MagPairing: Pairing Smartphones in Close Proximity Using Magnetometers
Abstract: With the prevalence of mobile computing, lots of wireless devices need to establish secure communication on the fly without pre-shared secrets. Device pairing is critical for bootstrapping secure communication between two previously unassociated devices over the wireless channel. Using auxiliary out-ofband channels involving visual, acoustic, tactile, or vibrational sensors has been proposed as a feasible option to facilitate device pairing. However, these methods usually require users to perform additional tasks, such as copying, comparing, and shaking. It is preferable to have a natural and intuitive pairing method with minimal user tasks. In this paper, we introduce a new method, called MagPairing, for pairing smartphones in close proximity by exploiting correlated magnetometer readings. In MagPairing, users only need to naturally tap the smartphones together for a few seconds without performing any additional operations in authentication and key establishment. Our method exploits the fact that smartphones are equipped with tiny magnets. Highly correlated magnetic field patterns are produced when two smartphones are close to each other. We design MagPairing protocol and implement it on Android smartphones. We conduct extensive simulations and real-world experiments to evaluate MagPairing. Experiments verify that the captured sensor data on which MagPairing is based has high entropy and sufficient length, and is nondisclosure to attackers more than few centimeters away. Usability tests on various kinds of smartphones by
totally untrained users show that the whole pairing process needs only 4.5 s on average with more than 90% success rate.