Securely Connecting Wearables to Ambient Displays with User Intent

Wearables are often small and have limited user interfaces, hence they often wirelessly interface with a personal smartphone or a personal computer to relay information from the wearable for display. In this paper, we envision a new method LightTouch by which a wearable can establish a secure connection to an ambient display, such as a television or computer monitor, based on the user's intention to connect to the display. Such connections must be secure to prevent impersonation attacks, must work with unmodified display hardware, and must be easy to establish. LightTouch uses standard RF methods for communicating the data to display, securely bootstrapped with a key shared via a brightness channel between the low cost, low power, ambient light sensor of a wearable and the screen of the display. A screen touch gesture is adopted by users to ensure the modulation of screen brightness can be accurately and securely captured by the ambient light sensor. We further propose novel on-screen localization and correlation algorithms to improve security and reliability. Through experiments we demonstrate that LightTouch is compatible with current display and wearable designs, easy-to-use (5-6 seconds), reliable for connecting displays (98 percent success connection ratio), and secure against impersonation attacks.

[1]  Pierre Gançarski,et al.  Summarizing a set of time series by averaging: From Steiner sequence to compact multiple alignment , 2012, Theor. Comput. Sci..

[2]  Gregory D. Abowd,et al.  A gesture-based authentication scheme for untrusted public terminals , 2004, UIST '04.

[3]  Prasant Mohapatra,et al.  Good Neighbor: Ad hoc Pairing of Nearby Wireless Devices by Multiple Antennas , 2011, NDSS.

[4]  Hans-Werner Gellersen,et al.  GesturePIN: using discrete gestures for associating mobile devices , 2010, Mobile HCI.

[5]  Tadayoshi Kohno,et al.  RFIDs and secret handshakes: defending against ghost-and-leech attacks and unauthorized reads with context-aware communications , 2008, CCS.

[6]  Dina Katabi,et al.  PixNet: interference-free wireless links using LCD-camera pairs , 2010, MobiCom.

[7]  Wade Trappe,et al.  ProxiMate: proximity-based secure pairing using ambient wireless signals , 2011, MobiSys '11.

[8]  Claudio Soriente,et al.  BEDA: Button-Enabled Device Pairing , 2007, IACR Cryptol. ePrint Arch..

[9]  Stephan Sigg,et al.  Secure Communication Based on Ambient Audio , 2013, IEEE Transactions on Mobile Computing.

[10]  Claudio Soriente,et al.  HAPADEP: Human-Assisted Pure Audio Device Pairing , 2008, ISC.

[11]  Stefan Schmid,et al.  LED-to-LED visible light communication networks , 2013, MobiHoc '13.

[12]  Nitesh Saxena,et al.  Treat 'em like other devices: user authentication of multiple personal RFID tags , 2009, SOUPS.

[13]  N. Asokan,et al.  Secure Device Pairing Based on a Visual Channel: Design and Usability Study , 2011, IEEE Transactions on Information Forensics and Security.

[14]  David Kotz,et al.  ZEBRA: Zero-Effort Bilateral Recurring Authentication , 2014, IEEE Symposium on Security and Privacy.

[15]  René Mayrhofer,et al.  A Human-Verifiable Authentication Protocol Using Visible Laser Light , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[16]  Michael K. Reiter,et al.  Seeing-is-believing: using camera phones for human-verifiable authentication , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[17]  Michael Sirivianos,et al.  Loud and Clear: Human-Verifiable Authentication Based on Audio , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[18]  Guoliang Xing,et al.  nShield: a noninvasive NFC security system for mobiledevices , 2014, MobiSys.

[19]  René Mayrhofer,et al.  Shake Well Before Use: Intuitive and Secure Pairing of Mobile Devices , 2009, IEEE Transactions on Mobile Computing.

[20]  Cong Wang,et al.  SBVLC: Secure barcode-based visible light communication for smartphones , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[21]  Guoliang Xing,et al.  COBRA: color barcode streaming for smartphone systems , 2012, MobiSys '12.

[22]  Zhen Wang,et al.  uWave: Accelerometer-based Personalized Gesture Recognition and Its Applications , 2009, PerCom.