Based on Inaudible Acoustic SignalsIEEE/ACM Transactions on Networking10.1109/TNET.2024.340778332:5(4160-4174)Online publication date: Oct-2024
https://doi.org/10.1109/TNET.2024.3407783
Wei BXu WLuo CZhang J(2024)FaceFinger: Embracing Variance for Heartbeat Based Symmetric Key Generation SystemIEEE Transactions on Mobile Computing10.1109/TMC.2024.344026323:12(14218-14232)Online publication date: Dec-2024
https://doi.org/10.1109/TMC.2024.3440263
Ghose NGupta KLazos LLi MXu ZLi J(2024)ZITA: Zero-Interaction Two-Factor Authentication using Contact Traces and In-band Proximity VerificationIEEE Transactions on Mobile Computing10.1109/TMC.2023.3321514(1-16)Online publication date: 2024
https://doi.org/10.1109/TMC.2023.3321514
Corbett MShang JJi B(2024)GazePair: Efficient Pairing of Augmented Reality Devices Using Gaze TrackingIEEE Transactions on Mobile Computing10.1109/TMC.2023.325584123:3(2407-2421)Online publication date: Mar-2024
https://doi.org/10.1109/TMC.2023.3255841
Wang NDuan JChen BGuo SXiang TZeng K(2024)Efficient Group Key Generation Based on Satellite Cluster State Information for Drone SwarmIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.338143219(4464-4479)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3381432
Li JWang PYan ZYang YZeng K(2024)BGKey: Group Key Generation for Backscatter Communications Among Multiple DevicesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.334565019(2470-2486)Online publication date: 2024
https://doi.org/10.1109/TIFS.2023.3345650
Ahlgren IWest JLee KThiruvathukal GKlingensmith N(2024)A Signal Injection Attack Against Zero Involvement Pairing and Authentication for the Internet of Things2024 IEEE Workshop on Design Automation for CPS and IoT (DESTION)10.1109/DESTION62938.2024.00008(9-15)Online publication date: 13-May-2024
https://doi.org/10.1109/DESTION62938.2024.00008
Illi EQaraqe MAlthunibat SAlhasanat AAlsafasfeh Mde Ree MMantas GRodriguez JAman WAl-Kuwari S(2024)Physical Layer Security for Authentication, Confidentiality, and Malicious Node Detection: A Paradigm Shift in Securing IoT NetworksIEEE Communications Surveys & Tutorials10.1109/COMST.2023.332732726:1(347-388)Online publication date: Sep-2025
https://doi.org/10.1109/COMST.2023.3327327
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten