Easy Peasy: A New Handy Method for Pairing Multiple COTS IoT Devices

Heng Ye, Qiang Zeng, Jiqiang Liu, Xiaojiang Du, Wei Wang

Research output: Contribution to journalArticlepeer-review

Abstract

Context-based paring is a promising direction for pairing IoT devices constrained in user interfaces (UIs). However, it takes a proximate distance or a long time for IoT devices to sense highly correlated context with enough entropy. In this work, we present a fast and secure approach, named MPairing, to pairing multiple commercial off-the-shelf (COTS) IoT devices. This approach is based on the key idea that devices co-located within a physically-secure boundary can perceive qualified context under the help of human-in-the-loop (HITL). Specifically, we leverage received-signal-strength (RSS) trajectory data with manually-generated interference in a short period as the shared secret to achieve fast and secure pairing. Subsequently, the real-time RSS trajectory data is utilized to generate random numbers in lieu of pre-shared key (PSK), which makes our scheme more resistant to background attacks. We theoretically prove the security of our pairing scheme and implement it in real-world environments. Our experimental results demonstrate that our scheme can effectively defend against malicious devices by imposing a threshold on the similarity of RSS trajectory data. The experimental results also show that, compared with the traditional context-based pairing that takes up to 24 hours, in our scheme it takes only 10 seconds on average for a legitimate device to pass the similarity checking, which is efficient and robust.

Original languageEnglish
Pages (from-to)3483-3494
Number of pages12
JournalIEEE Transactions on Dependable and Secure Computing
Volume20
Issue number4
DOIs
StatePublished - 1 Jul 2023

Keywords

  • IoT pairing
  • human-in-the-loop
  • multiple devices

Fingerprint

Dive into the research topics of 'Easy Peasy: A New Handy Method for Pairing Multiple COTS IoT Devices'. Together they form a unique fingerprint.

Cite this