<formula formulatype="inline"><tex Notation="TeX">${\ssr{PriWhisper}}$</tex> </formula>: Enabling Keyless Secure Acoustic Communication for Smartphones

Abstract

Short-range wireless communication technologies have been used in many security-sensitive smartphone applications and services such as contactless micro payment and device pairing. Typically, the data confidentiality of the existing short-range communication systems relies on so-called “key-exchange then encryption” mechanism, which is inefficient, especially for short communication sessions. In this work, we present ${\ssb{PriWhisper}}$ —a keyless secure acoustic short-range communication system for smartphones. It is designed to provide a software-based solution to secure smartphone communication without the key agreement phase. ${\ssb{PriWhisper}}$ adopts the emerging friendly jamming technique from radio communication for data confidentiality. The system prototype is implemented and evaluated on several Android smartphone platforms for efficiency and usability. We theoretically and experimentally analyze the security of our proposed acoustic communication system against eavesdropping. In particular, we study the (in)separability of the data signal and jamming signal against blind signal segmentation (BSS) attacks such as independent component analysis (ICA). The result shows that ${\ssb{PriWhisper}}$ provides sufficient security guarantees for commercial smartphone applications and yet strong compatibilities with most legacy smartphone platforms. As an application, we also develop ${\ssb{AcousAuth}}$ —a novel smartphone-empowered system for personal authentication.