PIKE: Enabling secure interaction with piggybacked key-exchange

Online collaboration tools such as Google+, Face-book or Dropbox have become an important and ubiquitous mediator of many human interactions. In the virtual world, they enable secure interaction by controlling access to shared resources. Yet relying on them to support synchronous direct interactions, such as face-to-face meetings, might be suboptimal as they require reliable online connectivity and even then often introduce delays. A much more efficient way of co-located resource sharing is the use of local communications, such as ad-hoc WiFi. Yet setting up the necessary encryption and authentication mechanisms is often cumbersome. In this paper, we present PIKE, a key exchange protocol that minimizes this configuration effort. PIKE piggybacks the exchange of keys on top of an existing service infrastructure. To support encryption or authentication without Internet connection, PIKE relies on triggers for upcoming personal interactions and exchanges keys before they take place. To evaluate PIKE, we present two example applications and we perform an experimental as well as an analytical analysis of its characteristics. The evaluation indicates that PIKE is broadly applicable, scales well enough to support larger events and provides a level of security that is (at least) comparable to the one provided by the underlying service.