Survey and Systematization of Secure Device Pairing

Secure Device Pairing (SDP) schemes have been developed to facilitate secure communications among smart devices, both personal mobile devices and Internet of Things (IoT) devices. Comparison and assessment of SDP schemes is troublesome, because each scheme makes different assumptions about out-of-band channels and adversary models, and are driven by their particular use-cases. A conceptual model that facilitates meaningful comparison among SDP schemes is missing. We provide such a model. In this article, we survey and analyze a wide range of SDP schemes that are described in the literature, including a number that have been adopted as standards. A system model and consistent terminology for SDP schemes are built on the foundation of this survey, which are then used to classify existing SDP schemes into a taxonomy that, for the first time, enables their meaningful comparison and analysis.The existing SDP schemes are analyzed using this model, revealing common systemic security weaknesses among the surveyed SDP schemes that should become priority areas for future SDP research, such as improving the integration of privacy requirements into the design of SDP schemes. Our results allow SDP scheme designers to create schemes that are more easily comparable with one another, and to assist the prevention of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications Surveys & Tutorials 2017 (Volume: PP, Issue: 99

No One Size (PPM) Fits All: Towards Privacy in Stream Processing Systems

Stream processing systems (SPSs) have been designed to process data streams in real-time, allowing organizations to analyze and act upon data on-the-fly, as it is generated. However, handling sensitive or personal data in these multilayered SPSs that distribute resources across sensor, fog, and cloud layers raises privacy concerns, as the data may be subject to unauthorized access and attacks that can violate user privacy, hence facing regulations such as the GDPR across the SPS layers. To address these issues, different privacy-preserving mechanisms (PPMs) are proposed to protect user privacy in SPSs. Yet, selecting and applying such PPMs in SPSs is challenging, since they must operate in real-time while tolerating little overhead. The multilayered nature of SPSs complicates privacy protection because each layer may confront different privacy threats, which must be addressed by specific PPMs. To overcome these challenges, we present Prinseps, our comprehensive privacy vision for SPSs. Towards this vision, we (1) identify critical privacy threats on different layers of the multilayered SPS, (2) evaluate the effectiveness of existing PPMs in addressing such threats, and (3) integrate privacy considerations into the decision-making processes of SPSs.Comment: Vision paper accepted to DEBS 202

Proximity Detection with Single-Antenna IoT Devices

Providing secure communications between wireless devices that encounter each other on an ad-hoc basis is a challenge that has not yet been fully addressed. In these cases, close physical proximity among devices that have never shared a secret key is sometimes used as a basis of trust; devices in close proximity are deemed trustworthy while more distant devices are viewed as potential adversaries. Because radio waves are invisible, however, a user may believe a wireless device is communicating with a nearby device when in fact the user’s device is communicating with a distant adversary. Researchers have previously proposed methods for multi-antenna devices to ascertain physical proximity with other devices, but devices with a single antenna, such as those commonly used in the Internet of Things, cannot take advantage of these techniques. We present theoretical and practical evaluation of a method called SNAP – SiNgle Antenna Proximity – that allows a single-antenna Wi-Fi device to quickly determine proximity with another Wi-Fi device. Our proximity detection technique leverages the repeating nature Wi-Fi’s preamble and the behavior of a signal in a transmitting antenna’s near-field region to detect proximity with high probability; SNAP never falsely declares proximity at ranges longer than 14 cm

Zero-Interaction Security-Towards Sound Experimental Validation

Reproducibility and realistic datasets are crucial for advancing research. Unfortunately, they are often neglected as valid scientific contributions in many young disciplines, with computer science being no exception. In this article, we show the challenges encountered when reproducing the work of others, collecting realistic data in the wild, and ensuring that our own work is reproducible in turn. The presented findings are based on our study investigating the limits of zero-interaction security (ZIS)- a novel concept, leveraging sensor data collected by Internet of Things (IoT) devices to pair or authenticate devices. In particular, we share our experiences in reproducing five state-of-the-art ZIS schemes, collecting a comprehensive dataset of sensor data from the real world, evaluating these schemes on the collected data, and releasing the data, code, and documentation to facilitate reproducibility of our results

