2019 19th IEEE International Conference on Communication Technology
Listen!: Audio-based Smart IoT Device Pairing Protocol
Shijia Mei, Zhihong Liu, Yong Zeng, Lin Yang, Jian Feng Ma
School of Cyber Engineering
Xidian University
Xi’an, China
e-mail: sjmei@stu.xidian.edu.cn
Abstract—Context-based zero-interaction has become the
trend for smart IoT device pairing. In this paper, we propose a
secure and usable mechanism to authenticate devices co-
located in smart home scenario, and build a secure
communication channel between legitimate devices by utilizing
on-board microphones to capture a common audio context.
After receiving randomly generated sound signals, smart IoT
device uses the time intervals between salient sound signals to
derive audio fingerprint which can be matched among co-
present devices and then be used to bootstrap trust of the
devices. The protocol is based on the idea that devices co-
located within a physical security boundary (e.g., single family
house) can hear similar sounds, and the devices outside would
miss parts of sound signals due to the attenuation when sounds
pass through the wall. To accelerate the generation rate of
audio fingerprint, an extra sound source is introduced. We
implement our protocol on Android devices, and the
experiment results show that the protocol can distinguish the
malicious devices outside from the legitimate devices located
inside a security boundary and can quickly establish a strong
secret-key between legitimate devices.
Keywords-IoT security; context-based pairing; zero-
interaction; smart home
I. INTRODUCTION
With the remarkable growth of the Internet of Things
(IoT) industry, security problems in IoT are becoming
increasingly prominent. Most smart IoT devices utilize Wi-Fi,
Bluetooth, ZigBee and other wireless communication
technologies to share data and coordinate tasks [1]. The data
transmitted between smart IoT devices may involve user’s
health information, property privacy and location privacy.
However, the open nature of wireless channels makes device
communication vulnerable to various security attacks such as
Man-in-the-Middle (MITM) attacks, eavesdropping and
message tampering [2] [3]. It’s critical to establish secure
communication channels between smart IoT devices for
security concerns.
Some early secure device pairing schemes need human
intervention, such as entering a password [4]. However, most
emerging smart IoT devices do not provide user interfaces
like keyboards and displays, such as implantable human
chips in smart medical care [5], pacemakers [6], etc. Besides,
a large number of tiny smart IoT devices make manual
settings infeasible. What’s more, another kind of solutions
based on key predistribution are also unsuitable for a myriad
978-1-7281-0535-2/19/$31.00 ©2019 IEEE 391
of smart IoT devices. Updating and revocation of keys are
difficult and the interconnection between devices from
different vendors is inconvenient.
Currently many context-based zero-interaction secure
device pairing schemes have been proposed [7], [8], [9].
These solutions usually rely on the sensors on the smart IoT
devices to perceive surrounding physical environment. Based
on the principle that the coexisting devices could sense the
similar context, the devices to be paired utilize sensors to
collect information in the physical environment, and
transform the information into a common key.
Among many entropy sources, acceleration and sound
signals are of great concern because their entropy is
relatively large [7] [10]. Acceleration is usually used as the
entropy source for pairing of wearable devices or cars [8].
However, the acceleration entropy source is only suitable for
devices which can move.
The sounds allow any device to participate in the pairing
process as long as it is equipped with microphone sensors.
Schurmann et al. [11] proposed a pairing scheme which uses
ambient noise as the entropy source. The use of ambient
noise is based on the fact that the sound signals produced by
random events in the real world is also random, and an
algorithm in the music recognition system is leveraged to
extract ambient noise fingerprint. Before processing the
sound signals, the algorithm transforms the sound signals
from time domain to the frequency domain, which requires
high computational cost. In practice, the sound signals can be
processed in the time domain using the time interval between
random events as the source of entropy. However, the rate of
key generation using time intervals between random events
in real-world is relatively low [2].
Aiming at this problem, we design a new audio-based
secure device pairing solution, called Listen!, that is
applicable to the pairing scenarios, e.g., smart home scenario,
where smart IoT devices co-located within a security
boundary. As demonstrated in Fig. 1, devices inside a
security boundary could perceive the same audio context
over their coexistence time. However, an adversary outside
the security boundary can’t accurately observe or predict the
sound signals within the boundary.
The drawback of the pairing based solely on ambient
sound is the long pairing time if the ambient sound is sparse.
To shorten the pairing time, an extra sound source is
introduced into Listen!. The sound source can be a home
laptop or a mobile phone with speakers to generate
randomintermittent sound signals. The time intervals
between significant sound signals are quantified and
concatenated into an initial encryption key. Using the time
intervals to quantify entropy has the following advantages: 1)
it does not require too strict time alignment between two
devices; 2) can reduce the effect of sound signal attenuation
on pairing; 3) and can generate chaotic noise with good
randomicity.
In order to evaluate the proposed solution, we use
Android phones as smart IoT devices, and implement ours
protocol prototype on them. Experiment results show that the
protocol can achieve a good result when devices are within
the security boundary and can also effectively defeat the
outdoor attacks.
Extra
Sound Source
Legitimate
Legitimate
Device2
Device1
Figure 1. Application scenario. The outer walls act as security boundaries
