339 research outputs found
Survey and Systematization of Secure Device Pairing
Secure Device Pairing (SDP) schemes have been developed to facilitate secure
communications among smart devices, both personal mobile devices and Internet
of Things (IoT) devices. Comparison and assessment of SDP schemes is
troublesome, because each scheme makes different assumptions about out-of-band
channels and adversary models, and are driven by their particular use-cases. A
conceptual model that facilitates meaningful comparison among SDP schemes is
missing. We provide such a model. In this article, we survey and analyze a wide
range of SDP schemes that are described in the literature, including a number
that have been adopted as standards. A system model and consistent terminology
for SDP schemes are built on the foundation of this survey, which are then used
to classify existing SDP schemes into a taxonomy that, for the first time,
enables their meaningful comparison and analysis.The existing SDP schemes are
analyzed using this model, revealing common systemic security weaknesses among
the surveyed SDP schemes that should become priority areas for future SDP
research, such as improving the integration of privacy requirements into the
design of SDP schemes. Our results allow SDP scheme designers to create schemes
that are more easily comparable with one another, and to assist the prevention
of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications
Surveys & Tutorials 2017 (Volume: PP, Issue: 99
Acoustic Integrity Codes: Secure Device Pairing Using Short-Range Acoustic Communication
Secure Device Pairing (SDP) relies on an out-of-band channel to authenticate
devices. This requires a common hardware interface, which limits the use of
existing SDP systems. We propose to use short-range acoustic communication for
the initial pairing. Audio hardware is commonly available on existing
off-the-shelf devices and can be accessed from user space without requiring
firmware or hardware modifications. We improve upon previous approaches by
designing Acoustic Integrity Codes (AICs): a modulation scheme that provides
message authentication on the acoustic physical layer. We analyze their
security and demonstrate that we can defend against signal cancellation attacks
by designing signals with low autocorrelation. Our system can detect
overshadowing attacks using a ternary decision function with a threshold. In
our evaluation of this SDP scheme's security and robustness, we achieve a bit
error ratio below 0.1% for a net bit rate of 100 bps with a signal-to-noise
ratio (SNR) of 14 dB. Using our open-source proof-of-concept implementation on
Android smartphones, we demonstrate pairing between different smartphone
models.Comment: 11 pages, 11 figures. Published at ACM WiSec 2020 (13th ACM
Conference on Security and Privacy in Wireless and Mobile Networks). Updated
reference
CORTICAL DYNAMICS OF AUDITORY-VISUAL SPEECH: A FORWARD MODEL OF MULTISENSORY INTEGRATION.
In noisy settings, seeing the interlocutor's face helps to disambiguate what is being said. For this to happen, the brain must integrate auditory and visual information. Three major problems are (1) bringing together separate sensory streams of information, (2) extracting auditory and visual speech information, and (3) identifying this information as a unified auditory-visual percept. In this dissertation, a new representational framework for auditory visual (AV) speech integration is offered. The experimental work (psychophysics and electrophysiology (EEG)) suggests specific neural mechanisms for solving problems (1), (2), and (3) that are consistent with a (forward) 'analysis-by-synthesis' view of AV speech integration.
In Chapter I, multisensory perception and integration are reviewed. A unified conceptual framework serves as background for the study of AV speech integration.
In Chapter II, psychophysics testing the perception of desynchronized AV speech inputs show the existence of a ~250ms temporal window of integration in AV speech integration.
In Chapter III, an EEG study shows that visual speech modulates early on the neural processing of auditory speech. Two functionally independent modulations are (i) a ~250ms amplitude reduction of auditory evoked potentials (AEPs) and (ii) a systematic temporal facilitation of the same AEPs as a function of the saliency of visual speech.
In Chapter IV, an EEG study of desynchronized AV speech inputs shows that (i) fine-grained (gamma, ~25ms) and (ii) coarse-grained (theta, ~250ms) neural mechanisms simultaneously mediate the processing of AV speech.
In Chapter V, a new illusory effect is proposed, where non-speech visual signals modify the perceptual quality of auditory objects. EEG results show very different patterns of activation as compared to those observed in AV speech integration. An MEG experiment is subsequently proposed to test hypotheses on the origins of these differences.
In Chapter VI, the 'analysis-by-synthesis' model of AV speech integration is contrasted with major speech theories. From a Cognitive Neuroscience perspective, the 'analysis-by-synthesis' model is argued to offer the most sensible representational system for AV speech integration.
This thesis shows that AV speech integration results from both the statistical nature of stimulation and the inherent predictive capabilities of the nervous system
A proof-of-proximity framework for device pairing in ubiquitous computing environments
Ad hoc interactions between devices over wireless networks in ubiquitous
computing environments present a security problem: the generation of shared secrets
to initialize secure communication over a medium that is inherently vulnerable to
various attacks. However, these ad hoc scenarios also offer the potential for physical
security of spaces and the use of protocols in which users must visibly demonstrate
their presence and/or involvement to generate an association. As a consequence,
recently secure device pairing has had significant attention from a wide community of
academic as well as industrial researchers and a plethora of schemes and protocols
have been proposed, which use various forms of out-of-band exchange to form an
association between two unassociated devices. These protocols and schemes have
different strengths and weaknesses – often in hardware requirements, strength against
various attacks or usability in particular scenarios. From ordinary user‟s point of
view, the problem then becomes which to choose or which is the best possible scheme
in a particular scenario.
We advocate that in a world of modern heterogeneous devices and
requirements, there is a need for mechanisms that allow automated selection of the
best protocols without requiring the user to have an in-depth knowledge of the
minutiae of the underlying technologies. Towards this, the main argument forming the
basis of this dissertation is that the integration of a discovery mechanism and several
pairing schemes into a single system is more efficient from a usability point of view
as well as security point of view in terms of dynamic choice of pairing schemes. In
pursuit of this, we have proposed a generic system for secure device pairing by
demonstration of physical proximity. Our main contribution is the design and
prototype implementation of Proof-of-Proximity framework along with a novel Co-
Location protocol. Other contributions include a detailed analysis of existing device
pairing schemes, a simple device discovery mechanism, a protocol selection
mechanism that is used to find out the best possible scheme to demonstrate the
physical proximity of the devices according to the scenario, and a usability study of
eight pairing schemes and the proposed system
- …