FastZIP: Faster and More Secure Zero-Interaction Pairing

With the advent of the Internet of Things (IoT), establishing a secure channel between smart devices becomes crucial. Recent research proposes zero-interaction pairing (ZIP), which enables pairing without user assistance by utilizing devices' physical context (e.g., ambient audio) to obtain a shared secret key. The state-of-the-art ZIP schemes suffer from three limitations: (1) prolonged pairing time (i.e., minutes or hours), (2) vulnerability to brute-force offline attacks on a shared key, and (3) susceptibility to attacks caused by predictable context (e.g., replay attack) because they rely on limited entropy of physical context to protect a shared key. We address these limitations, proposing FastZIP, a novel ZIP scheme that significantly reduces pairing time while preventing offline and predictable context attacks. In particular, we adapt a recently introduced Fuzzy Password-Authenticated Key Exchange (fPAKE) protocol and utilize sensor fusion, maximizing their advantages. We instantiate FastZIP for intra-car device pairing to demonstrate its feasibility and show how the design of FastZIP can be adapted to other ZIP use cases. We implement FastZIP and evaluate it by driving four cars for a total of 800 km. We achieve up to three times shorter pairing time compared to the state-of-the-art ZIP schemes while assuring robust security with adversarial error rates below 0.5%.Comment: ACM MobiSys '21 - Code and data at: https://github.com/seemoo-lab/fastzi

Perils of Zero-Interaction Security in the Internet of Things

The Internet of Things (IoT) demands authentication systems which can provide both security and usability. Recent research utilizes the rich sensing capabilities of smart devices to build security schemes operating without human interaction, such as zero-interaction pairing (ZIP) and zero-interaction authentication (ZIA). Prior work proposed a number of ZIP and ZIA schemes and reported promising results. However, those schemes were often evaluated under conditions which do not reflect realistic IoT scenarios. In addition, drawing any comparison among the existing schemes is impossible due to the lack of a common public dataset and unavailability of scheme implementations. In this paper, we address these challenges by conducting the first large-scale comparative study of ZIP and ZIA schemes, carried out under realistic conditions. We collect and release the most comprehensive dataset in the domain to date, containing over 4250 hours of audio recordings and 1 billion sensor readings from three different scenarios, and evaluate five state-of-the-art schemes based on these data. Our study reveals that the effectiveness of the existing proposals is highly dependent on the scenario they are used in. In particular, we show that these schemes are subject to error rates between 0.6% and 52.8%

The 6^{6}H states studied in the d(8He,α)d(^8\text{He},\alpha) reaction and evidence of extremely correlated character of the 5^{5}H ground state

The extremely neutron-rich system $^{6}$H was studied in the direct $^2\text{H}(^8\text{He},{^4\text{He}})^{6}$H transfer reaction with a 26 $A$ MeV secondary $^{8}$He beam. The measured missing mass spectrum shows a resonant state in $^{6}$H at $6.8(3)$ MeV relative to the $^3$H+$3n$ threshold. The population cross section of the presumably $p$-wave states in the energy range from 4 to 8 MeV is $d\sigma/d\Omega_{\text{c.m.}} \simeq 190(40)$ $\mu$b/sr in the angular range $5^{\circ}<\theta_{\text{c.m.}}<16^{\circ}$. The obtained missing mass spectrum is free of the $^{6}$H events below 3.5 MeV ($d\sigma/d\Omega_{\text{c.m.}} \lesssim 3$ $\mu$b/sr in the same angular range). The steep rise of the $^{6}$H missing mass spectrum at 3 MeV allows to show that $4.5(3)$ MeV is the lower limit for the possible resonant state energy in $^{6}$H tolerated by our data. According to paring energy estimates, such a $4.5(3)$ MeV resonance is a realistic candidate for the $^{6}$H ground state (g.s.). The obtained results confirm that the decay mechanism of the $^{7}$H g.s.\ (located at 2.2 MeV above the $^{3}$H+$4n$ threshold) is the ``true'' (or simultaneous) $4n$ emission. The resonance energy profiles and the momentum distributions of the sequential $^{6}$H \,\rightarrow \, ^5H(g.s.)+n\, \rightarrow \, ^3H+$3n$ decay fragments were analyzed by the theoretically-updated direct four-body-decay and sequential-emission mechanisms. The measured momentum distributions of the $^{3}$H fragments in the $^{6}$H rest frame indicate very strong ``dineutron-type'' correlations in the $^{5}$H ground state decay.Comment: 9 pages, 11 figure