between legitimate devices inside and adversary outside.
II. BACKGROUND AND RELATED WORK
Some existing solutions rely on human interactions to
achieve security [12] [13]. One of the works is Checksum
Gestures [12], which codes the authentication information as
a single continuous gesture, then the user is required to
perform the generated gesture to authenticate a secure
channel. Another pairing method [13] is as follows: first, the
user draws Z glyph pattern on two devices simultaneously by
two fingers of the same hand; second, each device
individually exports a set of common features derived from
the pattern; finally, the private set intersection [14] method is
applied to the feature vectors to generate the shared key.
Such solutions suffer from two limitations: the first is that
the large number of devices increase the complexity and
burden to users; second, most emerging smart IoT devices do
not offer user interfaces for human-computer interaction.
Context-based pairing protocols are also widely studied
by researchers [7] [8] [9] [11]. Co-present devices utilize on-
board sensors to capture roughly similar context to pair
without requiring human involvement. Xu et al. [7] proposed
Gait Key leveraging accelerometer to collect acceleration
data then derive the secret key. Gait Key is based on the
392
observation that devices on the same person can obtain
similar acceleration data and it’s hard to imitate others’ gait
pattern precisely. Han et al. [8] proposed a pairing scheme
for vehicle platoon. Context fingerprints used for
authentication can be generated from vehicle acceleration.
The acceleration in the direction of gravity of vehicles
driving on the same lane are similar under the influence of
pavement cracks, bumps and traffic conditions. Solutions
based on acceleration are not suitable for devices which are
inconvenient to move, such as devices in smart home
scenario. Some approaches use illumination or ambient noise
as the source of entropy [9], and these approaches usually
have low key generation rate. Solutions [11] based on audio
always convert sound signals to frequency domain, and the
complexity of Fourier transform leads to high energy cost
and make it unfeasible for tiny smart IoT devices.
III. SYSTEM MODEL
A. Threat Model
In our threat model, an adversary’s device Eve is placed
outside the security boundary but within the wireless
communication range of legitimate devices. Security
boundary refers to the physical boundary of a house inside
which the legitimate devices are owned and operated by a
common entity (e.g., home owner). Eve’s goal is to pairing
with legitimate device successfully then steal the private or
sensitive information for its personal gain. It can participate
in the pairing procedure and launch following attacks to
achieve its goal.
Eavesdropping: Eve outside the security boundary
attempts to hear the random intermittent sound signals
generated by the extra sound source inside. It is equipped
with the standard off-the-shelf IoT sensors that are
comparable to legitimate devices inside the boundary.
Signal injection: Eve may launch signal injection attack
by creating events with sound signals outside the security
boundary to let the legitimate device perceive the sounds.
Furthermore, adversary Eve may mount Man-in-the-
Middle attack on key agreement procedure between a pair of
legitimate devices by simply intercepting messages
exchanged over unsecure wireless channels.
B. Assumptions and Constraints
We assume that all smart IoT devices within the same
security boundary are trusted, i.e., the devices within the
security boundary are legitimate. Non-authorized person has
no access to the security boundary. We also assume that the
family members and authorized guests are not malicious.
IV. DESIGN OVERVIEW
A. Extra Sound Source
It may take a long time for devices to collect sufficient
valid signals to extract audio fingerprint if we only rely on
random ambient events. To accelerate the generation of
audio fingerprint, we introduce an extra sound source which
can continuously produce fixed frequency intermittent sound
signals at random time intervals.
 The program that produces the extra sound signals can be
run on a smart IoT device equipped with speakers, such as
personal computer, smart phone or smart intelligent speaker.
User can place the extra sound source in the vicinity of
legitimate devices to be paired. Since the extra sound source
is controllable, it’s feasible to generate the intermittent sound
signals with random time intervals in a short time to shorten
the pairing procedure.
The signals broadcasted by the extra sound source can be
divided into two categories: audible sound and ultrasound.
The frequency of audible sound is within the range of 20Hz-
20KHz. Ultrasound refers to acoustic waves that lie within a
frequency range above audible sound(20KHz-20MHz).
At present, general devices with microphones can only
broadcast audible sound. To produce ultrasound, more
specialized equipment is required. Given that extra sound
source can only emit the audible sound signals, to simplify
the generation of specific sound, we choose a sine wave
which lasts for tS milliseconds with frequency f within 20Hz-
20KHz and amplitude fixed at Am dB. The last parameter is
random time interval tR, which can be calculated as follows:
information with other devices, she initiates the pairing
process by broadcasting a request message ActivePair. After
receiving the pairing request, Bob replies with a PairIsOk
message. If Alice also wish to pair with Bob, she responds
with a PairStart message, then they start to sample the
ambient sound signals. After sampling, both devices step into
Key Generation phase. First, they generate the audio
fingerprint independently, then leverage reconciliation to
correct the fingerprint mismatch and obtain the same audio
fingerprint. Finally, two devices step into Key Confirmation
phase to derive the secret key from audio fingerprint and to
verify the derived secret key is actually matched, Bob uses
the secret key to challenge Alice. If Alice can solve the
challenge correctly, they consider the pairing successful.

 tR = Random(1,16) × tU   Figure 2. Extraction of audio fingerprint.

*GZG 1K_ 1K_ *GZG

Random(1,16) is a random number generator that can /TOZOGRO`GZOUT
)URRKIZOUT -KTKXGZOUT )UTLOXSGZOUT 9NGXOTM
randomly generate an integer in [1,16], and tU is the unit time
of the interval. For example, Random(1,16) generates a
number 3 at random, and tU equals 10 milliseconds, then tR is 'ROIK

calculated to be 30 milliseconds, which means the next ① ②

③ +TIX_VZKJ
intermittent sound signal will be emit after 30 milliseconds. *GZG
(UH
B. Fingerprint Extraction
The main idea behind our protocol is that devices in the ① 'IZO\K6GOX
② 6GOX/Y5Q Salient Sound
Reconciliation
vicinity will hear the same ambient sound produced by ③6GOX9ZGXZ Signal Detection

random events occurred inside the security boundary. To

accelerate the generation of audio fingerprint, extra sound Figure 3. Workflow of devices pairing scheme.
source is introduced. The whole acoustic context for smart
IoT devices will consist of the ambient sounds produced by V. IMPLEMENTATION
random events and the sound signals emitted by the extra
sound source. We now present our implementation of Listen!. At first
Fig. 2 illustrates how the salient sound signals and time each device samples sound signals at frequency FS for a
intervals are used to create audio fingerprint. As depicted in period of time TS.
the figure, salient sound signals are much more obvious than A. Salient Sound Detection
background noise and we can utilize a short time energy
method to detect those sound signals. More precisely, each
device firstly collects the time-series sound signal data, then
detects the salient sound signals and marks the starting points
of the salient sound signals. Next, each device calculates
inter-salient-sound times ti. Finally, the audio fingerprint,
FAudio, is computed by concatenating bit-representations of
intervals as FAudio = {t1 || t2 || …… || tn}. Two devices co-
located will obtain the similar fingerprints which can be used
to negotiate a secret key.
C. Protocol Design
The protocol consists of three stages. As depicted in Fig.
3, in Initialization phase, a three-way handshake is utilized
for devices Alice and Bob to discover each other and Figure 4. Salient sound signal processing. (a) raw data; (b) noise reduction;
bootstrap the pairing procedure. If Alice wants to get or share and (c) thresholding on short time energy.

393
 To diminish the background noise influence and Interval shifting occurs when certain salient sound
improve signal fidelity, a low-pass filter is applied on the signal is detected at one device but is lost at another device.
collected sound data to reduce noise. The result after noise Interval shifting will cause all subsequent time intervals
reduction is shown in Fig. 4(b). mismatch. We use edit distance to quantify the differences
Based on the salient sound signals have higher energy under interval shifting situation. Edit distance between two
than the ambient noise, the short time energy is leveraged to strings is the minimum number of edit operations such as
detect the salient sound signals. First, we divide the sound insertion, deletion or replacement of a single character. Fig.
signals into N frames while each frame contains M samples. 5 shows when interval shifting happens, audio fingerprints
To reduce spectrum leakage, each frame is “multiplied” by are similar in edit distance, but very different in hamming
Hanning window function. Then the short time energy of distance. Fuzzy commitment doesn’t work now, we utilize
each frame is computed as follows: string reconciliation to reconcile two audio fingerprints
M 1
under this situation.
En ¦x
m 0
2
n (m) , where 1 d n d N (2) C. Key Confirmation
After reconciliation, Alice and Bob have got a common
En is short time energy of the n-th frame of collected audio fingerprint. Let the audio fingerprints after
data. xn(m) is the value of m-th sample in n-th frame. reconciliation are F'A and F'B respectively. Both of them use
Next, we normalize the short time energy of each frame a key derivation function KDF(·) to get the secret keys
to the range of [0,1]. Finally, thresholding is performed as KAlice=KDF(F'A) and KBob = KDF(F'B).
shown in Fig. 4(c) to detect the starting points of salient Bob generates a random nonce nB, and computes the
sound signals. We concatenate the binary representation of Message Authentication Code MACKBob (nB ) with key KBob,
time intervals between two adjacent starting points as the
audio fingerprint FAudio = {t1 || t2 || ……|| tn}. then sends the message hash(F'B) || nB || MACKBob (nB ) to
B. Information Reconciliation Alice.
Alice computes the MACK Alice (nB ) , and compares the
Because Alice and Bob get the audio fingerprint
independently, there may be some time interval mismatches MACK Alice (nB ) with MACKBob (nB ) .
between their fingerprints FA and FB due to ambient noise.
If MACK Alice (nB ) = MACKBob (nB ) , Alice generates a
There are two types of mismatches, quantitative difference
and interval shifting. random nonce nA, and sends to Bob the message nA ||
Quantitative difference occurs when Alice and Bob MACK Alice (nB ||nA ) .
quantify the time duration between two adjacent salient
Bob then computes MACKBob (nB ||nA ) and compares it
sound signals, they may get two different time durations.
We can use hamming distance hamming(·,·) to represent with MACK Alice (nB ||nA ) , if they are equal, then pairing is
quantitative differences. If hamming(FA, FB) is less than a successful. The secret key can be used by symmetric key
predefined threshold H, fuzzy commitment [15] can be used algorithms such as AES to ensure secure communication
to reconcile audio fingerprints. However, if the number of between Alice and Bob.
mismatches exceeds the correction capability of the
algorithm, interval shifting situation may be taken into VI. EVALUATION AND DISCUSSION
considerations. To analyze the feasibility of our approach, we performed
)$XGLRRI$OLFH D__D__D__D__DĂĂ several experiments in different contexts investigating in
D D D D D real contextual settings. We implemented Listen! as an
'ROIK Android OS application. The system is implemented in Java,
and the Android version is 8.0.0. Message Authentication
D DLLVWLPHLQWHUYDOFRPSXWHGE\$OLFH
Code algorithm is implemented by HMAC-MD5.
)$XGLRRI%RE E__E__E__EĂĂ
A. Experiment Set-up
E E DD E E
We install the prototype on XiaoMi smartphones with
(UH
MEMS microphones whose frequency response ranges from
100 Hz to 20 kHz. The sampling rate of devices used in
E ELLVWLPHLQWHUYDOFRPSXWHGE\%RE
experiments is 8000 Hz. We conducted experiments in an
D = E D E office whose outer walls are acted as the security boundary
D z E D E
for the legitimate devices inside. The collection software on
D z E D E
D z E D E
the legitimate devices Alice and Bob continuously measures
D z E

D E

the sound signal levels in the device’s context and attempts








to establish a secret key between Alice and Bob. In these
F $XGLRILQJHUSULQWVDUHVLPLODULQHGLWGLVWDQFH experiments an extra sound source is placed inside the
ZKLOHYHU\GLIIHUHQWLQKDPPLQJGLVWDQFH boundary. We also assumed that there is an adversary Eve
Figure 5. Interval shifting example located outside the security boundary, and he can launch

