short-paper

Vibreaker: Securing Vibrational Pairing with Deliberate Acoustic Noise

Authors:

S. Abhishek Anand,

Nitesh SaxenaAuthors Info & Claims

WiSec '16: Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks

Pages 103 - 108

https://doi.org/10.1145/2939918.2939934

Published: 18 July 2016 Publication History

Get Access

Abstract

Pairing between wireless devices may be secured by the use of an auxiliary channel such as audio, visuals or vibrations. A simple approach to pairing involves one of the devices initiating the transmission of a key, or keying material like a short password, over the auxiliary channel to the other device. A successful pairing is achieved when the receiving device is able to decode the key without any errors while the attacker is unable to eavesdrop the key.

In this paper, we focus on the security of the vibration channel when used for the key transmission. As shown in some recent work, sending the keying material over a clear vibrational channel poses a significant risk of an acoustic side channel attack. Specifically, an adversary can listen onto the acoustic sounds generated by the vibration motor of the sending device and infer the keying material with a high accuracy. To counteract this threat, we propose a novel pairing scheme, called Vibreaker (a ``Vibrating speaker''), that involves active injection of acoustic noise in order to mask the key signal. In this scheme, the sending device artificially injects noise in the otherwise clear audio channel while transmitting the keying material via vibrations. We experiment with several choices for the noise signal and demonstrate that the security of the audio channel is significantly enhanced with Vibreaker when appropriate noise is used. The scheme requires no additional effort by the user, and imposes minimum hardware requirement and hence can be applied to many different contexts, such as pairing of IoT and implanted devices, wearables and other commodity gadgets.

References

[1]

T. Halevi and N. Saxena. On pairing constrained wireless devices based on secrecy of auxiliary channels: the case of acoustic eavesdropping. In ACM CCS, 2010.

Digital Library

Google Scholar

[2]

D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In IEEE Symposium on S&P, 2008.

Digital Library

Google Scholar

[3]

R. Kainda, I. Flechais, and A. W. Roscoe. Usability and security of out-of-band channels in secure device pairing protocols. In SOUPS, 2009.

Digital Library

Google Scholar

[4]

N. Roy, M. Gowda, and R. R. Choudhury. Ripple: Communicating through physical vibration. In NSDI, 2015.

Digital Library

Google Scholar

[5]

N. Saxena, J.-E. Ekberg, K. Kostiainen, and N. Asokan. Secure device pairing based on a visual channel. In IEEE S&P, 2006.

Digital Library

Google Scholar

[6]

N. Saxena, M. B. Uddin, J. Voris, and N. Asokan. Vibrate-to-unlock: Mobile phone assisted user authentication to multiple personal RFID tags. In Percom, 2011.

Digital Library

Google Scholar

[7]

E. Uzun, K. Karvonen, and N. Asokan. Usability analysis of secure pairing methods. In USEC, 2007.

Digital Library

Google Scholar

Cited By

View all

Hu HWu YWeng JWei KLiu ZHuang FZhang Y(2023)Attacks on Acceleration-Based Secure Device Pairing With Automatic Visual TrackingIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.329049518(3991-4005)Online publication date: 2023
https://doi.org/10.1109/TIFS.2023.3290495
Xue XYu SSong M(2023)Secure Device Trust Bootstrapping Against Collaborative Signal Modification AttacksIEEE INFOCOM 2023 - IEEE Conference on Computer Communications10.1109/INFOCOM53939.2023.10229007(1-10)Online publication date: 17-May-2023
https://doi.org/10.1109/INFOCOM53939.2023.10229007
Vennos AGeorge KMichaels A(2021)Attacks and Defenses for Single-Stage Residue Number System PRNGsIoT10.3390/iot20300202:3(375-400)Online publication date: 25-Jun-2021
https://doi.org/10.3390/iot2030020
Show More Cited By

Index Terms

Vibreaker: Securing Vibrational Pairing with Deliberate Acoustic Noise
1. Security and privacy
  1. Security in hardware
    1. Hardware attacks and countermeasures
      1. Side-channel analysis and countermeasures
  2. Systems security
    1. Operating systems security
      1. Mobile platform security

Recommendations

Provably secure certificate-based signature scheme without pairings

In order to simplify certificate management in traditional public key cryptography and solve the key escrow problem in identity-based cryptography, the notion of certificate-based cryptography was introduced. Recently, Ming and Wang proposed a ...
Multi-Identity Single-Key Decryption without Random Oracles
Information Security and Cryptology

