research-article

ShakeUnlock: Securely Unlock Mobile Devices by Shaking them Together

Authors:

Rainhard Dieter Findling,

Muhammad Muaaz,

René MayrhoferAuthors Info & Claims

MoMM '14: Proceedings of the 12th International Conference on Advances in Mobile Computing and Multimedia

Pages 165 - 174

https://doi.org/10.1145/2684103.2684122

Published: 08 December 2014 Publication History

Abstract

The inherent weakness of typical mobile device unlocking approaches (PIN, password, graphic pattern) is that they demand time and attention, leading a majority of end users to disable them, effectively lowering device security.

We propose a method for unlocking mobile devices by shaking them together, implicitly passing the unlocked state from one device to another. One obvious use case includes a locked mobile phone and a wrist watch, which remains unlocked as long as strapped to the user's wrist. Shaking both devices together generates a one-time unlocking event for the phone without the user interacting with the screen. We explicitly analyze the usability critical impact of shaking duration with respect to the level of security. Results indicate that unlocking is possible with a true match rate of 0.795 and true non match rate of 0.867 for a shaking duration as short as two seconds.

References

[1]

S. Antifakos, B. Schiele, and L. E. Holmquist. Grouping mechanisms for smart objects based on implicit interaction. In Proceedings of UBICOMP 2003 Interactive Posters, pages 207--208, Seattle, Washington, USA, 2003.

[2]

A. J. Aviv, K. Gibson, E. Mossop, M. Blaze, and J. M. Smith. Smudge attacks on smartphone touch screens. In Proceedings of the 4th USENIX conference on offensive technologies, pages 1--7, Berkeley, CA, USA, 2010.

Digital Library

[3]

N. Ben-Asher, N. Kirschnick, H. Sieger, J. Meyer, A. Ben-Oved, and S. Möller. On the need for different security methods on mobile phones. In Proceedings of the 13th International Conference on Human Computer Interaction with Mobile Devices and Services, MobileHCI '11, pages 465--473, New York, NY, USA, 2011. ACM.

Digital Library

[4]

D. Bichler, G. Stromberg, M. Huemer, and M. Löw. Key generation based on acceleration data of shaking processes. In Proceedings of the 9th International Conference on Ubiquitous Computing, UbiComp '07, pages 304--317, Berlin, Heidelberg, 2007. Springer-Verlag.

Digital Library

[5]

C. Castelluccia and P. Mutaf. Shake them up!: A movement-based pairing protocol for cpu-constrained devices. In Proceedings of the 3rd International Conference on Mobile Systems, Applications, and Services, MobiSys '05, pages 51--64, New York, NY, USA, 2005. ACM.

Digital Library

[6]

N. Clarke and S. Furnell. Authentication of users on mobile telephones -- a survey of attitudes and practices. Computers and Security, 24(7):519--527, 2005.

Digital Library

[7]

W. Dargie. Analysis of time and frequency domain features of accelerometer measurements. In Proceedings of 18th Internatonal Conference on Computer Communications and Networks, 2009. ICCCN 2009., pages 1--6, 2009.

Digital Library

[8]

K. Fujinami and S. Pirttikangas. A study on a correlation coefficient to associate an object with its user. In 3rd International Conference on Intelligent Environments, 2007, IE 07, pages 288--295, 2007.

[9]

B. Groza and R. Mayrhofer. Saphe: Simple accelerometer based wireless pairing with heuristic trees. In Proceedings of the 10th International Conference on Advances in Mobile Computing & Multimedia, MoMM '12, pages 161--168, New York, NY, USA, 2012. ACM.

Digital Library

[10]

K. Hinckley. Synchronous gestures for multiple persons and computers. In Proceedings of the 16th Annual ACM Symposium on User Interface Software and Technology, UIST '03, pages 149--158, New York, NY, USA, 2003. ACM.

Digital Library

[11]

D. Hintze, R. D. Findling, S. Scholz, and R. Mayrhofer. Mobile device usage characteristics: The effect of context and form factor on locked and unlocked usage. In Proc. MoMM 2014: 12th International Conference on Advances in Mobile Computing and Multimedia, New York, NY, USA, Dec. 2014. ACM.

Digital Library

[12]

L. E. Holmquist, F. Mattern, B. Schiele, P. Alahuhta, M. Beigl, and H.-W. Gellersen. Smart-its friends: A technique for users to easily establish connections between smart artefacts. In Proceedings of the 3rd International Conference on Ubiquitous Computing, UbiComp '01, pages 116--122, London, UK, UK, 2001. Springer-Verlag.

Digital Library

[13]

T. Huynh and B. Schiele. Analyzing features for activity recognition. In Proceedings of Smart Objects and Ambient Intelligence Soc-EUSAI 2005, pages 159--163. ACM Press, October 2005.

