ABSTRACT
Ensemble is a system that uses a collection of trusted personal devices to provide proximity-based authentication in pervasive environments. Users are able to securely pair their personal devices with previously unknown devices by simply placing them close to each other (e.g., users can pair their phones by just bringing them into proximity). Ensemble leverages a user's growing collection of trusted devices, such as phones, music players, computers and personal sensors to observe transmissions made by pairing devices. These devices analyze variations in received signal strength (RSS) in order to determine whether the pairing devices are in physical proximity to each other. We show that, while individual trusted devices can not properly distinguish proximity in all cases, a collection of trusted devices can do so reliably. Our Ensemble prototype extends Diffie-Hellman key exchange with proximity-based authentication. Our experiments show that an Ensemble-enabled collection of Nokia N800 Internet Tablets can detect devices in close proximity and can reliably detect attackers as close as two meters away.
- Near Field communication (nfc). http://www.nfc-forum.org/resources/faqs.Google Scholar
- P. Bahl and V. N. Padmanabhan. RADAR: An in-building RF-based user location and tracking system. In INFOCOM: Proceedings of IEEE Conference on Computer Communications, volume 2, pages 775--784, Tel-Aviv, Isreal, March 2000.Google ScholarCross Ref
- D. Balfanz, D. Smetters, P. Stewart, and H. Wong. Talking to strangers: Authentication in ad-hoc wireless networks. In Proc. Network and Distributed Systems Security Symposium, San Diego, CA, 2002.Google Scholar
- V. Brik, S. Banerjee, M. Gruteser, and S. Oh. Wireless device identification with radiometric signatures. In MobiCom '08: Proceedings of the 14th ACM international conference on Mobile computing and networking, pages 116--127, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, pages 644--654, November 1976.Google Scholar
- D. B. Faria and D. R. Cheriton. Detecting identity-based attacks in wireless networks using signalprints. In WiSe '06: Proceedings of the 5th ACM workshop on Wireless security, pages 43--52, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
- M. Hazas, C. Kray, H. Gellersen, H. Agbota, G. Kortuem, and A. Krohn. A relative positioning system for co-located mobile devices. In MobiSys '05: Proceedings of the 3rd international conference on Mobile systems, applications, and services, pages 177--190, New York, NY, USA, 2005. ACM. Google ScholarDigital Library
- L. E. Holmquist, F. Mattern, B. Schiele, P. Alahuhta, M. Beigl, and H.-W. Gellersen. Smart-its friends: A technique for users to easily establish connections between smart artefacts. In UbiComp '01: Proceedings of the 3rd International Conference on Ubiquitous Computing, September 2001. Google ScholarDigital Library
- S. Jana, S. N. Premnath, M. Clark, S. K. Kasera, N. Patwari, and S. V. Krishnamurthy. On the effectiveness of secret key extraction from wireless signal strength in real environments. In MobiCom '09: Proceedings of the 15th ACM international conference on Mobile computing and networking, pages 321--332, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- T. Kindberg and K. Zhang. Validating and securing spontaneous associations between wireless devices. In ISC '03: Proceedings of the 6th Information Security Conference, Bristol, UK, 2003.Google ScholarCross Ref
- J. Krumm and K. Hinckley. The nearme wireless proximity server. In UbiComp '04: Proceedings of the 8th International Conference on Ubiquitous Computing, pages 283--300, Notthinham, UK, September 2004. Springer.Google ScholarCross Ref
- A. Ladd, K. Bekris, G. Marceau, A. Rudys, L. Kavraki, and D. Wallach. Robotics-based location sensing using wireless ethernet. In MobiCom '02: Proceedings of the 8th ACM International Conference on Mobile Computing and Networking, Atlanta, GA, USA, 2002. Google ScholarDigital Library