Multi-Identity Single-Key Decryption (MISKD) is an Identity-Based Encryption (IBE) system where a private decryption key can map multiple public keys (identities). More exactly, in MISKD, a single private key can be used to decrypt multiple ciphertexts ...
A short redactable signature scheme using pairing

Redactable signature schemes permit deletion of arbitrary substrings of a signed document while preserving the authenticity of the remaining document. Most of known redactable signatures based on pairing have large-sized signatures and the sizes depend ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

WiSec '16: Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks

July 2016

242 pages

ISBN:9781450342704

DOI:10.1145/2939918

General Chair:
Matthias Hollick
TU Darmstadt, Germany
,
Program Chairs:
Panos Papadimitratos
KTH, Sweden
,
William Enck
NC State University, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 July 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Funding Sources

Conference

WiSec'16

Sponsor:

SIGSAC

WiSec'16: 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks

July 18 - 20, 2016

Darmstadt, Germany

Acceptance Rates

WiSec '16 Paper Acceptance Rate 13 of 51 submissions, 25%;

Overall Acceptance Rate 98 of 338 submissions, 29%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
218
Total Downloads

Downloads (Last 12 months)13
Downloads (Last 6 weeks)3

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hu HWu YWeng JWei KLiu ZHuang FZhang Y(2023)Attacks on Acceleration-Based Secure Device Pairing With Automatic Visual TrackingIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.329049518(3991-4005)Online publication date: 2023
https://doi.org/10.1109/TIFS.2023.3290495
Xue XYu SSong M(2023)Secure Device Trust Bootstrapping Against Collaborative Signal Modification AttacksIEEE INFOCOM 2023 - IEEE Conference on Computer Communications10.1109/INFOCOM53939.2023.10229007(1-10)Online publication date: 17-May-2023
https://doi.org/10.1109/INFOCOM53939.2023.10229007
Vennos AGeorge KMichaels A(2021)Attacks and Defenses for Single-Stage Residue Number System PRNGsIoT10.3390/iot20300202:3(375-400)Online publication date: 25-Jun-2021
https://doi.org/10.3390/iot2030020
Mayrhofer RSigg S(2021)Adversary Models for Mobile Device AuthenticationACM Computing Surveys10.1145/347760154:9(1-35)Online publication date: 8-Oct-2021
https://dl.acm.org/doi/10.1145/3477601
Caprolu MSciancalepore SDi Pietro R(2021)Short-Range Audio Channels Security: Survey of Mechanisms, Applications, and Research ChallengesIEEE Communications Surveys & Tutorials10.1109/COMST.2020.296903023:1(311-340)Online publication date: Sep-2022
https://doi.org/10.1109/COMST.2020.2969030
Sniatala PIyengar SRamani SSniatala PIyengar SRamani S(2021)Onboarding New IoT DevicesEvolution of Smart Sensing Ecosystems with Tamper Evident Security10.1007/978-3-030-77764-7_5(37-44)Online publication date: 21-Jun-2021
https://doi.org/10.1007/978-3-030-77764-7_5
Ramani SPodder PAfanasyev A(2020)NDNViber: Vibration-Assisted Automated Bootstrapping of IoT Devices2020 IEEE International Conference on Communications Workshops (ICC Workshops)10.1109/ICCWorkshops49005.2020.9145306(1-6)Online publication date: Jun-2020
https://doi.org/10.1109/ICCWorkshops49005.2020.9145306
Nagatomo MAburada KOkazaki NPark M(2019)Evaluation of Ad-hoc Secure Device Pairing Method with Accelerometer and Camera Using MarkerInternational Journal of Networking and Computing10.15803/ijnc.9.2_3189:2(318-338)Online publication date: 2019
https://doi.org/10.15803/ijnc.9.2_318
Marin EArgones Rúa ESingelée DPreneel BKerschbaum FMashatan ANiu JLee A(2019)On the Difficulty of Using Patient's Physiological Signals in Cryptographic ProtocolsProceedings of the 24th ACM Symposium on Access Control Models and Technologies10.1145/3322431.3325099(113-122)Online publication date: 28-May-2019
https://dl.acm.org/doi/10.1145/3322431.3325099
Anand SSaxena N(2019)Noisy Vibrational Pairing of IoT DevicesIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2018.287337216:3(530-545)Online publication date: 1-May-2019
https://doi.org/10.1109/TDSC.2018.2873372
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Provably secure certificate-based signature scheme without pairings

Multi-Identity Single-Key Decryption without Random Oracles

A short redactable signature scheme using pairing