Advertisement

The Martini Synch: Joint Fuzzy Hashing Via Error Correction

  • Darko Kirovski
  • Michael Sinclair
  • David Wilson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4572)

Abstract

Device pairing is a significant problem for a large class of increasingly popular resource-constrained wireless protocols such as Bluetooth. The objective of pairing is to establish a secure wireless communication channel between two specific devices without a public-key infrastructure, a secure near-field communication channel, or electrical contact. We use a surprising user-device interaction as a solution to this problem. By adding an accelerometer, a device can sense its motion in a Cartesian space relative to the inertial space. The idea is to have two devices in a fixed, relative position to each other. Then, the joint object is moved randomly in 3D for several seconds. The unique motion generates approximately the same distinct signal at the accelerometers. The difference between the signals in the two inertially conjoined sensors should be relatively small under normal motion induced manually. The objective is to derive a deterministic key at both sides with maximized entropy that will be used as a private key for symmetric encryption. Currently, our prototype produces between 10–15 bits of entropy per second of usual manual motion using off-the-shelf components.

Keywords

device pairing key exchange secret generation fuzzy hashing error correction 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Haartsen, J., et al.: Bluetooth: Vision, goals, and architecture. Mobile Computing and Communications Review 2, 38–45 (1998)CrossRefGoogle Scholar
  2. 2.
    IETF PKIX workgroup. Public-Key Infrastructure X.509Google Scholar
  3. 3.
    Hinckley, K.: Synchronous Gestures for Multiple Users and Computers. In: ACM UIST Symposium on User Interface Software & Technology, pp. 149–158 (2003)Google Scholar
  4. 4.
    Holmquist, L.E., et al.: Smart-its friends: a technique for users to easily establish connections between smart artefacts. In: Abowd, G.D., Brumitt, B., Shafer, S. (eds.) Ubicomp 2001: Ubiquitous Computing. LNCS, vol. 2201, pp. 116–122. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Rivest, R.L., et al.: A method for obtaining digital signatures and public-key cryptosystems. Communications of ACM 21(2), 120–126 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  6. 6.
    IETF TLS workgroup. Transport Layer SecurityGoogle Scholar
  7. 7.
    Naor, M., Nissim, K.: Certificate revocation and certificate update. USENIX Security Symposium (1998)Google Scholar
  8. 8.
    IEEE 1363-2000: Standard Specifications for Public Key Cryptography.Google Scholar
  9. 9.
    Analog Devices Corp. ADXL330. available on-line at, http://www.analog.com.
  10. 10.
    Massey, J., Khachatrian, G., Kuregian, M.: Nomination of SAFER+ as Candidate Algorithm for the Advanced Encryption Standard. NIST AES Proposal (1998)Google Scholar
  11. 11.
    Fluhrer, S., Lucks, S.: Analysis of the E0 Encryption System. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, Springer, Heidelberg (2001)Google Scholar
  12. 12.
    Lu, Y., Vaudenay, S.: Faster correlation attack on Bluetooth keystream generator E0. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 407–425. Springer, Heidelberg (2004)Google Scholar
  13. 13.
    Armknecht, F.: A linearization attack on the Bluetooth key stream generator. Cryptology ePrint Archive, report 2002/191 (2002), available from http://eprint.iacr.org/2002/191
  14. 14.
    Laurie, A., Herfurt, M., Holtmann, M.: Hacking Bluetooth enabled mobile phones and beyond. In: 21st Chaos Communication Congress (2003)Google Scholar
  15. 15.
    Whitehouse, O.: War nibbling: Bluetooth insecurity. @Stake, research report (2003)Google Scholar
  16. 16.
    Wong, F.-L., Stajano, F.: Repairing the Bluetooth pairing protocol. In: Proceedings of Security Protocols Workshop (2005)Google Scholar
  17. 17.
    Shaked, Y., Wool, A.: Cracking the Bluetooth PIN. International Conference on Mobile Systems, Applications, and Services, pp. 39–50 (2005)Google Scholar
  18. 18.
    Menezes, A.J., et al.: Handbook of applied cryptography. CRC Press, Boca Raton, FL (1997)zbMATHGoogle Scholar
  19. 19.
    Lester, J., et al.: Are You with Me? – Using Accelerometers to Determine If Two Devices Are Carried by the Same Person. Pervasive Computing, pp. 33–50 (2004)Google Scholar
  20. 20.
    Patel, S.N., et al.: A gesture-based authentication scheme for untrusted public terminals. ACM User. Interface Software and Technology, pp. 157–160 (2004)Google Scholar
  21. 21.
    Castelluccia, C., Mutaf, P.: Shake Them Up!: a movement-based pairing protocol for CPU-constrained devices. MobiSys, 2005 (2005)Google Scholar
  22. 22.
    Monga, V., et al.: A Clustering Based Approach to Perceptual Image Hashing. IEEE Transactions on Information Forensics and Security 1(1), 68–79 (2006)CrossRefGoogle Scholar
  23. 23.
    Johnson, M., Ramchandran, K.: Dither-Based Secure Image Hashing Using Distributed Coding. In: IEEE International Conference on Image Processing (2003)Google Scholar
  24. 24.
    Swaminathan, A., Mao, Y., Wu, M.: Robust and Secure Hashing for Images. IEEE Transactions on Information Forensics and Security (2006)Google Scholar
  25. 25.
    Kalker, T., Haitsma, J., Oostveen, J.: Robust audio hashing for content identification. In: International Workshop on Content Based Multimedia Indexing (2001)Google Scholar
  26. 26.
    Burges, C.J., et al.: Distortion discriminant analysis for audio fingerprinting. IEEE Transactions on Speech and Audio Processing 11(3), 165–174 (2003)CrossRefGoogle Scholar
  27. 27.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)Google Scholar
  28. 28.
    Wolfson, H.J., Rigoutsos, I.: Geometric Hashing: An Overview. IEEE Computational Science and Engineering 4(4), 10–21 (1997)CrossRefGoogle Scholar
  29. 29.
    Neumann, J., et al.: Polydioptric camera design and 3d motion estimation. IEEE Conference on Computer Vision and Pattern Recognition II, 294–301 (2003)Google Scholar
  30. 30.
    Berlekamp, E.R.: Algebraic coding theory, p. xiv+466. McGraw-Hill Book, New York (1968)zbMATHGoogle Scholar
  31. 31.
    MacWilliams, F.J., Sloane, N.J.A.: The theory of error-correcting codes. I. North-Holland Mathematical Library, vol. 16, p. xv+369 (1977)Google Scholar
  32. 32.
    Wilson, D.B.: Random random walks on \({Z\!Z}_d^2\). Probability Theory and Related Fields 108(4), 441–457 (1997)zbMATHCrossRefMathSciNetGoogle Scholar
  33. 33.
    Sparkfun, Inc., available on-line at http://www.sparkfun.com
  34. 34.
    Freescale Semiconductors, Corp. available on-line at http://www.freescale.com

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Darko Kirovski
    • 1
  • Michael Sinclair
    • 1
  • David Wilson
    • 1
  1. 1.Microsoft Research 

Personalised recommendations