PSP: proximity-based secure pairing of mobile devices using WiFi signals

Abstract

Wireless device-to-device (D2D) communication, which enables direct communication between co-located devices without Internet access, is becoming common. Simultaneously, security issues have become technical barriers to D2D communication due to its “open-air” nature and lack of centralized control. Automatically establishing the secure association between wireless devices that do not share a prior trust remains an open and challenging problem. Recent work has proposed to extract shared keys from the similar ambient radio signals of two co-located wireless devices. Using such methods, information reconciliation based on error-correcting techniques is implemented to make two co-located devices extract the same bitstreams as the shared keys from their similar ambient radio environment. However, due to the bounded capability of the error-correcting code, existing methods can only work effectively in a very short distance range. In this paper, we propose a novel solution, called proximity-based secure pairing (PSP), which allows two wireless devices in physical proximity to automatically authenticate each other and obtain shared keys according to the channel state information of the WiFi signals. In contrast to existing methods, PSP is built on private set intersection computation rather than information reconciliation, which makes it effective over a wider distance range while ensuring security and efficiency. We provide a thorough security analysis and performance evaluation of PSP and demonstrate its advantages in terms of security, efficiency and usability over state-of-the-art methods.