Easy Peasy: A New Handy Method for Pairing Multiple COTS IoT Devices

Abstract

Context-based IoT device paring is a popular solution for devices that lack an interface. However, it takes a proximate distance or a long time for IoT devices to sense highly correlated context with enough entropy. In this work, we present a novel approach for fast and secure multiple commercial off-theshelf (COTS) devices pairing in IoT scenarios. Our approach is based on the key idea that devices co-located within a physicallysecure boundary can perceive qualified context under the help of human-in-the-loop (HITL). Specifically, we leverage receivedsignal- strength (RSS) trajectory data with manually-generated interferences in a certain period as the shared secret to achieve fast and secure device pairing. Moreover, the real-time RSS trajectory data can be utilized to generate random numbers in lieu of pre-shared key (PSK), which makes our scheme more resistant to background attacks. We theoretically prove the security of our pairing scheme and implement it in some real-world environments. Our experimental results demonstrate that our scheme can effectively defend against malicious devices by imposing a threshold on the similarity of RSS trajectory data. The experimental results also show that, compared with the traditional context-based pairing that takes up to 24 hours, the legitimate device in our scheme takes only 10 seconds to pass the similarity check on average, which is efficient and feasible