Amigo: Proximity-Based Authentication of Mobile Devices

  • Alex Varshavsky
  • Adin Scannell
  • Anthony LaMarca
  • Eyal de Lara
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4717)


Securing interactions between devices that do not know each other a priori is an important and challenging task. We present Amigo, a technique to authenticate co-located devices using knowledge of their shared radio environment as proof of physical proximity. We present evaluation results that show that our technique is robust against a range of passive and active attacks. The key advantages of our technique are that it does not require any additional hardware to be present on the devices beyond the radios that are already used for communication, it does not require user involvement to verify the validity of the authentication process, and it is not vulnerable to eavesdropping.


Mobile Device False Positive Rate Signal Strength False Negative Rate Receive Signal Strength 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Near field communication (nfc),
  2. 2.
    Balfanz, D., Smetters, D., Stewart, P., Wong, H.: Talking to strangers: Authentication in ad-hoc wireless networks. In: Proc. Network and Distributed Systems Security Symposium (2002)Google Scholar
  3. 3.
    Barton, J.J., Zhai, S., Cousins, S.: Mobile phones will become the primary personal computing devices. In: IEEE Workshop on Mobile Computing Systems and Applications, April 2006, IEEE, Los Alamitos (2006)Google Scholar
  4. 4.
    Castelluccia, C., Mutaf, P.: Shake them up!: a movement-based pairing protocol for cpu-constrained devices. In: Proc. of MobiSys, pp. 51–64 (2005)Google Scholar
  5. 5.
    Cheung, H.: How to: Building a bluesniper rifle - part 1 (March 2005),
  6. 6.
    Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory, 644–654 (1976)Google Scholar
  7. 7.
    Freund, Y., Schapire, R.: Experiments with a new boosting algorithm. In: Proc. of International Conference on Machine Learning, pp. 148–156 (1996)Google Scholar
  8. 8.
    Goodrich, M., Sirivianos, M., Solis, J., Tsudik, G., Uzun, E.: Loud and clear: Human-verifiable authentication based on audio. In: Proc. of IEEE Internation Conference on Distributed Computing Systems, IEEE Computer Society Press, Los Alamitos (2006)Google Scholar
  9. 9.
    Holmquist, L.E., Mattern, F., Schiele, B., Alahuhta, P., Beigl, M., Gellersen, H.W.: Smart-its friends: A technique for users to easily establish connections between smart artefacts. In: Abowd, G.D., Brumitt, B., Shafer, S. (eds.) Ubicomp 2001: Ubiquitous Computing. LNCS, vol. 2201, Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Kindberg, T., Zhang, K.: Secure spontaneous device association. In: Dey, A.K., Schmidt, A., McCarthy, J.F. (eds.) UbiComp 2003. LNCS, vol. 2864, Springer, Heidelberg (2003)Google Scholar
  11. 11.
    Kindberg, T., Zhang, K.: Validating and securing spontaneous associations between wireless devices. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Mayrhofer, R., Gellersen, H.: Shake well before use: Authentication based on accelerometer data. In: Fifth International Conference on in Pervasive Computing (2007)Google Scholar
  13. 13.
    McCune, J., Perrig, A., Reiter, M.: Seeing-is-believing: Using camera phones for human-verifiable authentication. In: Proc. of IEEE Symposium on Security and Privacy, pp. 110–124. IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  14. 14.
    Nicholson, A.J., Smith, I.E., Hughes, J., Noble, B.D.: Lokey: Leveraging the sms network in decentralized, end-to-end trust establishment. In: Fishkin, K.P., Schiele, B., Nixon, P., Quigley, A. (eds.) PERVASIVE 2006. LNCS, vol. 3968, Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Rivest, R.L., Shamir, A.: How to expose an eavesdropper. Commun. ACM 27(4), 393–394 (1984)CrossRefGoogle Scholar
  16. 16.
    Saxena, N., Ekberg, J., Kostiainen, K., Asokan, N.: Secure device pairing based on visual channel. In: Proc. of IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos (2006)Google Scholar
  17. 17.
    Shaked, Y., Wool, A.: Cracking the bluetooth pin. In: Proc. of Mobisys (2005)Google Scholar
  18. 18.
    Smetters, D., Balfanz, D., Durfee, G., Smith, T., Lee, K.: Instant matchmaking: Simple, secure virtual extensions to ubiquitous computing environments. In: Dourish, P., Friday, A. (eds.) UbiComp 2006. LNCS, vol. 4206, Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Stajano, F., Anderson, R.J.: The resurrecting duckling: Security issues for ad-hoc wireless networks. In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M. (eds.) Security Protocols. LNCS, vol. 1796, Springer, Heidelberg (2000)Google Scholar
  20. 20.
    Stone, W.C.: NIST Construction Automation Program Report No. 3: Electromagnetic Signal Attenuation in Construction Materials (NISTIR 6055), National Technical Information Service, Washington (October 1997)Google Scholar
  21. 21.
    SWAP-CA. Shared Wireless Access Protocol (Cordless Access) Specification (SWAP-CA), Revision 1.0, The HomeRF Technical Committee (17 December 1998)Google Scholar
  22. 22.
    Uzun, E., Karvonen, K., Asokan, N.: Usability study of secure pairing methods. Technical Report 2007-02, Nokia Research Center (January 2007)Google Scholar
  23. 23.
    Varshavsky, A., LaMarca, A., de Lara, E.: Enabling secure and spontaneous communication between mobile devices using common radio environment. In: IEEE Workshop on Mobile Computing Systems and Applications (HotMobile) (February 2007)Google Scholar
  24. 24.
    Webb, G.: Multiboosting: A technique for combining boosting and wagging. Machine Learning, 159–196 (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Alex Varshavsky
    • 1
  • Adin Scannell
    • 1
  • Anthony LaMarca
    • 2
  • Eyal de Lara
    • 1
  1. 1.Department of Computer Science, University of Toronto 
  2. 2.Intel Research Seattle 

Personalised recommendations