AudioKey: a usable device pairing system using audio signals on smartwatches

Smartwatches are expected to replace smartphones in some applications with better user experience because of a greater range of features and new innovations such as audio recording, activity recognition, and data transmission. In this paper, we develop a system called AudioKey, aiming to pair two smartwatches by generating a unique secret key between them. Compared with existing works, our system does not need extra infrastructure to synchronise devices and trigger the key generation process, and only uses the existing sensors (gyroscope and microphone) that are deployed on most smartwatches. AudioKey triggers the key generation process on two devices at the same time by detecting the handshake between two normal users. A secret key is extracted from both the frequency domain and the time domain of audio signals and used to authenticate each other or encrypt the sensitive data. Evaluation results collected on nine volunteers in three different scenarios show that our system can achieve a bit generation rate of 13.4 bits/s with the mean key agreement rate of 96.7% for a 128-bit secret key, while a strong attacker can only achieve a mean key agreement of 10.8%.

[1]  René Mayrhofer,et al.  Shake Well Before Use: Authentication Based on Accelerometer Data , 2007, Pervasive.

[2]  Rong Jin,et al.  MagPairing: Pairing Smartphones in Close Proximity Using Magnetometers , 2016, IEEE Transactions on Information Forensics and Security.

[3]  Aggelos Kiayias,et al.  Robust key generation from signal envelopes in wireless networks , 2007, CCS '07.

[4]  Moncef Gabbouj,et al.  ShakeMe: Key Generation from Shared Motion , 2015, 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing.

[5]  Hai Su,et al.  Fast and scalable secret key generation exploiting channel phase randomness in wireless networks , 2011, 2011 Proceedings IEEE INFOCOM.

[6]  Bowen Du,et al.  Shake-n-Shack: Enabling Secure Data Exchange Between Smart Wearables via Handshakes , 2018, 2018 IEEE International Conference on Pervasive Computing and Communications (PerCom).

[7]  Pedro Cano,et al.  A review of algorithms for audio fingerprinting , 2002, 2002 IEEE Workshop on Multimedia Signal Processing..

[8]  Neil W. Bergmann,et al.  Walkie-Talkie: Motion-Assisted Automatic Key Generation for Secure On-Body Device Communication , 2016, 2016 15th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN).

[9]  Wade Trappe,et al.  ProxiMate: proximity-based secure pairing using ambient wireless signals , 2011, MobiSys '11.

[10]  Marco Gruteser,et al.  Improving robustness of key extraction from wireless channels with differential techniques , 2012, 2012 International Conference on Computing, Networking and Communications (ICNC).

[11]  Neil W. Bergmann,et al.  Gait-Key , 2017, ACM Trans. Sens. Networks.

[12]  Stephan Sigg,et al.  Secure Communication Based on Ambient Audio , 2013, IEEE Transactions on Mobile Computing.

[13]  Michael K. Reiter,et al.  Seeing-is-believing: using camera phones for human-verifiable authentication , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[14]  Tapio Lokki,et al.  The room acoustic rendering equation. , 2007, The Journal of the Acoustical Society of America.

[15]  Qian Zhang,et al.  Secret from Muscle: Enabling Secure Pairing with Electromyography , 2016, SenSys.

[16]  Jie Yang,et al.  Collaborative secret key extraction leveraging Received Signal Strength in mobile wireless networks , 2012, 2012 Proceedings IEEE INFOCOM.

[17]  Yina Ye,et al.  Checksum gestures: continuous gestures as an out-of-band channel for secure pairing , 2015, UbiComp.

[18]  Sneha Kumar Kasera,et al.  Secret Key Extraction from Wireless Signal Strength in Real Environments , 2009, IEEE Transactions on Mobile Computing.