Abstract
Authenticating whether two smartphones are in close proximity is important in smartphone security. For example, the authentication result can be used to pair two devices and construct a secure communication channel between them. Many existing proximity authentication systems rely on short range networks-the communication is usually restricted in short range networks. However, this approach is inadequate when we want to verify whether the communication distance is within a few centimeters, i.e. near field. To address this challenge, many other techniques construct systems based on the near field communication (NFC) system. Unfortunately, only a small portion of smart devices in the current market are equipped with NFC chips. The purpose of this paper is to provide a close proximity authentication system which does not depend on NFC chips. We devise a system to achieve close proximity authentication by using correlated finger movements on the two smartphones. Human input usually contains errors and is of low entropy, which affects the usability and security of our system. We solve these issues in an efficient way, considering the limited computational resources on smart devices. Our system does not need any prior secret information shared between the two devices, and generates the same high-entropy cryptographic key for both devices in a successful authentication. The efficiency of the system is validated by evaluations on Motorola Droid smartphones.
Original language | English (US) |
---|---|
Pages (from-to) | 605-616 |
Number of pages | 12 |
Journal | IEEE Transactions on Dependable and Secure Computing |
Volume | 13 |
Issue number | 6 |
DOIs | |
State | Published - Nov 1 2016 |
Keywords
- Smart devices
- authenticated key exchange
- device authentication
- protocol design
ASJC Scopus subject areas
- General Computer Science
- Electrical and Electronic Engineering