Wireless device pairing is a critical security mechanism to bootstrap the secure communication between two devices without a pre-shared secret. It has been widely used in many Internet of Things (IoT) applications, such as smart-home and smart-health. Most existing device pairing mechanisms are based on out-of-band channels, e.g., extra sensors or hardware, to validate the proximity of pairing devices. However, out-of-band channels are not universal across all wireless devices, so such a scheme is limited to certain application scenarios or conditions. On the other hand, in-band channel-based device pairing seeks universal applicability by only relying on wireless interfaces. Existing in-band channel-based pairing schemes either require multiple antennas separated by a good distance on one pairing device, which is not feasible in certain scenarios, or require users to repeat multiple sweeps, which is not optimal in terms of usability. Therefore, an in-band wireless device pairing scheme providing high security while maintaining high usability (simple pairing process and minimal user intervention) is highly desired. In this work, we propose an easy-to-use mutual authentication device pairing scheme, named Swipe2Pair, based on the proximity of pairing devices and randomization of wireless transmission power. We conduct extensive security analysis and collect considerable experimental data under various settings across different environments. Experimental results show that Swipe2Pair achieves high security and usability. It only takes less than one second to complete the pairing process with a simple swipe of one device in front of the other.

翻译：无线设备配对是一种关键的 security 机制，用于在无预共享秘密的情况下启动两个设备间的安全通信。该机制已广泛应用于智能家居、智能健康等物联网应用场景。现有设备配对方案大多依赖带外信道（如额外传感器或硬件）验证配对设备的邻近性，但带外信道并非所有无线设备通用，因而受限于特定应用场景或条件。相比之下，基于带内信道的设备配对仅需依赖无线接口即可实现通用适配性。现有带内信道配对方案要么要求配对设备一方配备间距足够大的多天线（这在某些场景中不可行），要么要求用户重复多次滑动操作（这在易用性上不理想）。因此，迫切需要一种既能提供高安全性又能保持高易用性（配对过程简单且用户干预最少）的带内无线设备配对方案。本研究提出一种名为 Swipe2Pair 的易用型双向认证设备配对方案，其核心基于配对设备邻近性与无线发射功率随机化技术。我们开展了全面的安全分析，并在不同环境的多类配置下收集了大量实验数据。实验结果表明，Swipe2Pair 兼具高安全性与高易用性：仅需将一台设备在另一台前简单滑动，即可在不足一秒内完成配对流程。