Digital Library

[14]

D. Kirovski, M. Sinclair, and D. Wilson. The Martini Synch. Technical Report MSR-TR-2007-123, Microsoft Research, September 2007.

[15]

A. Kumar, N. Saxena, G. Tsudik, and E. Uzun. Caveat eptor: A comparative study of secure device pairing methods. In IEEE International Conference on Pervasive Computing and Communications, 2009. PerCom 2009., pages 1--10, 2009.

Digital Library

[16]

J. Lester, B. Hannaford, and G. Borriello. "Are You with Me?" - using accelerometers to determine if two devices are carried by the same person. In Proceedings of the 2nd International Conference on Pervasive Computing, pages 33--50, 2004.

[17]

H. Lu, A. J. B. Brush, B. Priyantha, A. K. Karlson, and J. Liu. Speakersense: energy efficient unobtrusive speaker identification on mobile phones. In Proceedings of the 9th international conference on Pervasive computing, Pervasive' 11, pages 188--205, Berlin, Heidelberg, 2011. Springer-Verlag.

Digital Library

[18]

R. Marin-Perianu, M. Marin-Perianu, P. Havinga, and H. Scholten. Movement-based group awareness with wireless sensor networks. In Proceedings of the 5th International Conference on Pervasive Computing, Pervasive'07, pages 298--315. Springer-Verlag, 2007.

Digital Library

[19]

R. Mayrhofer, J. Fuss, and I. Ion. UACAP: A unified auxiliary channel authentication protocol. IEEE Transactions on Mobile Computing, 12(4):710--721, Apr. 2013.

Digital Library

[20]

R. Mayrhofer and H. Gellersen. Shake well before use: Authentication based on accelerometer data. In Proc. Pervasive 2007: 5th International Conference on Pervasive Computing, volume 4480 of LNCS, pages 144--161. Springer-Verlag, May 2007.

Digital Library

[21]

R. Mayrhofer and H. Gellersen. Shake well before use: Intuitive and secure pairing of mobile devices. IEEE Transactions on Mobile Computing, 8(6):792--806, 2009.

Digital Library

[22]

I. Muslukhov, Y. Boshmaf, C. Kuo, J. Lester, and K. Beznosov. Understanding users' requirements for data protection in smartphones. In Data Engineering Workshops (ICDEW), 2012 IEEE 28th International Conference on, pages 228--235, 2012.

Digital Library

[23]

F. Schaub, R. Deyhle, and M. Weber. Password entry usability and shoulder surfing susceptibility on different smartphone platforms. In Proceedings of the 11th International Conference on Mobile and Ubiquitous Multimedia, MUM '12, pages 13:1--13:10, New York, NY, USA, 2012. ACM.

Digital Library

[24]

A. Studer, T. Passaro, and L. Bauer. Don't bump, shake on it: The exploitation of a popular accelerometer-based smart phone exchange and its secure replacement. In Proceedings of the 27th Annual Computer Security Applications Conference, ACSAC '11, pages 333--342, New York, NY, USA, 2011. ACM.

Digital Library

[25]

F. Tari, A. A. Ozok, and S. H. Holden. A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords. In Proceedings of the second symposium on Usable privacy and security, SOUPS '06, pages 56--66, New York, NY, USA, 2006. ACM.

Digital Library

[26]

E. von Zezschwitz, P. Dunphy, and A. De Luca. Patterns in the wild: a field study of the usability of pattern and pin-based authentication on mobile devices. In Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services, MobileHCI '13, pages 261--270, New York, NY, USA, 2013. ACM.

Digital Library

[27]

E. von Zezschwitz, A. Koslow, A. De Luca, and H. Hussmann. Making graphic-based authentication secure against smudge attacks. In Proceedings of the 2013 international conference on Intelligent user interfaces, pages 277--286, New York, NY, USA, 2013. ACM.

Digital Library

Cited By

Mayrhofer RSigg S(2021)Adversary Models for Mobile Device AuthenticationACM Computing Surveys10.1145/347760154:9(1-35)Online publication date: 8-Oct-2021
https://dl.acm.org/doi/10.1145/3477601
Xu WZhang JHuang SLuo CLi W(2021)Key Generation for Internet of ThingsACM Computing Surveys10.1145/342974054:1(1-37)Online publication date: 2-Jan-2021
https://dl.acm.org/doi/10.1145/3429740
Zhao GJiang QHuang XMa XTian YMa J(2021)Secure and Usable Handshake Based Pairing for Wrist-Worn Smart Devices on Different UsersMobile Networks and Applications10.1007/s11036-021-01781-xOnline publication date: 27-May-2021
https://doi.org/10.1007/s11036-021-01781-x
Show More Cited By

