Survey and Systematization of Secure Device Pairing

Secure Device Pairing (SDP) schemes have been developed to facilitate secure communications among smart devices, both personal mobile devices and Internet of Things (IoT) devices. Comparison and assessment of SDP schemes is troublesome, because each scheme makes different assumptions about out-of-band channels and adversary models, and are driven by their particular use-cases. A conceptual model that facilitates meaningful comparison among SDP schemes is missing. We provide such a model. In this article, we survey and analyze a wide range of SDP schemes that are described in the literature, including a number that have been adopted as standards. A system model and consistent terminology for SDP schemes are built on the foundation of this survey, which are then used to classify existing SDP schemes into a taxonomy that, for the first time, enables their meaningful comparison and analysis.The existing SDP schemes are analyzed using this model, revealing common systemic security weaknesses among the surveyed SDP schemes that should become priority areas for future SDP research, such as improving the integration of privacy requirements into the design of SDP schemes. Our results allow SDP scheme designers to create schemes that are more easily comparable with one another, and to assist the prevention of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications Surveys & Tutorials 2017 (Volume: PP, Issue: 99

CERN openlab Whitepaper on Future IT Challenges in Scientific Research

This whitepaper describes the major IT challenges in scientific research at CERN and several other European and international research laboratories and projects. Each challenge is exemplified through a set of concrete use cases drawn from the requirements of large-scale scientific programs. The paper is based on contributions from many researchers and IT experts of the participating laboratories and also input from the existing CERN openlab industrial sponsors. The views expressed in this document are those of the individual contributors and do not necessarily reflect the view of their organisations and/or affiliates

WiMorse: a contactless Morse code text input system using ambient WiFi signals

International audienceRecent years have witnessed advances of Internet of Things (IoT) technologies and their applications to enable contactless sensing and human-computer interaction in smart homes. For people with Motor Neurone Disease (MND), their motion capabilities are severely impaired and they have difficulties interacting with IoT devices and even communicating with other people. As the disease progresses, most patients lose their speech function eventually which makes the widely adopted voice-based solutions fail. In contrast, most patients can still move their fingers slightly even after they have lost the control of their arms and hands. Thus we propose to develop a Morse code based text input system, called WiMorse, which allows patients with minimal single-finger control to input and communicate with other people without attaching any sensor to their fingers. WiMorse leverages ubiquitous commodity WiFi devices to track subtle finger movements contactlessly and encode them as Morse code input. In order to sense the very subtle finger movements, we propose to employ the ratio of the Channel State Information (CSI) between two antennas to enhance the Signal to Noise Ratio. To address the severe location dependency issue in wireless sensing with accurate theoretical underpinning and experiments, we propose a signal transformation mechanism to automatically convert signals based on the input position, achieving stable sensing performance. Comprehensive experiments demonstrate that WiMorse can achieve higher than 95% recognition accuracy for finger generated Morse code, and is robust against input position, environment changes, and user diversity

Speaking the Local Dialect: Exploiting differences between IEEE 802.15.4 Receivers with Commodity Radios for fingerprinting, targeted attacks, and WIDS evasion

Producing IEEE 802.15.4 PHY-frames reliably accepted by some digital radio receivers, but rejected by others---depending on the receiver chip\u27s make and model---has strong implications for wireless security. Attackers could target specific receivers by crafting shaped charges, attack frames that appear valid to the intended target and are ignored by all other recipients. By transmitting in the unique, slightly non-compliant dialect of the intended receivers, attackers would be able to create entire communication streams invisible to others, including wireless intrusion detection and prevention systems (WIDS/WIPS). These scenarios are no longer theoretic. We present methods of producing such IEEE 802.15.4 frames with commodity digital radio chips widely used in building inexpensive 802.15.4-conformant devices. Typically, PHY-layer fingerprinting requires software-defined radios that cost orders of magnitude more than the chips they fingerprint; however, our methods do not require a software-defined radio and use the same inexpensive chips. Knowledge of such differences, and the ability to fingerprint them is crucial for defenders. We investigate new methods of fingerprinting IEEE 802.15.4 devices by exploring techniques to differentiate between multiple 802.15.4-conformant radio-hardware manufacturers and firmware distributions. Further, we point out the implications of these results for WIDS, both with respect to WIDS evasion techniques and countering such evasion

FarSense: pushing the range limit of WiFi-based respiration sensing with CSI ratio of two antennas

International audienceThe past few years have witnessed the great potential of exploiting channel state information retrieved from commodity WiFi devices for respiration monitoring. However, existing approaches only work when the target is close to the WiFi transceivers and the performance degrades significantly when the target is far away. On the other hand, most home environments only have one WiFi access point and it may not be located in the same room as the target. This sensing range constraint greatly limits the application of the proposed approaches in real life. This paper presents FarSense-the first real-time system that can reliably monitor human respiration when the target is far away from the WiFi transceiver pair. FarSense works well even when one of the transceivers is located in another room, moving a big step towards real-life deployment. We propose two novel schemes to achieve this goal: (1) Instead of applying the raw CSI readings of individual antenna for sensing, we employ the ratio of CSI readings from two antennas, whose noise is mostly canceled out by the division operation to significantly increase the sensing range; (2) The division operation further enables us to utilize the phase information which is not usable with one single antenna for sensing. The orthogonal amplitude and phase are elaborately combined to address the "blind spots" issue and further increase the sensing range. Extensive experiments show that FarSense is able to accurately monitor human respiration even when the target is 8 meters away from the transceiver pair, increasing the sensing range by more than 100%. 1 We believe this is the first system to enable through-wall respiration sensing with commodity WiFi devices and the proposed method could also benefit other sensing applications