Evaluation of Ad-hoc Secure Device Pairing Method with Accelerometer and Camera Using Marker
Makoto Nagatomo, Kentaro Aburada, Naonobu Okazaki, Mirang Park
International Journal of Networking and Computing
Currently, devices with wireless technologies often communicate each other ad hoc. For example, a presenter wirelessly distributes ad-hoc meeting materials from a PC to mobile device in a meeting room. However, there is a problem of spoofing by an impersonator outside the room. Hence, devices must conduct secure pairing, which is exchange of key necessary for encrypting communication contents, before the communication. As a pairing method between devices, there are pairing methods using RSS
... access point as features. However, RSS changes significantly due to environmental factors. On the other hand, there are the pairing methods which compare acceleration data from devices with displacement data of devices from camera of a server. However, these methods have problems that it is necessary to use infrared camera and difficult to recognize inclination of devices. Thus, these methods cannot perform accurate device pairing. Therefore, in this paper, we propose a method that perform pairing using devices' accelerometers and markers displayed on devices, and a camera of authentication server. This method performs pairing by calculating similarity between velocity data from acceleration data from devices and displacement data of the marker from camera after comparing marker sequence displayed on the device. This method has advantage that can detect devices' inclination by recognizing markers' inclination. We performed three types of experiments to confirm the similarity of displacement data and acceleration data, whether an impersonator outside camera range can perform pairing, and possibility of several devices pairing together. As a result, we founded that the larger the device's display is, the higher the similarity, the 318 International Journal of Networking and Computing Figure 1: An example of ad-hoc device pairing proposed method can distinguish legitimate user from impersonator outside camera range by average similarity, and three devices succeeded pairing at rate of 71.8%. Introduction Recently, along with the advance of wireless technologies, such as Wi-Fi, Bluetooth, and nearfield communication (NFC), devices such as mobile device and IoT devices often use these wireless technologies to communicate with each other. These technologies have privacy vulnerabilities, such as eavesdropping and man-in-the-middle attack. Hence, it is necessary to establish authenticity between devices before wireless communication begin. We define secure device pairing as a process for establish secure wireless communication. We classify device pairing into "long-term pairing" and "ad-hoc pairing". Long-term pairing maintains the connection among devices long term, and the key for encrypting the content of communications can be prepared in advance. An example of long-term pairing is the connection between a Wi-Fi access point and smartphone. The access point has a key (security code) before a user is connected with it. In contrast, ad-hoc device pairing maintains the connection only for a limited period. Fig. 1 shows an example of ad-hoc pairing, which is the wireless distribution of meeting materials from a PC to mobile devices with the small table (e.g. 3m × 3m table) at a meeting . In this pairing, it is necessary to generate a pairing key "on-the-spot". The problem in this case is spoofing by a third party outside the room, who can obtain the meeting materials if secure pairing is not performed between devices in the room. When Wi-Fi or Bluetooth is used for it, the wireless communication may be eavesdropped. Therefore, our research goal is to propose the secure device pairing method, in which is easy to use for users, and it is possible to perform the pairing in a short range, such as the range of 3m × 3m. Currently, many researches evaluate pairing methods using received signal strength (RSS) [1, 2]. The method  uses RSS between devices, and the method  uses RSS from several access points in order to judge whether the user in a room, but it is not possible to perform stable pairing in a single location because RSS changes significantly due to environmental factors, such as time and objects surrounded there.