research-article

Ensemble: cooperative proximity-based authentication

Authors:
Andre Kalamandeen

University of Toronto, Toronto, ON, Canada

University of Toronto, Toronto, ON, Canada
View Profile

,
Adin Scannell

University of Toronto, Toronto, ON, Canada

University of Toronto, Toronto, ON, Canada
View Profile

,
Eyal de Lara

University of Toronto, Toronto, ON, Canada

University of Toronto, Toronto, ON, Canada
View Profile

,
Anmol Sheth

Intel Research Seattle, Seattle, USA

Intel Research Seattle, Seattle, USA
View Profile

,
Anthony LaMarca

Intel Research Seattle, Seattle, USA

Intel Research Seattle, Seattle, USA
View Profile

MobiSys '10: Proceedings of the 8th international conference on Mobile systems, applications, and servicesJune 2010Pages 331–344https://doi.org/10.1145/1814433.1814466

Published:15 June 2010Publication History

MobiSys '10: Proceedings of the 8th international conference on Mobile systems, applications, and services

Pages 331–344

ABSTRACT

Ensemble is a system that uses a collection of trusted personal devices to provide proximity-based authentication in pervasive environments. Users are able to securely pair their personal devices with previously unknown devices by simply placing them close to each other (e.g., users can pair their phones by just bringing them into proximity). Ensemble leverages a user's growing collection of trusted devices, such as phones, music players, computers and personal sensors to observe transmissions made by pairing devices. These devices analyze variations in received signal strength (RSS) in order to determine whether the pairing devices are in physical proximity to each other. We show that, while individual trusted devices can not properly distinguish proximity in all cases, a collection of trusted devices can do so reliably. Our Ensemble prototype extends Diffie-Hellman key exchange with proximity-based authentication. Our experiments show that an Ensemble-enabled collection of Nokia N800 Internet Tablets can detect devices in close proximity and can reliably detect attackers as close as two meters away.

References

Near Field communication (nfc). http://www.nfc-forum.org/resources/faqs.Google Scholar
P. Bahl and V. N. Padmanabhan. RADAR: An in-building RF-based user location and tracking system. In INFOCOM: Proceedings of IEEE Conference on Computer Communications, volume 2, pages 775--784, Tel-Aviv, Isreal, March 2000.Google ScholarCross Ref
D. Balfanz, D. Smetters, P. Stewart, and H. Wong. Talking to strangers: Authentication in ad-hoc wireless networks. In Proc. Network and Distributed Systems Security Symposium, San Diego, CA, 2002.Google Scholar
V. Brik, S. Banerjee, M. Gruteser, and S. Oh. Wireless device identification with radiometric signatures. In MobiCom '08: Proceedings of the 14th ACM international conference on Mobile computing and networking, pages 116--127, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, pages 644--654, November 1976.Google Scholar
D. B. Faria and D. R. Cheriton. Detecting identity-based attacks in wireless networks using signalprints. In WiSe '06: Proceedings of the 5th ACM workshop on Wireless security, pages 43--52, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
M. Hazas, C. Kray, H. Gellersen, H. Agbota, G. Kortuem, and A. Krohn. A relative positioning system for co-located mobile devices. In MobiSys '05: Proceedings of the 3rd international conference on Mobile systems, applications, and services, pages 177--190, New York, NY, USA, 2005. ACM. Google ScholarDigital Library
L. E. Holmquist, F. Mattern, B. Schiele, P. Alahuhta, M. Beigl, and H.-W. Gellersen. Smart-its friends: A technique for users to easily establish connections between smart artefacts. In UbiComp '01: Proceedings of the 3rd International Conference on Ubiquitous Computing, September 2001. Google ScholarDigital Library
S. Jana, S. N. Premnath, M. Clark, S. K. Kasera, N. Patwari, and S. V. Krishnamurthy. On the effectiveness of secret key extraction from wireless signal strength in real environments. In MobiCom '09: Proceedings of the 15th ACM international conference on Mobile computing and networking, pages 321--332, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
T. Kindberg and K. Zhang. Validating and securing spontaneous associations between wireless devices. In ISC '03: Proceedings of the 6th Information Security Conference, Bristol, UK, 2003.Google ScholarCross Ref
J. Krumm and K. Hinckley. The nearme wireless proximity server. In UbiComp '04: Proceedings of the 8th International Conference on Ubiquitous Computing, pages 283--300, Notthinham, UK, September 2004. Springer.Google ScholarCross Ref
A. Ladd, K. Bekris, G. Marceau, A. Rudys, L. Kavraki, and D. Wallach. Robotics-based location sensing using wireless ethernet. In MobiCom '02: Proceedings of the 8th ACM International Conference on Mobile Computing and Networking, Atlanta, GA, USA, 2002. Google ScholarDigital Library
A. LaMarca, Y. Chawathe, S. Consolvo, J. Hightower, I. Smith, J. Scott, T. Sohn, J. Howard, J. Hughes, F. Potter, J. Tabert, P. Powledge, G. Borriello, and B. Schilit. Place lab: Device positioning using radio beacons in the wild. In Proceedings of the Third International Conference on Pervasive Computing, Lecture Notes in Computer Science. Springer-Verlag, May 2005. Google ScholarDigital Library
S. Mathur, W. Trappe, N. Mandayam, C. Ye, and A. Reznik. Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In MobiCom '08: Proceedings of the 14th ACM international conference on Mobile computing and networking, pages 128--139, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
R. Mayrhofer and H. Gellersen. Shake well before use: Authentication based on accelerometer data. In Proceedings of the 5th International Conference on Pervasive Computing. Springer, 2007. Google ScholarDigital Library
V. Otsason, A. Varshavsky, A. LaMarca, and E. de Lara. Accurate gsm indoor localization. In UbiComp '05: Proceedings of the 7th International Conference on Ubiquitous Computing, Tokyo, Japan, September, 2005. Google ScholarDigital Library
N. Patwari and S. K. Kasera. Robust location distinction using temporal link signatures. In MobiCom '07: Proceedings of the 13th annual ACM international conference on Mobile computing and networking, pages 111--122, New York, NY, USA, 2007. ACM. Google ScholarDigital Library
S. Saroiu and A. Wolman. Enabling new mobile applications with location proofs. In HotMobile '09: Proceedings of the 10th workshop on Mobile Computing Systems and Applications, February 2009. Google ScholarDigital Library
Y. Shaked and A. Wool. Cracking the bluetooth pin. In MobiSys '05: Proceedings of the 3rd International Conference on Mobile Systems, Applications and Services, Seattle, WA, June 2005. Google ScholarDigital Library
D. Smetters, D. Balfanz, G. Durfee, T. Smith, and K. Lee. Instant matchmaking: Simple, secure virtual extensions to ubiquitous computing environments. In UbiComp '06: Proceedings of the 8th International Conference on Ubiquitous Computing, Irvine, CA, September 2006.Google Scholar
F. Stajano and R. J. Anderson. The resurrecting duckling: Security issues for ad-hoc wireless networks. In Proceedings of the 7th Security Protocols Workshop, Cambridge, UK, 1999. Google ScholarDigital Library
A. Varshavsky, A. Scannell, A. LaMarca, and E. de Lara. Amigo: Proximity-based authentication of mobile devices. In J. Krumm, G. D. Abowd,Google Scholar
A. Seneviratne, and T. Strang, editors, Ubicomp, volume 4717 of Lecture Notes in Computer Science, pages 253--270. Springer, 2007.Google Scholar
W. Xu, W. Trappe, Y. Zhang, and T. Wood. The feasibility of launching and detecting jamming attacks in wireless networks. In MobiHoc '05: Proceedings of the 6th International Symposium on Mobile Ad-hoc Networking and Computing, New York, NY, USA, 2005. ACM. Google ScholarDigital Library

