TY - GEN
T1 - Eolo: IoT Proximity-based Authentication via Pressure Correlated Variations
AU - Ibrahim, Omar Adel
AU - Oligeri, Gabriele
AU - Di Pietro, Roberto
N1 - Generated from Scopus record by KAUST IRTS on 2023-09-20
PY - 2022/1/1
Y1 - 2022/1/1
N2 - Wireless channels are typically protected by crypto-graphic solutions. However, when those solutions cannot be applied (e.g. resource constrained such as Internet of Things (IoT)) or an additional layer of security is deemed necessary, it is possible to resort to auxiliary authenticatable out-of-band (OOB) channels. In this paper, we introduce Eolo, a novel, zero-interaction pairing approach to secure industrial IoT devices. Our solution pairs devices based on correlated ambient air pressure data. Eolo can serve, among others, as a co-location, key-based verification extension mechanism to support key agreement protocols such as Diffie-Hellman (DH). Indeed, the cited protocols are susceptible to man-in-the-middle (MITM) attacks. With our solution, the pairing devices first agree on a shared secret, then verify co-location by exchanging information related to the barometric pressure readings. Our proposed methodology is also experimentally verified by more than 115 hours of real data collected from an extensive measurement campaign in an open outdoor areas. To the best of our knowledge, Eolo represents the first solution leveraging barometric pressure to achieve context-pairing and key verification for devices in close proximity. Further, the applications of the proposed solution extends also well beyond the discussed scenario, being applicable for instance also to underwater context. As such, we believe that the proposed solution, other than being relevant on its own, also opens up further research avenues.
AB - Wireless channels are typically protected by crypto-graphic solutions. However, when those solutions cannot be applied (e.g. resource constrained such as Internet of Things (IoT)) or an additional layer of security is deemed necessary, it is possible to resort to auxiliary authenticatable out-of-band (OOB) channels. In this paper, we introduce Eolo, a novel, zero-interaction pairing approach to secure industrial IoT devices. Our solution pairs devices based on correlated ambient air pressure data. Eolo can serve, among others, as a co-location, key-based verification extension mechanism to support key agreement protocols such as Diffie-Hellman (DH). Indeed, the cited protocols are susceptible to man-in-the-middle (MITM) attacks. With our solution, the pairing devices first agree on a shared secret, then verify co-location by exchanging information related to the barometric pressure readings. Our proposed methodology is also experimentally verified by more than 115 hours of real data collected from an extensive measurement campaign in an open outdoor areas. To the best of our knowledge, Eolo represents the first solution leveraging barometric pressure to achieve context-pairing and key verification for devices in close proximity. Further, the applications of the proposed solution extends also well beyond the discussed scenario, being applicable for instance also to underwater context. As such, we believe that the proposed solution, other than being relevant on its own, also opens up further research avenues.
UR - https://ieeexplore.ieee.org/document/9947258/
UR - http://www.scopus.com/inward/record.url?scp=85143389562&partnerID=8YFLogxK
U2 - 10.1109/CNS56114.2022.9947258
DO - 10.1109/CNS56114.2022.9947258
M3 - Conference contribution
SN - 9781665462556
SP - 109
EP - 117
BT - 2022 IEEE Conference on Communications and Network Security, CNS 2022
PB - Institute of Electrical and Electronics Engineers Inc.
ER -