论文标题

通过随机切换功率配对的无外围设备配对

Peripheral-free Device Pairing by Randomly Switching Power

论文作者

Shao, Zhijian, Weng, Jian, Zhang, Yue, Wu, Yongdong, Li, Ming, Weng, Jiasi, Luo, Weiqi, Yu, Shui

论文摘要

Things Internet(IoT)的受欢迎程度带来了安全问题。在过去的十年中,针对物联网无线通信场地的攻击以惊人的速度增长。因此,配对,可以建立在没有事先关系的情况下为IoT设备建立安全的通信渠道,因此是至关重要的能力。现有的安全配对协议需要辅助设备/外围设备(例如显示器,扬声器和传感器)才能实现身份验证,这对于诸如智能灯等低价设备(例如智能灯)是不可接受的。本文研究了如何设计无外围安全配对协议。具体来说,我们设计了协议,称为SwitchPair,通过盒子外电源供电和车载时钟,同时实现安全性和经济性。当用户想配对两个或多个设备时,他/她将配对设备连接到同一电源,并按/释放开关打开/关键按钮几次。然后,可以使用按下和释放时间来推导对称密钥。由于其盛行,我们通过Texas Instruments(TI)的两个CC2640R2F开发板实施了原型。还进行了广泛的实验和用户研究,以根据效率和安全性基准我们的协议。

The popularity of Internet-of-Things (IoT) comes with security concerns. Attacks against wireless communication venues of IoT (e.g., Man-in-the-Middle attacks) have grown at an alarming rate over the past decade. Pairing, which allows the establishment of the secure communicating channels for IoT devices without a prior relationship, is thus a paramount capability. Existing secure pairing protocols require auxiliary equipment/peripheral (e.g., displays, speakers and sensors) to achieve authentication, which is unacceptable for low-priced devices such as smart lamps. This paper studies how to design a peripheral-free secure pairing protocol. Concretely, we design the protocol, termed SwitchPairing, via out-of-box power supplying chargers and on-board clocks, achieving security and economics at the same time. When a user wants to pair two or more devices, he/she connects the pairing devices to the same power source, and presses/releases the switch on/off button several times. Then, the press and release timing can be used to derive symmetric keys. We implement a prototype via two CC2640R2F development boards from Texas Instruments (TI) due to its prevalence. Extensive experiments and user studies are also conducted to benchmark our protocol in terms of efficiency and security.

扫码加入交流群

加入微信交流群

微信交流群二维码

扫码加入学术交流群,获取更多资源