Research Article
Wi-Auth: WiFi based Second Factor User Authentication
@INPROCEEDINGS{10.4108/eai.7-11-2017.2274992, author={Syed Wajid Ali Shah and Salil Kanhere}, title={Wi-Auth: WiFi based Second Factor User Authentication}, proceedings={14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services}, publisher={ACM}, proceedings_a={MOBIQUITOUS}, year={2018}, month={4}, keywords={second factor authentication wifi csi}, doi={10.4108/eai.7-11-2017.2274992} }
- Syed Wajid Ali Shah
Salil Kanhere
Year: 2018
Wi-Auth: WiFi based Second Factor User Authentication
MOBIQUITOUS
ACM
DOI: 10.4108/eai.7-11-2017.2274992
Abstract
While second factor authentication (2FA) is now widely available, user adoption is still very low, as most of 2FA implementations require significant interaction from the user. In this paper, we present a novel 2FA system, called Wi-Auth that requires minimal participation from the user. A user after confirming her credentials with an online service, simply has to place a pre-registered secondary device in close proximity ( <2.5 inches) of the primary device from which the login attempt is being made. Wi-Auth detects the proximity of these two devices by comparing the fine-grained Channel State Information (CSI) of the ambient WiFi signals measured at the two devices. The logic being that two devices that are in such close proximity will exhibit very similar CSI characteristics. Wi-Auth uses a lightweight two-step matching algorithm to compare the two CSI measurements. We also address (for the first time in literature) the issue of targeted attacks where an attacker may be co-located with the victim. We implement Wi-Auth using commodity off-the-shelf 802.11n devices and evaluate its performance in three different practical settings including an open office, an apartment and a large meeting space. Our experiments performed at 90 different location reveal that Wi-Auth can on average achieve 94% authentication accuracy with 5% false positives and 6% false negatives. Moreover, Wi-Auth is very robust in preventing co-located attacks with a 95% attack detection accuracy.