org.openuat.authentication.accelerometer
Class ShakeWellBeforeUseProtocol2

java.lang.Object
  org.openuat.authentication.AuthenticationEventSender
      org.openuat.authentication.CKPOverUDP
          org.openuat.authentication.accelerometer.ShakeWellBeforeUseProtocol2

All Implemented Interfaces:

SamplesSink

public class ShakeWellBeforeUseProtocol2
extends CKPOverUDP
implements SamplesSink

This is the second variant of the motion authentication protocol. It broadcasts candidate keys over UDP and creates shared keys with the candidate key protocol.

Version:

1.0

Author:

Rene Mayrhofer

Field Summary

static int	LocalCandidateHistorySize Remember our own (locally generated) last 30 candidate key parts for detecting possible matches.
static int	MatchingCandidatesHistorySize For each remote host, remember the last 20 matching key parts to have enough material for generating candidate keys.
static int	MaximumMatchingCandidatesAge Keep the match history for each remote host for 5 minutes - should really be enough.
static int	MinimumNumberOfRoundsForAction
static java.lang.String	MulticastGroup
protected int	totalFFTTime These are only for keeping statistics on time spent for FFT.
static int	UdpPort The TCP port we use for this protocol.

Fields inherited from class org.openuat.authentication.CKPOverUDP

instanceId, Maximum_Udp_Data_Size, totalCKPTime, totalCodingTime, totalMessageNum, totalMessageSize, useJSSE

Fields inherited from class org.openuat.authentication.AuthenticationEventSender

eventsHandlers

Constructor Summary

ShakeWellBeforeUseProtocol2(int sampleRate, int fftPoints, int numQuantLevels, int numCandidates, int cutOffFrequency, int windowOverlap, float matchThreshold, int minMatchingParts, boolean useJSSE)
Initializes the object, only setting useJSSE at the moment.

ShakeWellBeforeUseProtocol2(int sampleRate, int fftPoints, int numQuantLevels, int numCandidates, int cutOffFrequency, int windowOverlap, float matchThreshold, int minMatchingParts, boolean useJSSE, int udpRecvPort, int udpSendPort, java.lang.String sendAddress, java.lang.String instanceId)
Initializes the object, only setting useJSSE at the moment.

Method Summary

void	addSample(double sample, int numSample) The implementation of SamplesSink.addSegment.
static void	main(java.lang.String[] args)
protected void	protocolFailedHook(java.lang.String remote, float matchingRoundsFraction, java.lang.Exception e, java.lang.String message) This hook will be called when the whole authentication protocol has failed.
protected void	protocolProgressHook(java.lang.String remote, int cur, int max, java.lang.String message) This hook will be called when the whole authentication protocol has made some progress.
protected void	protocolSucceededHook(java.lang.String remote, byte[] sharedSessionKey, float matchingRoundsFraction) This hook will be called when the final verdict is that the whole authentication protocol succeeded, i.e. both hosts signalled success on key verification.
void	segmentEnd(int numSample) Should be called when it is detected that an active segment end, i.e. when it is detected that the source has become quiescent by some definition.
void	segmentStart(int numSample) Should be called when it is detected that an active segment starts, i.e. when it is detected that the source has become active by some definition.

Methods inherited from class org.openuat.authentication.CKPOverUDP

addCandidates, dispose

Methods inherited from class org.openuat.authentication.AuthenticationEventSender

addAuthenticationProgressHandler, raiseAuthenticationFailureEvent, raiseAuthenticationProgressEvent, raiseAuthenticationStartedEvent, raiseAuthenticationSuccessEvent, removeAuthenticationProgressHandler, setAuthenticationProgressHandlers

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

UdpPort

public static final int UdpPort

The TCP port we use for this protocol.

See Also:

Constant Field Values

MulticastGroup

public static final java.lang.String MulticastGroup

See Also:

Constant Field Values

MinimumNumberOfRoundsForAction

public static final int MinimumNumberOfRoundsForAction

See Also:

Constant Field Values

LocalCandidateHistorySize

public static final int LocalCandidateHistorySize

Remember our own (locally generated) last 30 candidate key parts for detecting possible matches.

See Also:

Constant Field Values

MatchingCandidatesHistorySize

public static final int MatchingCandidatesHistorySize

For each remote host, remember the last 20 matching key parts to have enough material for generating candidate keys.

See Also:

Constant Field Values

MaximumMatchingCandidatesAge

public static final int MaximumMatchingCandidatesAge

Keep the match history for each remote host for 5 minutes - should really be enough.

See Also:

Constant Field Values

totalFFTTime

protected int totalFFTTime

These are only for keeping statistics on time spent for FFT.

Constructor Detail

ShakeWellBeforeUseProtocol2

public ShakeWellBeforeUseProtocol2(int sampleRate,
                                   int fftPoints,
                                   int numQuantLevels,
                                   int numCandidates,
                                   int cutOffFrequency,
                                   int windowOverlap,
                                   float matchThreshold,
                                   int minMatchingParts,
                                   boolean useJSSE)
                            throws java.io.IOException

Initializes the object, only setting useJSSE at the moment. This constructor sets default values for udpSendPort, udpReceivePort and multicastGroup.

