LISA: Visible light based initialization and SMS based authentication of constrained IoT devices

Future healthcare systems, smart homes, power management systems will all involve a large number of smart inter-connected wireless devices (such as wireless sensor and IoT nodes). One of the major challenges to securing these systems presents loading initial cryptographic credentials into a relatively large number of wireless devices. This challenge is further aggravated by the fact that many of these technologies and systems involve low-cost and highly interface constrained devices - lacking usual wired interfaces, displays, keypads, and alike. In this paper we propose two novel multichannel key deployment schemes for wireless (sensor) networks, LISA and LISAT, that only require a presence of a light source device, such as a multitouch screen, tablet or a smartphone device. Both key deployment schemes are secret key-based multichannel protocols and are suitable for interface/resource constrained wireless devices. We use one-way visible light channel (VLC) of multitouch screens (the flashing displays) to initialize sensor devices in a secure, usable and scalable way. More interestingly, LISAT protocol is suited for initialization of geographically remote devices via a trusted third party device. We provide formal analysis of the proposed protocols using the automated verification tool. From the user's perspective of protocol execution, device initialization is quite simple as user simply places the devices on the top of the multitouch screen after which the remaining process is fully automatized. Indeed, through the experiments with 34 users we showed that our solution is user-friendly and has a good performance concerning the time consumption. (C) 2019 Elsevier B.V. All rights reserved.