This application relates generally to establishing secure links between wireless devices and, more particularly, to establishing secure links between devices in proximity using ambient wireless signals.
The number of devices with wireless interfaces is growing at an increasingly rapid pace. This growth drives the need for devices to interact as they move about and come in proximity of one another. For example, two people meeting for the first time may wish to exchange data between their wireless devices, or a passenger at a train station may wish to pay for a ticket by having their mobile phone interact with an electronic ticket booth. Securing such interactions from malicious adversaries is an important and challenging problem.
Due to the broadcast nature of the wireless medium, it is difficult to ascertain if a wireless device is really interacting with another wireless device with which the wireless device intends to interact, especially if the wireless device has never encountered the other wireless device before. As a result, setting up a secure link between wireless devices in proximity is presently a cumbersome procedure that often requires significant human intervention in the form of entering a shared key on both devices. Moreover, with the global trend toward miniaturization and increased variety of device form factors, the devices may not have a common set of hardware components required for setting a human-supported secure association. For instance, the devices may or may not have one or more screens, physical buttons, light-emitting diodes (“LEDs”), sensors (e.g., accelerometers), radio frequency identification (“RFID”) chips, and/or near-field communication (“NFC”) chips. The only hardware component that is guaranteed to be present on all interoperable wireless devices is a wireless radio.
Certain technologies demonstrate how the physical shaking of devices equipped with accelerometers can be used to authenticate devices. Unfortunately, this method requires the presence of accelerometers on devices and might be susceptible to attacks where an adversary replicates the shaking movement. Also, this method may not be appropriate in certain scenarios, such as authentication between a public display and a laptop computer. Finally, people have mistakenly used the short-range nature of some wireless technologies, such as BLUETOOTH and NFC, as a way to maintain security. Unfortunately, one cannot rely solely on the short-range nature of these short-range wireless technologies because they are susceptible to attacks by eavesdroppers with powerful, directional antennas. Thus, what is needed is a way to securely exchange information between wireless devices in close proximity without requiring special hardware such as accelerometers, NFC, or BLUETOOTH components.
The use of a common radio environment as a proof of physical proximity was first presented in a technology called Amigo. Amigo relies on the Diffie-Hellman protocol for a secret key exchange between two devices and then utilizes the received signal strength indicator (“RSSI”) from WI-FI packets for a proof of physical proximity. The Diffie-Hellman protocol involves discrete modular exponentiation which is O(n3) in the size n of the desired key. Moreover, the reliance by Amigo on the Diffie-Hellman protocol implicitly assumes that an adversary is computational bounded. Since Amigo relies on a coarse-grained RSSI metric that measures the average received power in a packet preamble, it is relatively simple for an adversary to manipulate in a controlled manner.
It is with respect to these and other considerations that the disclosure made herein is presented.