Earworms Make Bad Password: An Analysis of the Noke Smart Lock Manual Override

Date: Thursday 25 January 2018, 1:00pm to 2:00pm
Venue: Infolab C60b
Open to: Alumni, Postgraduates, Staff, Undergraduates
Registration: Registration not required - just turn up

Event Details

To counter the risk of being unable to open the lock when the smartphone is unavailable, it provides an override mechanism. Noke implements this override feature using a quick-click scheme, whereby its user can choose a sequence of eight to sixteen short and long shackle presses (similar to a Morse code).

The Internet of Things (IoT) has the potential to make lives more comfortable and effortless, through various assistive products and services built using small, wireless devices; for example, to enable personalised services (in which the user gets their environment configured and presented to their preference) or multi-factor effortless and continuous authentication (where the user does not need to remember burdensome passwords but uses instead biometrics and other wearable tokens). However, these devices could also pose new large-scale privacy and security risks that are not properly understood yet, and constitute an ongoing research challenge.

This talk presents a security analysis of the manual override feature of the Noke smart lock. The Noke smart lock allows its user to operate, monitor and even share his smart lock with others through a smartphone. To counter the risk of being unable to open the lock when the smartphone is unavailable, it provides an override mechanism. Noke implements this override feature using a quick-click scheme, whereby its user can choose a sequence of eight to sixteen short and long shackle presses (similar to a Morse code).

Budi Arief is a Senior Lecturer in the School of Computing at the University of Kent. His research interests are in cybercrime, the security and dependability of computer-based systems, cybersecurity education, and the Internet of Things, with a strong overarching element of interdisciplinary research. His current work focuses on the socio-technical aspects of ransomware, as part of the EPSRC EMPHASIS (EconoMical, PsycHologicAl and Societal Impact of RanSomware) project. He obtained his B.Sc. in Computing Science (First Class) and PhD. in Computing Science, both from Newcastle University. Prior to joining the University of Kent, Budi was a Senior Research Associate in the School of Computing Science at Newcastle University.

Contact Details

Paul Bennett
p.bennett4@lancaster.ac.uk
+44 1524 595186
Add to my calendar

Back to Events