Commitment-based device-pairing protocol with synchronized drawings and comparison metrics

Tutkimustuotos: Lehtiartikkeli

Standard

Harvard

APA

Vancouver

Author

Bibtex - Lataa

@article{7c3204505404464182df501931fce3c4,
title = "Commitment-based device-pairing protocol with synchronized drawings and comparison metrics",
abstract = "This article presents a new method for pairing devices securely. The commitment-based authentication uses a fuzzy secret that the devices only know approximately. Its novel feature is time-based opening of commitments in a single round. We also introduce a new source for the fuzzy secret: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. The drawings are encoded as strings and compared with an edit-distance metric. A prototype implementation of this surprisingly simple and natural pairing mechanism shows that it accurately differentiates between true positives and man-in-the-middle attackers.",
keywords = "Security, Device pairing, Commitment protocol, Edit distance",
author = "Markku Antikainen and Mohit Sethi and Sinisa Matetic and Tuomas Aura",
note = "VK: Secure Systems; Aura, T.",
year = "2015",
doi = "10.1016/j.pmcj.2014.10.006",
language = "English",
volume = "16",
pages = "205--219",
journal = "Pervasive and Mobile Computing",
issn = "1574-1192",
publisher = "Elsevier",
number = "Part B",

}

RIS - Lataa

TY - JOUR

T1 - Commitment-based device-pairing protocol with synchronized drawings and comparison metrics

AU - Antikainen, Markku

AU - Sethi, Mohit

AU - Matetic, Sinisa

AU - Aura, Tuomas

N1 - VK: Secure Systems; Aura, T.

PY - 2015

Y1 - 2015

N2 - This article presents a new method for pairing devices securely. The commitment-based authentication uses a fuzzy secret that the devices only know approximately. Its novel feature is time-based opening of commitments in a single round. We also introduce a new source for the fuzzy secret: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. The drawings are encoded as strings and compared with an edit-distance metric. A prototype implementation of this surprisingly simple and natural pairing mechanism shows that it accurately differentiates between true positives and man-in-the-middle attackers.

AB - This article presents a new method for pairing devices securely. The commitment-based authentication uses a fuzzy secret that the devices only know approximately. Its novel feature is time-based opening of commitments in a single round. We also introduce a new source for the fuzzy secret: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. The drawings are encoded as strings and compared with an edit-distance metric. A prototype implementation of this surprisingly simple and natural pairing mechanism shows that it accurately differentiates between true positives and man-in-the-middle attackers.

KW - Security

KW - Device pairing

KW - Commitment protocol

KW - Edit distance

UR - http://www.sciencedirect.com/science/article/pii/S1574119214001783

U2 - 10.1016/j.pmcj.2014.10.006

DO - 10.1016/j.pmcj.2014.10.006

M3 - Article

VL - 16

SP - 205

EP - 219

JO - Pervasive and Mobile Computing

JF - Pervasive and Mobile Computing

SN - 1574-1192

IS - Part B

ER -

ID: 1996750