Parameters:

minMatchingParts -

useJSSE - If set to true, the JSSE API with the default JCE provider of the JVM will be used for cryptographic operations. If set to false, an internal copy of the Bouncycastle Lightweight API classes will be used.

Throws:

java.io.IOException

ShakeWellBeforeUseProtocol2

public ShakeWellBeforeUseProtocol2(int sampleRate,
                                   int fftPoints,
                                   int numQuantLevels,
                                   int numCandidates,
                                   int cutOffFrequency,
                                   int windowOverlap,
                                   float matchThreshold,
                                   int minMatchingParts,
                                   boolean useJSSE,
                                   int udpRecvPort,
                                   int udpSendPort,
                                   java.lang.String sendAddress,
                                   java.lang.String instanceId)
                            throws java.io.IOException

Initializes the object, only setting useJSSE at the moment.

Parameters:

sampleRate - A good value is @see ShakeWellBeforeUseParameters.samplerate

fftPoints - A good value is @see ShakeWellBeforeUseParameters.fftMatchesWindowSize

numQuantLevels - A good value is @see ShakeWellBeforeUseParameters.fftMatchesQuantizationLevels

numCandidates - A good value is @see ShakeWellBeforeUseParameters.fftMatchesCandidatesPerRound

cutOffFrequency - A good value is @see ShakeWellBeforeUseParameters.fftMatchesCutOffFrequenecy

windowOverlap - A good value is @see ShakeWellBeforeUseParameters.fftMatchesWindowOverlap

matchThreshold - A good value is @see ShakeWellBeforeUseParameters.fftMatchesThreshold

minMatchingParts -

useJSSE - If set to true, the JSSE API with the default JCE provider of the JVM will be used for cryptographic operations. If set to false, an internal copy of the Bouncycastle Lightweight API classes will be used.

udpRecvPort - The UDP port number to listen for packets at.

udpSendPort - The UDP port to send packets to.

sendAddress - The (multicast or unicast) IP address to send UDP packets to.

Throws:

java.io.IOException - // TODO: implement handling of minMatchingParts

Method Detail

addSample

public void addSample(double sample,
                      int numSample)

The implementation of SamplesSink.addSegment. It will be called for all (aggregated) samples that occur during an active phase. This implementation immediately computes the sliding FFT windows, quantizes the coefficients, and sends out candidate key parts.

Specified by:

addSample in interface SamplesSink

Parameters:

sample - The new sample value to add.

numSample - The index of this sample. All samples are required to be equally spaced.

segmentStart

public void segmentStart(int numSample)

Description copied from interface: SamplesSink

Should be called when it is detected that an active segment starts, i.e. when it is detected that the source has become active by some definition.

Specified by:

segmentStart in interface SamplesSink

Parameters:

numSample - The index at which the active segment starts.

segmentEnd

public void segmentEnd(int numSample)

Description copied from interface: SamplesSink

Should be called when it is detected that an active segment end, i.e. when it is detected that the source has become quiescent by some definition.

Specified by:

segmentEnd in interface SamplesSink

Parameters:

numSample - The index at which the active segment ends.

protocolSucceededHook

protected void protocolSucceededHook(java.lang.String remote,
                                     byte[] sharedSessionKey,
                                     float matchingRoundsFraction)

Description copied from class: CKPOverUDP

This hook will be called when the final verdict is that the whole authentication protocol succeeded, i.e. both hosts signalled success on key verification.

Specified by:

protocolSucceededHook in class CKPOverUDP

Parameters:

remote - The remote host address with which the key exchange succeeded.

sharedSessionKey - The shared session key (which is different from the shared authentication key used for verification) that can now be used for subsequent secure communication.

matchingRoundsFraction - The fraction of rounds where a match could be found.

protocolFailedHook

protected void protocolFailedHook(java.lang.String remote,
                                  float matchingRoundsFraction,
                                  java.lang.Exception e,
                                  java.lang.String message)

Description copied from class: CKPOverUDP

This hook will be called when the whole authentication protocol has failed. Derived classes should implement it to react to this failure.

Specified by:

protocolFailedHook in class CKPOverUDP

Parameters:

remote - The remote host address with which the key exchange failed.

matchingRoundsFraction - The fraction of rounds where a match could be found. Will be set to 0 if unknown.

e - If not null, the exception describing the failure.

message - If not null, the message describing the failure.

protocolProgressHook

protected void protocolProgressHook(java.lang.String remote,
                                    int cur,
                                    int max,
                                    java.lang.String message)

Description copied from class: CKPOverUDP

This hook will be called when the whole authentication protocol has made some progress. Derived classes should implement it to react to this progress.

Specified by:

protocolProgressHook in class CKPOverUDP

Parameters:

remote - The remote host address with which the key exchange progressed.

cur - @see AuthenticationProgressHandler#AuthenticationProgress

max - @see AuthenticationProgressHandler#AuthenticationProgress

message - @see AuthenticationProgressHandler#AuthenticationProgress

main

public static void main(java.lang.String[] args)
                 throws java.io.IOException

Throws:

java.io.IOException