TU Darmstadt / ULB / TUbiblio

DEMO: Secure Bootstrapping of Smart Speakers Using Acoustic Communication

Scheck, Markus ; Putz, Florentin ; Hessel, Frank ; Leinweber, Hermann ; Crystall, Jonatan ; Hollick, Matthias (2023)
DEMO: Secure Bootstrapping of Smart Speakers Using Acoustic Communication.
WiSec '23: 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks. Guildford, Surrey, United Kingdom (29.05. - 01.06.2023)
doi: 10.26083/tuprints-00024180
Conference or Workshop Item, Primary publication, Publisher's Version

Abstract

Smart speakers are highly privacy-sensitive devices: They are located in our homes and provide an Internet-enabled microphone, making them a prime target for attackers. The pairing between a client device and the speaker must be protected to prohibit adversaries from accessing the device. Most commercial protocols are vulnerable to nearby adversaries as they do not probe for human presence at the speaker or proximity between both devices. In addition to security, the protocol must provide a user-friendly way for initial bootstrapping of the speaker. We design an open pairing protocol for the establishment of a shared secret between both devices using acoustic messaging to guarantee proximity, and release our implementation for the smart speaker as well as Android and Linux clients as open-source software on GitHub.

Item Type: Conference or Workshop Item
Erschienen: 2023
Creators: Scheck, Markus ; Putz, Florentin ; Hessel, Frank ; Leinweber, Hermann ; Crystall, Jonatan ; Hollick, Matthias
Type of entry: Primary publication
Title: DEMO: Secure Bootstrapping of Smart Speakers Using Acoustic Communication
Language: English
Date: 2023
Place of Publication: Darmstadt
Event Title: WiSec '23: 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Event Location: Guildford, Surrey, United Kingdom
Event Dates: 29.05. - 01.06.2023
DOI: 10.26083/tuprints-00024180
URL / URN: https://tuprints.ulb.tu-darmstadt.de/24180
Corresponding Links:
Abstract:

Smart speakers are highly privacy-sensitive devices: They are located in our homes and provide an Internet-enabled microphone, making them a prime target for attackers. The pairing between a client device and the speaker must be protected to prohibit adversaries from accessing the device. Most commercial protocols are vulnerable to nearby adversaries as they do not probe for human presence at the speaker or proximity between both devices. In addition to security, the protocol must provide a user-friendly way for initial bootstrapping of the speaker. We design an open pairing protocol for the establishment of a shared secret between both devices using acoustic messaging to guarantee proximity, and release our implementation for the smart speaker as well as Android and Linux clients as open-source software on GitHub.

Uncontrolled Keywords: Internet of Things, Secure Device Pairing, Device Association, Key Establishment, Key Exchange, Setup, Data over Sound, Authentication, emergenCITY_KOM
Status: Publisher's Version
URN: urn:nbn:de:tuda-tuprints-241809
Classification DDC: 000 Generalities, computers, information > 004 Computer science
Divisions: 20 Department of Computer Science
20 Department of Computer Science > Sichere Mobile Netze
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > emergenCITY
Date Deposited: 29 Jun 2023 11:48
Last Modified: 30 Jun 2023 07:33
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details