A Signal Injection Attack Against Zero Involvement Pairing and Authentication for the Internet of Things

Isaac Ahlgren; Jack West; Kyuin Lee; George K. Thiruvathukal; Neil Klingensmith

A Signal Injection Attack Against Zero Involvement Pairing and Authentication for the Internet of Things

Isaac Ahlgren, Jack West, Kyuin Lee, George K. Thiruvathukal, Neil Klingensmith

Department of Computer Science

Research output: Contribution to journal › Article › peer-review

Abstract

Zero Involvement Pairing and Authentication (ZIPA) is a promising technique for auto-provisioning large networks of Internet-of-Things (IoT) devices. In this work, we present the first successful signal injection attack on a ZIPA system. Most existing ZIPA systems assume there is a negligible amount of influence from the unsecured outside space on the secured inside space. In reality, environmental signals do leak from adjacent unsecured spaces and influence the environment of the secured space. Our attack takes advantage of this fact to perform a signal injection attack on the popular Schurmann & Sigg algorithm. The keys generated by the adversary with a signal injection attack at 95 dBA is within the standard error of the legitimate device.

Original language	American English
Journal	Computer Science: Faculty Publications and Other Works
State	Published - May 13 2024

Keywords

IoT
security
zero-involvement authentication
attacks

Disciplines

Computer Sciences
OS and Networks

Access to Document

https://arxiv.org/abs/2311.04433

Cite this

@article{4cee0890c89c4bb0b774cb55a446d47f,

title = "A Signal Injection Attack Against Zero Involvement Pairing and Authentication for the Internet of Things",

abstract = " Zero Involvement Pairing and Authentication (ZIPA) is a promising technique for auto-provisioning large networks of Internet-of-Things (IoT) devices. In this work, we present the first successful signal injection attack on a ZIPA system. Most existing ZIPA systems assume there is a negligible amount of influence from the unsecured outside space on the secured inside space. In reality, environmental signals do leak from adjacent unsecured spaces and influence the environment of the secured space. Our attack takes advantage of this fact to perform a signal injection attack on the popular Schurmann \& Sigg algorithm. The keys generated by the adversary with a signal injection attack at 95 dBA is within the standard error of the legitimate device.",

keywords = "IoT, security, zero-involvement authentication, attacks",

author = "Isaac Ahlgren and Jack West and Kyuin Lee and Thiruvathukal, \{George K.\} and Neil Klingensmith",

note = "Ahlgren, I., West, J., Lee, K., Thiruvathukal, G.K., \& Klingensmith, N. (2023). SyncBleed: A Realistic Threat Model and Mitigation Strategy for Zero-Involvement Pairing and Authentication (ZIPA). In Proceedings of 6th Workshop on Design Automation for CPS and IoT (DESTION 2024). arXiv:2311.04433v1.",

year = "2024",

month = may,

day = "13",

language = "American English",

journal = "Computer Science: Faculty Publications and Other Works",

}

TY - JOUR

T1 - A Signal Injection Attack Against Zero Involvement Pairing and Authentication for the Internet of Things

AU - Ahlgren, Isaac

AU - West, Jack

AU - Lee, Kyuin

AU - Thiruvathukal, George K.

AU - Klingensmith, Neil

N1 - Ahlgren, I., West, J., Lee, K., Thiruvathukal, G.K., & Klingensmith, N. (2023). SyncBleed: A Realistic Threat Model and Mitigation Strategy for Zero-Involvement Pairing and Authentication (ZIPA). In Proceedings of 6th Workshop on Design Automation for CPS and IoT (DESTION 2024). arXiv:2311.04433v1.

PY - 2024/5/13

Y1 - 2024/5/13

N2 - Zero Involvement Pairing and Authentication (ZIPA) is a promising technique for auto-provisioning large networks of Internet-of-Things (IoT) devices. In this work, we present the first successful signal injection attack on a ZIPA system. Most existing ZIPA systems assume there is a negligible amount of influence from the unsecured outside space on the secured inside space. In reality, environmental signals do leak from adjacent unsecured spaces and influence the environment of the secured space. Our attack takes advantage of this fact to perform a signal injection attack on the popular Schurmann & Sigg algorithm. The keys generated by the adversary with a signal injection attack at 95 dBA is within the standard error of the legitimate device.

AB - Zero Involvement Pairing and Authentication (ZIPA) is a promising technique for auto-provisioning large networks of Internet-of-Things (IoT) devices. In this work, we present the first successful signal injection attack on a ZIPA system. Most existing ZIPA systems assume there is a negligible amount of influence from the unsecured outside space on the secured inside space. In reality, environmental signals do leak from adjacent unsecured spaces and influence the environment of the secured space. Our attack takes advantage of this fact to perform a signal injection attack on the popular Schurmann & Sigg algorithm. The keys generated by the adversary with a signal injection attack at 95 dBA is within the standard error of the legitimate device.

KW - IoT

KW - security

KW - zero-involvement authentication

KW - attacks

UR - https://ecommons.luc.edu/cs_facpubs/367

UR - https://arxiv.org/abs/2311.04433

M3 - Article

JO - Computer Science: Faculty Publications and Other Works

JF - Computer Science: Faculty Publications and Other Works

ER -

A Signal Injection Attack Against Zero Involvement Pairing and Authentication for the Internet of Things

Abstract

Keywords

Disciplines

Access to Document

Other files and links

Cite this