Commitment-based device-pairing protocol with synchronized drawings and comparison metrics

Markku Antikainen; Mohit Sethi; Sinisa Matetic; Tuomas Aura

doi:10.1016/j.pmcj.2014.10.006

Commitment-based device-pairing protocol with synchronized drawings and comparison metrics

Markku Antikainen
, Mohit Sethi
, Sinisa Matetic
, Tuomas Aura

Department of Computer Science

Research output: Contribution to journal › Article › Scientific › peer-review

1 Citation (Scopus)

176 Downloads (Pure)

Abstract

This article presents a new method for pairing devices securely. The commitment-based authentication uses a fuzzy secret that the devices only know approximately. Its novel feature is time-based opening of commitments in a single round. We also introduce a new source for the fuzzy secret: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. The drawings are encoded as strings and compared with an edit-distance metric. A prototype implementation of this surprisingly simple and natural pairing mechanism shows that it accurately differentiates between true positives and man-in-the-middle attackers.

Original language	English
Pages (from-to)	205-219
Journal	Pervasive and Mobile Computing
Volume	16
Issue number	Part B
DOIs	https://doi.org/10.1016/j.pmcj.2014.10.006
Publication status	Published - 2015
MoE publication type	A1 Journal article-refereed

Keywords

Security
Device pairing
Commitment protocol
Edit distance

Access to Document

10.1016/j.pmcj.2014.10.006

1-s2.0-S1574119214001783-mainFinal published version, 1.35 MBLicence: CC BY-NC-ND

Cite this

@article{7c3204505404464182df501931fce3c4,

title = "Commitment-based device-pairing protocol with synchronized drawings and comparison metrics",

abstract = "This article presents a new method for pairing devices securely. The commitment-based authentication uses a fuzzy secret that the devices only know approximately. Its novel feature is time-based opening of commitments in a single round. We also introduce a new source for the fuzzy secret: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. The drawings are encoded as strings and compared with an edit-distance metric. A prototype implementation of this surprisingly simple and natural pairing mechanism shows that it accurately differentiates between true positives and man-in-the-middle attackers.",

keywords = "Security, Device pairing, Commitment protocol, Edit distance",

author = "Markku Antikainen and Mohit Sethi and Sinisa Matetic and Tuomas Aura",

note = "VK: Secure Systems; Aura, T.",

year = "2015",

doi = "10.1016/j.pmcj.2014.10.006",

language = "English",

volume = "16",

pages = "205--219",

journal = "Pervasive and Mobile Computing",

issn = "1574-1192",

publisher = "Elsevier",

number = "Part B",

}

TY - JOUR

T1 - Commitment-based device-pairing protocol with synchronized drawings and comparison metrics

AU - Antikainen, Markku

AU - Sethi, Mohit

AU - Matetic, Sinisa

AU - Aura, Tuomas

N1 - VK: Secure Systems; Aura, T.

PY - 2015

Y1 - 2015

N2 - This article presents a new method for pairing devices securely. The commitment-based authentication uses a fuzzy secret that the devices only know approximately. Its novel feature is time-based opening of commitments in a single round. We also introduce a new source for the fuzzy secret: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. The drawings are encoded as strings and compared with an edit-distance metric. A prototype implementation of this surprisingly simple and natural pairing mechanism shows that it accurately differentiates between true positives and man-in-the-middle attackers.

AB - This article presents a new method for pairing devices securely. The commitment-based authentication uses a fuzzy secret that the devices only know approximately. Its novel feature is time-based opening of commitments in a single round. We also introduce a new source for the fuzzy secret: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. The drawings are encoded as strings and compared with an edit-distance metric. A prototype implementation of this surprisingly simple and natural pairing mechanism shows that it accurately differentiates between true positives and man-in-the-middle attackers.

KW - Security

KW - Device pairing

KW - Commitment protocol

KW - Edit distance

UR - http://www.sciencedirect.com/science/article/pii/S1574119214001783

U2 - 10.1016/j.pmcj.2014.10.006

DO - 10.1016/j.pmcj.2014.10.006

M3 - Article

SN - 1574-1192

VL - 16

SP - 205

EP - 219

JO - Pervasive and Mobile Computing

JF - Pervasive and Mobile Computing

IS - Part B

ER -

Commitment-based device-pairing protocol with synchronized drawings and comparison metrics

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this