Secret Key Distribution Leveraging Color Shift Over ...winlab.rutgers.edu/~cs1421/paper/Secret Key... · key distribution over visible light channel using unobtrusive optical patterns

Secret Key Distribution Leveraging Color Shift OverVisible Light Channel

Hongbo LiuDept. of CIGT

IUPUIIndianapolis, IN 46202Email: [email protected]

Bo LiuDept. of ECE

Stevens Institute of TechnologyHoboken, NJ 07030

Email: [email protected]

Cong ShiDept. of ECE

Stevens Institute of TechnologyHoboken, NJ 07030

Email: [email protected]

Yingying ChenDept. of ECE

Stevens Institute of TechnologyHoboken, NJ 07030

Email: [email protected]

Abstract—Given the widely adoption of screen and camerain many electronic devices, the visible light communication(VLC) over screen-to-camera channel emerges as a novel shortrange communication technique in recent years. Active researchexplores various ways to convey messages over screen-camerachannel, such as barcode and unobtrusive optical pattern. How-ever, with the prevalence of LED screens of wide viewing anglesand mobile devices equipped with high standard cameras, thethreat of information leakage over screen-to-camera channelbecomes in-negligible. Few studies have discussed how to en-sure the security of data transmission over screen-to-camerachannel. In this paper, we propose a secret key distributionsystem leveraging the unique color shift property over visiblelight channel. To facilitate such design, we develop a practicalsecret key matching based method to map the secret key intogridded optical patterns on screen, which can only be correctlyrecognized by the legitimate user through an accessible regionand allow regular data stream transmission through valid grids.The proposed system is prototyped with off-the-shelf devices andvalidated under various experimental scenarios. The results showthat our system can achieve high bit-decoding accuracy for thelegitimate users while maintaining comparable data throughputas regular unobtrusive VLC systems with very low recoveryaccuracy of the encrypted data for the attackers.

I. INTRODUCTION

Due to the ever-growing crowded radio environments,visible light communication (VLC), especially over screen-camera channel [1]–[4], emerges as a promising way for shortrange communication in recent years. Active research exploresvarious ways to convey messages over screen-camera channel.Particularly, it falls into two main categories, barcode (i.e.,machine-readable optical labels visible to human eyes) andunobtrusive optical pattern (i.e., invisible optical patterns dueto low luminance sensitivity or temporal flick-fusion propertyof human eyes). Unlike the broadcast nature of radio commu-nication, the highly directional propagation property rendersvisible light communication with much less interference frommultiple concurrent data transmissions. Compared with NFCand other RF-based short range communication technologies,which need additional hardware support to secure the shortrange communication, VLC can be deployed in more practicalenvironments given the widely adoption of screen and camerain many electronic devices. We envision the emerging VLCover the screen-to-camera channel will become a more com-petitive form for short range communication, and benefit manysecurity-sensitive mobile applications. For example, there isan increasing need on mobile private information sharing [5],[6], such as exchanging business cards and documents, insocial places and business meetings. NFC and short range

RF channel usually suffer from replay or man-in-the-middleattacks [7], whereas VLC-enabled mobile information sharingcould fundamentally combat such threats due to line-of-sightpropagation of visible light signal. Furthermore, mobile pay-ment and ticketing systems [8] become more popular due totheir ubiquitous payment possibilities and timely access to fi-nancial assets. The existing mobile payment methods based onNFC and RF techniques have the vulnerability under variousattacks such as eavesdropping and DDoS [9]. Future mobilepayment systems grounded on VLC would overcome thesevulnerabilities by manipulating visible light signals on screento conceal the information embedded in screen content [3],[10].

As the prevalence of LED screens of wide viewing angleand mobile devices equipped with high standard camera, thethreat of information leakage over screen-to-camera channelhowever becomes in-negligible. Significant recent researchefforts have been spent on improving the data transmissionperformance of visible light communication, but few worksstudy securing data transmission over screen-to-camera chan-nel. Traditional data encryption methods, such as AES orPKI [11], either require prior knowledge on secret keys orrely on central authority for secret key distribution. How-ever, due to the lack of infrastructural management, suchprerequisites may not be fulfilled in many short range device-to-device communication scenarios, especially for screen-to-camera channel. Further, the physical layer-based secret keyextraction approaches over radio channel [12] are also notapplicable to visible light channel due to the non-reciprocity ofscreen-to-camera channel. In this paper, we focus on securingkey distribution over visible light channel using unobtrusiveoptical patterns under the presence of eavesdropping attackers.Because the secret key distribution serves as the first step tosecure data transmission. Recent work of SBVLC [6] is asecure system on barcode-based visible light communicationheavily relying on screen viewing angle changes induced byuser motions. Kaleido [13] utilizes the disparities betweenthe screen-to-eye channel and the screen-to-camera channelto prevent unauthorized users from videotaping leveragingrandom unobtrusive optical patterns, but such random opticalpatterns also prevent the regular data transmission over thescreen-to-camera channel.

