Securing Cyber-Physical Social Interactions on Wrist-worn Devices

Shen, Yiran, Du, Bowen, Xu, Weitao, Luo, Chengwen, Wei, Bo, Cui, Lizhen and Wen, Hongkai (2020) Securing Cyber-Physical Social Interactions on Wrist-worn Devices. ACM Transactions on Sensor Networks, 16 (2). p. 19. ISSN 1550-4859

[img]
Preview
Text
35842281_File000004_869236481_3_.pdf - Accepted Version

Download (1MB) | Preview
Official URL: https://doi.org/10.1145/3378669

Abstract

Since ancient Greece, handshaking has been commonly practiced between two people as a friendly gesture to express trust and respect, or form a mutual agreement. In this article, we show that such physical contact can be used to bootstrap secure cyber contact between the smart devices worn by users. The key observation is that during handshaking, although belonged to two different users, the two hands involved in the shaking events are often rigidly connected, and therefore exhibit very similar motion patterns. We propose a novel key generation system, which harvests motion data during user handshaking from the wrist-worn smart devices such as smartwatches or fitness bands, and exploits the matching motion patterns to generate symmetric keys on both parties. The generated keys can be then used to establish a secure communication channel for exchanging data between devices. This provides a much more natural and user-friendly alternative for many applications, e.g., exchanging/sharing contact details, friending on social networks, or even making payments, since it doesn’t involve extra bespoke hardware, nor require the users to perform pre-defined gestures. We implement the proposed key generation system on off-the-shelf smartwatches, and extensive evaluation shows that it can reliably generate 128-bit symmetric keys just after around 1s of handshaking (with success rate >99%), and is resilient to different types of attacks including impersonate mimicking attacks, impersonate passive attacks, or eavesdropping attacks. Specifically, for real-time impersonate mimicking attacks, in our experiments, the Equal Error Rate (EER) is only 1.6% on average. We also show that the proposed key generation system can be extremely lightweight and is able to run in-situ on the resource-constrained smartwatches without incurring excessive resource consumption.

Item Type: Article
Subjects: G400 Computer Science
G500 Information Systems
Department: Faculties > Engineering and Environment > Computer and Information Sciences
Depositing User: Elena Carlaw
Date Deposited: 29 Jan 2020 11:02
Last Modified: 24 Apr 2020 11:49
URI: http://nrl.northumbria.ac.uk/id/eprint/41985

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics