Go to WC 2019 homepageToward Hardware-Rooted Smartphone Authentication
Abstract: In recent years, an enormous amount of research has been carried out in an attempt to identify smartphones through modeling the manufacturing imperfections of their built-in transducers, which spawned a rich set of hardware fingerprinting methods. However, the vast majority of the work in this area has focused on device tracking and identification. For adversarial settings like forensics and authentication, it remains unclear whether these methods will provide reliable identification results when the outputs of transducers are tampered by adversaries intentionally. In this article, we look into the authentication scenario and investigate the feasibility of using a hardware fingerprint as the unique identity of a smartphone. We discuss various security issues underlying hardware-rooted smartphone authentication and outline two specific attacks that need to be taken into account while designing such a system. We also describe several desirable properties that a fingerprinting method should have in order to be applicable for the authentication scenario. Several classic fingerprinting methods are studied, and their security and usability are analyzed.
0 Replies
Loading