394
eavesdropping and sound signal injection attacks, as
depicted in Fig. 6. What’s more, the Man-in-the-Middle
(MITM) attack against our protocol rarely occurs, as Alice
and Bob only exchange a tiny part information of audio
fingerprint during the reconciliation stage. Therefore, the
audio fingerprint will not be compromised by MITM.
Set-up 1. Experiment with ambient noise. Alice and
Bob just collect the ambient sound signals produced by
random events in the surroundings.
Set-up 2. Experiment with extra sound source. In this
setting, as shown in Fig. 6, an extra sound source is placed
inside the security boundary, broadcasting sound signals at
random time intervals. The time unit of interval for extra
sound source is tU, which can be set as a value in the range
[10,100] milliseconds.
Wall
Device 1 Device 2
Adversary
Extra Sound
Source
Figure 6. Experiment setting with extra sound source
B. Effect of Introducing Extra Sound Source
To evaluate the contribution of extra sound source, we
conducted several experiments to calculate how long it will
take to get a 128-bit audio fingerprint in the settings with or
without the extra sound source.
First, we investigated whether smart IoT devices only
collecting the ambient sound can successfully establish
similar enough fingerprints to be used for key establishment
and how long it will take. We conduct 30 experiments under
the setting without extra sound source. Operators are asked
to perform the following tasks: knock on a door, walk in the
office, talk with others, make two objects to collide to make
a relatively loud noise. The experimental results show that
the average pairing time is 5.37 minutes.
For the setting with an extra sound source, we set the
unit time of interval tU to be 50 milliseconds, and the time
interval of each sound signal tS is 10 milliseconds. If the
distance between Alice and Bob is relatively close and the
environment is quiet, two legitimate devices can pair
successfully in 1 minute, and the fingerprints have good
randomness which can satisfy the randomness demand of a
secret key.
C. Detection Abilities for Salient Sound Signals
We now evaluate the performance of legitimate devices
and adversary in distinguishing salient sound signals from
the ambient noise. Recall from the Section V-A that a
395
parameter of interest is the threshold Thr to detect salient
sound signals which have comparatively large energy. In
this experiment, we tested the method in different set-ups
with different threshold Thr.
The experiments are conducted in an office where the
two legitimate devices and an extra sound source are placed
on a table located in the middle of the office. The adversary
Eve is deployed outside the office. We let someone increase
ambient noise by performing the following actions:
knocking on the door, walking across the room, clapping
hands, talking and colliding two objects.
Fig. 7 depicts the sound signals detected by the
legitimate devices and the adversary. We can find that the
co-located devices Alice and Bob clearly show the similarity
in their respective fingerprints, but the similarity with Eve is
relatively low.
The experimental results show that the Thr = 0.3, Thr =
0.4 and Thr = 0.5 would detect the salient sound signals
more accurately. We can improve our protocol in
information reconciliation stage. Pairing devices can try
three times to reconcile the audio fingerprint using different
threshold 0.3, 0.4, 0.5 respectively. Finally, the pairing
success rate between legitimate devices is 85 percent which
is extremely high than pairing success rate with adversary
which is only 10 percent.
Figure 7. Alice and Bob are legitimate devices placed in the office and
Adversary is placed outside.
D. Effect of Distances to Pairing Success Rate
We also studied the effect of distances to pairing success
rate. We placed the extra sound source in the middle of the
office and conducted two sets of experiments. First, we
placed the legitimate devices Alice and Bob at the same
distance from extra sound source, and the distance varied
from 1 to 5 meters. From Fig. 8(a) we can conclude that the
farther the device is from the sound source, the lower the
pairing success rate is.
Second, we fixed Alice 1 meter away from the extra
sound source, and the distance between Bob and the extra
sound source varied from 1 to 5 meters. Comparing the Fig.
8(a) with Fig. 8 (b), the pairing success rate is higher when
the distances between the legitimate devices and the sound
source are same.
 Figure 8. Effect of distances to pairing success rate.
E. Effect of Background Noise
In the experiments above, we kept the background
ambient noise at a low level. We also tested the scenario in
different set-ups with different ambient sound intensity. The
density of the ambient noise changes from 50 dB, 60 dB, to