Index Terms

ShakeUnlock: Securely Unlock Mobile Devices by Shaking them Together
1. Computing methodologies
  1. Artificial intelligence
    1. Computer vision
      1. Computer vision problems
        Image segmentation
        Video segmentation
    2. Distributed artificial intelligence
2. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

ShakeUnlock: Securely Transfer Authentication States Between Mobile Devices

As users start carrying multiple mobile devices, we propose a novel, token based mobile device unlocking approach. Mobile devices are conjointly shaken to transfer the authentication state from an unlocked token device to another device to unlock it. A ...
Secure and usable authentication on mobile devices
MoMM '12: Proceedings of the 10th International Conference on Advances in Mobile Computing & Multimedia

Mobile devices contain a multitude of sensitive data and provide access to even more data as well as services somewhere on the Internet. Even if only temporarily in the hands of non-entitled persons, privacy is at stake. Authentication protects against ...
Password based remote authentication scheme using ECC for smart card
ICCCS '11: Proceedings of the 2011 International Conference on Communication, Computing & Security

Remote user authentication is a continual problem, particularly with mobile and handheld devices such as Personal Digital Assistants (PDAs), Smartcard, Laptops. Providing user authentication for safe access of precious, private information, or ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

MoMM '14: Proceedings of the 12th International Conference on Advances in Mobile Computing and Multimedia

December 2014

464 pages

ISBN:9781450330084

DOI:10.1145/2684103

General Chair:
Shyue-Liang Leon Wang
National University of Kaohsiung, Taiwan
,
Program Chairs:
Yu-Hui Tao
National University of Kaohsiung, Taiwan
,
Liming Chen
University of Ulster, UK
,
Chung-Nan Lee
National Sun Yat-sen University, Taiwan

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

JKU: Johannes Kepler Universität Linz

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 December 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

MoMM '14

MoMM '14: The 12th International Conference on Advances in Mobile Computing and Multimedia

December 8 - 10, 2014

Kaohsiung, Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

18
Total Citations
View Citations
197
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)1

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Mayrhofer RSigg S(2021)Adversary Models for Mobile Device AuthenticationACM Computing Surveys10.1145/347760154:9(1-35)Online publication date: 8-Oct-2021
https://dl.acm.org/doi/10.1145/3477601
Xu WZhang JHuang SLuo CLi W(2021)Key Generation for Internet of ThingsACM Computing Surveys10.1145/342974054:1(1-37)Online publication date: 2-Jan-2021
https://dl.acm.org/doi/10.1145/3429740
Zhao GJiang QHuang XMa XTian YMa J(2021)Secure and Usable Handshake Based Pairing for Wrist-Worn Smart Devices on Different UsersMobile Networks and Applications10.1007/s11036-021-01781-xOnline publication date: 27-May-2021
https://doi.org/10.1007/s11036-021-01781-x
Brusch ANguyen NSchurmann DSigg SWolf L(2020)Security Properties of Gait for Mobile Device PairingIEEE Transactions on Mobile Computing10.1109/TMC.2019.289793319:3(697-710)Online publication date: 1-Mar-2020
https://doi.org/10.1109/TMC.2019.2897933
Vengaten SWilferd Roshan MPrince Mary SUsha Nandini D(2019)Track Me & Unlock: Secured Mutual Authentication System of Integrating Phone Unlock & Women’s Safety Application using MEMSIOP Conference Series: Materials Science and Engineering10.1088/1757-899X/590/1/012004590(012004)Online publication date: 15-Oct-2019
https://doi.org/10.1088/1757-899X/590/1/012004
(2018)Graphical passwords for older computer usersInternational Journal of Security and Networks10.5555/3292934.329293513:4(211-227)Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.5555/3292934.3292935
Leung HFu CHeng P(2018)TwistInProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/32142752:2(1-24)Online publication date: 5-Jul-2018
https://dl.acm.org/doi/10.1145/3214275
Shukla DWei GXue DJin ZPhoha V(2018)Body-Taps: Authenticating Your Device Through Few Simple Taps2018 IEEE 9th International Conference on Biometrics Theory, Applications and Systems (BTAS)10.1109/BTAS.2018.8698602(1-8)Online publication date: Oct-2018
https://doi.org/10.1109/BTAS.2018.8698602
Schürmann DBrüsch ANguyen NSigg SWolf L(2018)Moves like Jagger: Exploiting variations in instantaneous gait for spontaneous device pairingPervasive and Mobile Computing10.1016/j.pmcj.2018.03.00647(1-12)Online publication date: Jul-2018
https://doi.org/10.1016/j.pmcj.2018.03.006
Inoue MOgawa T(2017)One tap owner authentication on smartphonesProceedings of the 15th International Conference on Advances in Mobile Computing & Multimedia10.1145/3151848.3151853(22-28)Online publication date: 4-Dec-2017
https://dl.acm.org/doi/10.1145/3151848.3151853
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten