Gait has been proposed as a feature for mobile device pairing across arbitrary positions on the human body. Results indicate that the correlation in gait-based features across different body locations is sufficient to establish secure device pairing. However, the population size of the studies is limited and powerful attackers with e.g., capability of video recording are not considered. We present a concise discussion of security properties of gait-based pairing schemes including quantization, classification and analysis of attack surfaces, of statistical properties of generated sequences, an entropy analysis, as well as possible threats and security weaknesses. For one of the schemes considered, we present modifications to fix an identified security flaw. As a general limitation of gait-based authentication or pairing systems, we further demonstrate that an adversary with video support can create key sequences that are sufficiently close to on-body generated acceleration sequences to breach gait-based security mechanisms.

中文翻译：

---

移动设备配对步态的安全特性

步态已被提议作为移动设备在人体任意位置配对的一项功能。结果表明，跨不同身体位置的基于步态的特征的相关性足以建立安全的设备配对。然而，研究的人口规模是有限的，并且没有考虑具有视频录制能力的强大攻击者。我们简要讨论了基于步态的配对方案的安全特性，包括攻击面的量化、分类和分析、生成序列的统计特性、熵分析以及可能的威胁和安全弱点。对于所考虑的方案之一，我们提出修改以修复已识别的安全漏洞。作为基于步态的身份验证或配对系统的一般限制，