Index Terms

Ensemble: cooperative proximity-based authentication
1. Applied computing
  1. Computers in other domains
    1. Personal computers and PC applications
2. Software and its engineering
  1. Software organization and properties
    1. Software system structures
      1. Distributed systems organizing principles

Recommendations

Getting closer: an empirical investigation of the proximity of user to their smart phones
UbiComp '11: Proceedings of the 13th international conference on Ubiquitous computing

Much research in ubiquitous computing assumes that a user's phone will be always on and at-hand, for collecting user context and for communicating with a user. Previous work with the previous generation of mobile phones has shown that such an assumption ...
Read More
Proximity Detection with Single-Antenna IoT Devices
MobiCom '18: Proceedings of the 24th Annual International Conference on Mobile Computing and Networking

Close physical proximity among wireless devices that have never shared a secret key is sometimes used as a basis of trust. In these cases, devices in close proximity are deemed trustworthy while more distant devices are viewed as potential adversaries. ...
Read More
Experiences with using iBeacons for Indoor Positioning
ISEC '16: Proceedings of the 9th India Software Engineering Conference

iBeacon is a protocol standardized by Apple based on Bluetooth Low Energy which allows broadcasting devices (e.g. beacons) to emit signals and a compatible receiver (e.g. smartphone) to capture and interpret the same. iBeacon seems useful in indoor ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
MobiSys '10: Proceedings of the 8th international conference on Mobile systems, applications, and services
June 2010
382 pages
ISBN:9781605589855
DOI:10.1145/1814433
General Chair:
Sujata Banerjee
Hewlett-Packard Labs., USA
,
Program Chairs:
Srinivasan Keshav
University of Waterloo, Ontario, Canada
,
Alec Wolman
Microsoft Research Redmond, USA
Copyright © 2010 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 15 June 2010
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
authentication
ensemble
proximity
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate274of1,679submissions,16%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 95
  Total Citations
  View Citations
- 806
  Total Downloads
- Downloads (Last 12 months)26
- Downloads (Last 6 weeks)2
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Ensemble: cooperative proximity-based authentication

MobiSys '10: Proceedings of the 8th international conference on Mobile systems, applications, and services

ABSTRACT

References

Cited By

Index Terms

Recommendations

Getting closer: an empirical investigation of the proximity of user to their smart phones

Proximity Detection with Single-Antenna IoT Devices

Experiences with using iBeacons for Indoor Positioning