报告题目： Attack and Countermeasure on Interlock-based Device Pairing Schemes 报告日期及时间：2017年11月22日上午10点
报告地点：外围投注365大楼
报告人： Yongdong Wu
报告人单位： 新加坡信息通信研究院(Institute for Infocomm Research, Singapore)

报告人简介： 吴永东博士现为新加坡信息通信研究院(Institute for Infocomm Research, Singapore)系统安全实验室主任、高级科学家，研究方向为信息系统安全， 多媒体安全，移动安全，信息物理系统安全。1997 曾经两次荣获航空工业总公司二 等奖及一次三等功;新加坡陈嘉庚青少发明奖银奖（2004）及优秀奖(2005); IFIP Communications and Multimedia Security 国际会议最佳论文奖(2012)。共发表 100 多篇科技论文及专利,并有 3 项 JPEG2000 安全提案进入 ISO 标准 15444-8。他是 ISPEC2015 大会的程序委员会共同主席。目前是 Security and Communication Networks, 以及 Journal of Information Security and Applications 的副主编。
报告摘要：
Abstract: In recent years, researchers have proposed several secure device pairing schemes that allow mobile devices in close proximity to establish a trusted communication channel between them without sharing any secret in advance. These schemes use the correlation of some physical measurements (magnetic field, acceleration, etc.) made independently by the two pairing devices to reconcile them. Their security against a Man-in-the-Middle (MitM) attacker relies on the difficulty for the MitM attacker to obtain a measurement data similar to the two pairing devices. As a key step in the reconciliation process, an interlock protocol is used in several recent schemes (e.g., Magpairing and ShaVe) to ensure that the measurement data is not leaked. However, the present paper points out that these schemes apply the interlock protocol improperly, making themselves vulnerable to MitM attacks. The analysis and experimental results show that the proposed MitM attack almost surely succeeds with very low computation overhead. We also propose countermeasures on the presented attack.
邀请人： 胡瑞敏教授、叶登攀教授