STASH: Securing transparent authentication schemes using prover-side proximity verification

Conference item

Transparent authentication (TA) schemes are those in which a user's prover device authenticates him to a verifier without requiring explicit user interaction. By doing so, those schemes promise high usability and security simultaneously. Most TA implementations rely on the received signal strength as an indicator of the proximity of a user device (prover). However, such implicit proximity verification is not secure against an adversary who can relay messages over a larger distance. In this paper, we propose a novel approach for thwarting relay attacks on TA schemes: the prover permits access to authentication credentials only if it can confirm that it is near the verifier. We present STASH, a system for relay-resilient transparent authentication in which the prover does proximity verification by comparing its approach trajectory towards the intended verifier, with known authorized reference trajectories. Trajectories are measured using low-cost sensors commonly available on personal devices. By analyzing empirical data, collected using a STASH prototype, we demonstrate the security of STASH against a class of adversaries and its ease-of-use. STASH is efficient and can be easily integrated to complement existing TA schemes.

Authors: Juuti, M; Vaas, C; Sluganovic, I; Liljestrand, H; Asokan, N

• Publication status: Published
• Peer review status: Peer reviewed
• Publisher: Institute for Electrical and Electronics Engineers
• Host title: 14th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON 2017)
• Journal: 14th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON 2017)
• Publication date: 2017-07-03
• Acceptance date: 2017-03-14
• DOI: 10.1109/SAHCN.2017.7964922
• Keywords: cs.CR; Conference Proceeding