Discover how one CSU doctoral student has found a way to secure data from our personal devices with our own breathing patterns.
Discover how one CSU doctoral student has found a way to secure data from our personal devices with our own breathing patterns.
From fitness trackers to smart watches to wireless earbuds, wearable technology has become a part of everyday life. However, many of these technologies use Bluetooth or near-field communication (NFC) links which contain sensitive data to wirelessly connect with a user’s smartphone.
According to Jafar Pourbemay, a CSU doctoral student and research assistant in the university's Network Security and Privacy Lab (NSPL), wearable devices "sense, collect, analyze and store a wide range of information about human activities and behaviors to supports a variety of different applications. In many cases, they need to share this data with a base station or other wearable devices."
And because much of this data needs to be protected through encryption, having a shared secure key is a necessity. Shared secure keys encrypt and decrypt messages, safeguarding data as it travels between devices.
Pourbemay has discovered that this protection may be as simple as taking a breath.
“My colleagues and I exploited the breathing pattern to a shared secure key for pairing wearables. This mechanism can generate a secure 256-bit key every 2.85 seconds. In other words, it can pair wearables in around one breathing cycle.”
Some traditional pairing techniques already have security measures in place, so why develop new ones?
Traditional proximity-based pairing techniques, such as Bluetooth, NFC and radio-frequency identification (RFID) may not have secure enough encryption and often require additional action from the user to link them, Pourbemay explained.
“Bluetooth requires selecting a target device from a list of available devices, possibly further secured by a PIN. PIN-based methods need interaction with some sort of input device or display.”
This interaction is often inconvenient and tedious and requires the user to take additional action, a problem Pourbemay's new technology would circumvent.
“Pairing based on observation of a biometric activity is a natural choice because wearable devices are attached to the same body,” Pourbemay said.
Due to its ability to adapt to different types of sensors, the mechanism is compatible with a wide range of devices from smart watches to smart clothes. It is also the first of its kind.
“Our proposed mechanism is the first use of breathing signals to generate shared keys and to securely pair wearable devices. This approach is also the first attempt to pair devices with different sensing mechanisms.”
Pourbemay hopes that with this new technology, autonomous pairing can revolutionize the pairing of wearable devices.