A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf
.
Resetting Your Password Is Vulnerable: A Security Study of Common SMS-Based Authentication in IoT Device
2018
Wireless Communications and Mobile Computing
Firmware vulnerability is an important target for IoT attacks, but it is challenging, because firmware may be publicly unavailable or encrypted with an unknown key. We present in this paper an attack on Short Message Service (SMS for short) authentication code which aims at gaining the control of IoT devices without firmware analysis. The key idea is based on the observation that IoT device usually has an official application (app for short) used to control itself. Customer needs to register an
doi:10.1155/2018/7849065
fatcat:rbr4x46oqngajo2vmsdx7sgtfy