- A. LaMarca, Y. Chawathe, S. Consolvo, J. Hightower, I. Smith, J. Scott, T. Sohn, J. Howard, J. Hughes, F. Potter, J. Tabert, P. Powledge, G. Borriello, and B. Schilit. Place lab: Device positioning using radio beacons in the wild. In Proceedings of the Third International Conference on Pervasive Computing, Lecture Notes in Computer Science. Springer-Verlag, May 2005. Google ScholarDigital Library
- S. Mathur, W. Trappe, N. Mandayam, C. Ye, and A. Reznik. Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In MobiCom '08: Proceedings of the 14th ACM international conference on Mobile computing and networking, pages 128--139, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- R. Mayrhofer and H. Gellersen. Shake well before use: Authentication based on accelerometer data. In Proceedings of the 5th International Conference on Pervasive Computing. Springer, 2007. Google ScholarDigital Library
- V. Otsason, A. Varshavsky, A. LaMarca, and E. de Lara. Accurate gsm indoor localization. In UbiComp '05: Proceedings of the 7th International Conference on Ubiquitous Computing, Tokyo, Japan, September, 2005. Google ScholarDigital Library
- N. Patwari and S. K. Kasera. Robust location distinction using temporal link signatures. In MobiCom '07: Proceedings of the 13th annual ACM international conference on Mobile computing and networking, pages 111--122, New York, NY, USA, 2007. ACM. Google ScholarDigital Library
- S. Saroiu and A. Wolman. Enabling new mobile applications with location proofs. In HotMobile '09: Proceedings of the 10th workshop on Mobile Computing Systems and Applications, February 2009. Google ScholarDigital Library
- Y. Shaked and A. Wool. Cracking the bluetooth pin. In MobiSys '05: Proceedings of the 3rd International Conference on Mobile Systems, Applications and Services, Seattle, WA, June 2005. Google ScholarDigital Library
- D. Smetters, D. Balfanz, G. Durfee, T. Smith, and K. Lee. Instant matchmaking: Simple, secure virtual extensions to ubiquitous computing environments. In UbiComp '06: Proceedings of the 8th International Conference on Ubiquitous Computing, Irvine, CA, September 2006.Google Scholar
- F. Stajano and R. J. Anderson. The resurrecting duckling: Security issues for ad-hoc wireless networks. In Proceedings of the 7th Security Protocols Workshop, Cambridge, UK, 1999. Google ScholarDigital Library
- A. Varshavsky, A. Scannell, A. LaMarca, and E. de Lara. Amigo: Proximity-based authentication of mobile devices. In J. Krumm, G. D. Abowd,Google Scholar
- A. Seneviratne, and T. Strang, editors, Ubicomp, volume 4717 of Lecture Notes in Computer Science, pages 253--270. Springer, 2007.Google Scholar
- W. Xu, W. Trappe, Y. Zhang, and T. Wood. The feasibility of launching and detecting jamming attacks in wireless networks. In MobiHoc '05: Proceedings of the 6th International Symposium on Mobile Ad-hoc Networking and Computing, New York, NY, USA, 2005. ACM. Google ScholarDigital Library
Index Terms
- Ensemble: cooperative proximity-based authentication
Recommendations
Getting closer: an empirical investigation of the proximity of user to their smart phones
UbiComp '11: Proceedings of the 13th international conference on Ubiquitous computingMuch research in ubiquitous computing assumes that a user's phone will be always on and at-hand, for collecting user context and for communicating with a user. Previous work with the previous generation of mobile phones has shown that such an assumption ...
Proximity Detection with Single-Antenna IoT Devices
MobiCom '18: Proceedings of the 24th Annual International Conference on Mobile Computing and NetworkingClose physical proximity among wireless devices that have never shared a secret key is sometimes used as a basis of trust. In these cases, devices in close proximity are deemed trustworthy while more distant devices are viewed as potential adversaries. ...
Experiences with using iBeacons for Indoor Positioning
ISEC '16: Proceedings of the 9th India Software Engineering ConferenceiBeacon is a protocol standardized by Apple based on Bluetooth Low Energy which allows broadcasting devices (e.g. beacons) to emit signals and a compatible receiver (e.g. smartphone) to capture and interpret the same. iBeacon seems useful in indoor ...
Comments