70 dB. We fixed the distance between legitimate devices
and the extra sound source to 1 meter. A total of 20
experiments are conducted, and the results show that the
pairing success rate is 0.7, 0.65, 0.5 respectively. This
implies that as the background noise increases, the signal to
noise ratio for the salient sound signals degrades, incurring
higher salient sound signals detection false probability.
F. Discussions
Simultaneous events. In real world, a single random
event happens per time period may not always be true, and
usually multiple events may occur simultaneously. Because
our protocol depends on the sound produced by random
events, there is no need to worry about the order of events or
whether they overlap.
Public and shared space. Our protocol is potentially
unfeasible to be applied in public and shared space. Because
the protocol is based on the assumption that physical
boundaries can protect the legitimate devices from
adversaries. However, if the enemy is far away, it is difficult
for him to distinguish between the ambient noise and the
sound from the extra sound source.
VII. CONCLUSION
We propose Listen! for zero-interaction, secure pairing of
smart IoT devices using ambient audio information
collected by microphones. Our protocol leverages the
interval time of salient sound signals produced by random
events to autonomously bootstrap a shared secret key which
is used by smart IoT devices to encrypt the communication.
We implement the prototype of our system on Android
mobile phones, and conduct experiments to proof the
feasibility of Listen!. Compared with similar methods, this
method has shorter pairing time and stronger security. The
randomness of the secret key is controllable, not relying
solely on the sparse environmental events.
396
REFERENCES
[1] M. Fomichev, F. lvarez, D. Steinmetzer, P. Gardner-Stephen, and M.
Hollick, “Survey and systematization of secure device pairing,” IEEE
Communications Surveys Tutorials, vol. 20, no. 1, pp. 517–550, First
quarter 2018.
[2] J. Han, A. J. Chung, M. K. Sinha, M. Harishankar, S. Pan, H. Y. Noh,
P. Zhang, and P. Tague, “Do you feel what i hear? enabling
autonomous iot device pairing using different sensor types,” in 2018
IEEE Symposium on Security and Privacy (SP), May 2018, pp. 836–
852.
[3] J. M. McCune, A. Perrig, and M. K. Reiter, “Seeing-is-believing:
using camera phones for human-verifiable authentication,” in 2005
IEEE Symposium on Security and Privacy (S P’05), May 2005, pp.
110–124.
[4] W.-F. Alliance, “Wi-fi protected setup specification, version 1.0h,”
December 2006.
[5] W. Burleson, “Keynote talk i: Security and privacy in implantable
medical devices: An ongoing concern,” in Twelfth Acm/ieee
International Conference on Formal Methods & Models for Codesign,
2014.
[6] M. Rostami, A. Juels, and F. Koushanfar, “Heart-to-heart (h2h):
Authentication for implanted medical devices,” 11 2013, pp. 1099–
1112.
[7] W. Xu, C. Javali, G. Revadigar, C. Luo, N. Bergmann, and H. Wen,
“Gait-key: A gait-based shared secret key generation protocol for
wearable devices,” Acm Transactions on Sensor Networks, vol. 13,
no. 1, p. 6, February 2017.
[8] J. Han, M. Harishankar, X. Wang, A. Jin Chung, and P. Tague,
“Convoy: Physical context verification for vehicle platoon
admission,” February 2017, pp. 73–78.
[9] M. Miettinen, N. Asokan, T. Nguyen, A.-R. Sadeghi, and M. Sobhani,
“Context-based zero interaction pairing and key evolution for
advanced personal devices,” Proceedings of the ACM Conference on
Computer and Communications Security, pp. 880–891, 11 2014.
[10] P. Xie, J. Feng, Z. Cao, and J. Wang, “Genewave: Fast authentication
and key agreement on commodity mobile devices,” IEEE/ACM
Transactions on Networking, vol. 26, no. 4, pp. 1688–1700, Aug 2018.
[11] D. Schurmann and S. Sigg, “Secure communication based on ambient
audio,” IEEE Transactions on Mobile Computing, vol. 12, no. 2, pp.
358–370, 2013.
[12] I. Ahmed, Y. Ye, S. Bhattacharya, N. Asokan, G. Jacucci, P. Nurmi,
and S. Tarkoma, “Checksum gestures: continuous gestures as an out-
of-band channel for secure pairing.” 2015 ACM International Joint
Conference, 2015.
[13] L. Li, X. Zhao, and G. Xue, “A proximity authentication system for
smartphones,” IEEE Transactions on Dependable & Secure
Computing, vol. 13, no. 6, pp. 605–616, 2016.
[14] S. Jarecki and X. Liu, “Fast secure computation of set intersection,”
in International Conference on Security & Cryptography for
Networks, 2010.
397
[15] A. Alsaggaf and H. Acharya, “A fuzzy commitment scheme,”
Computer Science, no. 3, pp. 367–377, 2008.
[16] S. Agarwal, V. Chauhan, and A. Trachtenberg, “Bandwidth efficient
string reconciliation using puzzles,” IEEE Transactions on Parallel
and Distributed Systems, vol. 17, no. 11, pp. 1217–1225, Nov 2006