Deep excursion beyond the proton dripline. I. Argon and chlorine isotope chains

The proton-unbound argon and chlorine isotopes have been studied by measuring trajectories of their decay-in-flight products by using a tracking technique with microstrip detectors. The proton (1p) and two-proton (2p) emission processes have been detected in the measured angular correlations "heavy-fragment"+p and "heavy-fragment"+p+p, respectively. The ground states of the previously unknown isotopes Cl30 and Cl28 have been observed for the first time, providing the 1p-separation energies Sp of -0.48(2) and -1.60(8), MeV, respectively. The relevant systematics of 1p- and 2p-separation energies have been studied theoretically in the core+p and core+p+p cluster models. The first-time observed excited states of Ar31 allow one to infer the 2p-separation energy S2p of 6(34) keV for its ground state. The first-time observed state in Ar29 with S2p=-5.50(18) MeV can be identified as either a ground state or an excited state according to different systematics

Making Zero-interaction Pairing and Authentication Practical in the Internet of Things

The proliferation of the Internet of Things (IoT) requires establishing and maintaining secure communication between smart devices to ensure user privacy and trustworthiness of IoT systems. Zero-interaction pairing (ZIP) and zero-interaction authentication (ZIA) are recent techniques that allow pairing or authenticating devices without user involvement utilizing devices’ physical context (e.g., ambient audio). Compared to centralized security solutions for the IoT such as public-key infrastructure (PKI) and conventional user-assisted pairing and authentication methods (e.g., entering a password), ZIP and ZIA schemes promise improved user experience, as they do not require users to participate in pairing or authentication procedures, and easy deployment, as they rely on on-board sensors of smart devices. However, we find that proposed ZIP and ZIA schemes are still immature, requiring improvements in three areas: security, usability, and deployability. In this thesis, we advance the domain of ZIP and ZIA in these three areas as follows. First, we analyze state-of-the-art ZIP and ZIA schemes both theoretically and empirically using real-world data that we collect. Our findings reveal that these schemes show reduced security and usability under realistic conditions, and we identify reasons why this reduction occurs. Second, we improve on ZIP, proposing a novel ZIP architecture called FastZIP combining a recently introduced Fuzzy Password-Authenticated Key Exchange (fPAKE) protocol, which has stronger security properties than the cryptographic primitives used by the state-of-the-art ZIP schemes, and sensor fusion, which allows building robust context from multiple sensor modalities, each capturing a distinct physical phenomenon. We demonstrate, collecting real-world data using off-the-shelf devices, that FastZIP has higher security guarantees than state-of-the-art ZIP schemes against brute-force offline and predictable context attacks (e.g., context replay) and significantly shorter pairing time, improving the usability of our scheme. Third, we develop a new copresence detection method named Next2You; copresence detection is a core part of any ZIA scheme. Next2You utilizes channel state information (CSI), which captures a unique wireless context of an environment (e.g., a room), and neural networks. Through our real-world experiments using off-the-shelf smartphones, we demonstrate that Next2You outperforms state-of-the-art copresence detection methods in two ways: (1) it achieves accurate copresence detection in challenging cases of low-entropy context (e.g., empty room with few events occurring) and insufficiently separated environments (e.g., adjacent rooms), thus is more secure and (2) Next2You requires devices to only have ubiquitous Wi-Fi chipsets, without a need for extra sensors (e.g., microphones), improving the deployability of our method. Fourth, we publicly release the collected context data and codebase of the above contributions, enhancing the reproducibility in the domain of ZIP and ZIA

seemoo-lab/seemoo-mobile-sensing: Initial release of the Android sensing platform

Sensor data collector for Android device