Commitment-based device-pairing protocol with synchronized drawings and comparison metrics

Research output: Contribution to journalArticleScientificpeer-review


Research units


This article presents a new method for pairing devices securely. The commitment-based authentication uses a fuzzy secret that the devices only know approximately. Its novel feature is time-based opening of commitments in a single round. We also introduce a new source for the fuzzy secret: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. The drawings are encoded as strings and compared with an edit-distance metric. A prototype implementation of this surprisingly simple and natural pairing mechanism shows that it accurately differentiates between true positives and man-in-the-middle attackers.


Original languageEnglish
Pages (from-to)205-219
JournalPervasive and Mobile Computing
Issue numberPart B
Publication statusPublished - 2015
MoE publication typeA1 Journal article-refereed

    Research areas

  • Security, Device pairing, Commitment protocol, Edit distance

Download statistics

No data available

ID: 1996750