To ensure the regular data transmission over visible lightchannel while maintaining the data confidentiality, a newinformation security system is needed to cope with adversarialeavesdropping of the secret information over screen-to-camerachannel. Kim et. al. [14] utilizes the color shift on a twistednematic LCD screen to present two independent views con-currently when watching from two different viewing angles.978-1-5386-0683-4/17/$31.00 c⃝2015 IEEE

Inspired by the above observation, we conduct close exami-nation on the color shift property on screens. Our empiricalstudies reveal consistent color shift patterns on the capturedscreen contents when varying the viewing angles of camera.Specifically, the luminance and color intensity values of thecaptured screen contents appear differently when the camerais situated at different relative positions from the screen. Suchfindings motivate us to design customized optical patternson screens that can only be correctly decoded by the usersat certain viewing angles. The confidential data stream willbe encoded with the secret key mapped from such opticalpatterns, and thereby securely transmitted over the visible lightchannel. Meanwhile, the optical pattern is hard to be inferredby the attackers from different viewing angles.

Based on the above useful findings, we design a secretkey distribution system leveraging the unique color shiftproperty over visible light channel. We target at delineatinga legitimate user access region that ensures the secret keycould be successfully decoded and received by the legitimateuser. We refer the surround area where the user resides as thelegitimate user access region. Whereas none or only partialsecret information could be recovered by unauthorized usersoutside of this region. If an unauthorized user enters thelegitimate user access region, he will have an increased chanceto be exposed as an attacker to the legitimate user, hencedefeating his advertorial intent. To facilitate such a design,we develop a practical secret key matching based algorithmto map the secret key into gridded optical patterns on thescreen. The proposed method allows the secret key to berecognized correctly by the legitimate user and enables regulardata stream transmission through valid grids. The throughputof our proposed system is comparable to the regular VLCsystems, indicating low overhead is introduced by the secu-rity mechanisms. Specifically, we make the following majorcontributions in this project:

- Revealing the important fact that the changing viewing angleswith respect to the screen would result in color shift on thecaptured screen contents. This useful phenomenon enables thedesign of the legitimate user access region.

- Proposing to secret key distribution over visible light channelleveraging the unique color shift property under the presenceof eavesdropping attackers.

- Developing a practical secret key matching based algorithmto secure data transmission through encoding the color shiftpatterns on screen.

- Implementing the prototype of the proposed secret keydistribution system and validating its performance with realexperimental results, which confirms the effectiveness andefficiency of the proposed system.

II. RELATED WORK

Visible light communication (VLC), as a subset of opticalwireless communication, is an emerging short range data trans-mission technology that works on the visible light spectrum.The VLC technologies mainly fall into two categories, screen-to-camera-based [1]–[3] and fluorescent-based [15], [16] ac-cording to what type of transceiver is adopted. Specifically,screen-to-camera-based VLC transmits the data that is em-bedded as a special color pattern in the screen contents, whileany camera that is able to capture the screen content extractsthe embedded data; the fluorescent-based VLC uses ordinaryfluorescent lamps or standard off-the-shelf visible light LEDluminaries to transmit the data stream, which is modulated in

the form of light pulses and correspondingly demodulated bythe receiving photodiode.

Many studies have been proposed to prevent unauthorizedusers to access the fluorescent-based VLC [17], [18], butthe security for short range screen-to-camera VLC has notbeen systematically studied. It is difficult to add securityfeatures to the screen-to-camera VLC channel due to its visualnature. Specifically, the screen contents are subject to allreceivers including unauthorized users when they are displayedon the screen. Recently, Zhang et. al. [6] propose a securesystem (SBVLC) for barcode-based VLC channel betweensmartphones. It provides a physical security enhancementmechanism leveraging screen viewing angle changes inducedby user motions to ensure secure information exchange. How-ever, this study only supports barcode as the informationcarrier over screen-to-camera channel and heavily relies onhuman involvement. To secure short-range communication, thenear field communication (NFC) technique has enabled pop-ular mobile applications [7], [19] over secure communicationchannel such as contact-less payments, mobile advertisements,and device pairing, etc. However, NFC requires additionalhardware that is only available on a few smartphone platformson the market, and is also vulnerable to eavesdropping andjamming attacks [8], [20].

Active studies have been driven by the color shift property[21], [22] to display different contents to the users at differentviewing angles. Harrison et. al. [23] make the screen contentinvisible when viewed straight-on, but visible at oblique an-gles. Kim et. al. [14] propose a software solution which allowsthe screen to present two independent views concurrently ontwisted nematic LCD screens. The above studies built upon thecolor shift property only serve for specific viewing pattern onscreen, but they did not consider the confidential informationtransmission on the screen under the presence of adversaries.Kaleido [13] utilizes the disparities between the screen-to-eyechannel and the screen–to-camera channel to prevent unautho-rized users from videotaping a video played on a screen by re-encoding the original video frames. However, Kaleido preventsthe data communication over screen-to-camera channel due tothe randomly adopted optical patterns on screen. Unlike theexisting studies, our proposed approach introduces a secretkey distribution mechanism over the screen-to-camera VLCchannel leveraging the color shift property on LCD screen.The proposed secure communication system is integrated withour previous visible light communication system, Uber-in-Light [4], for communication performance study.

III. SYSTEM OVERVIEW

A. System Design

1) Background of Visible Light Communication: Visiblelight communication (VLC) over screen-to-camera channelhas the data encoded as specific optical patterns displayedon screen, which can be captured by any camera-equippeddevices thereafter for data decoding. The encoded informationis usually represented as some specific optical patterns onscreen [2], [3], [6]. In this paper, we focus on utilizing theluminance value L, an optical pattern contributed by threecolor channels (i.e., Red, Green, and Blue) as the secret key,to encode the data stream over the screen-to-camera channel.The data is encoded in such a way that the normal viewingexperience of users such as displaying a picture or watching avideo is not disturbed. Given the viewing angle in horizontaland vertical directions (Θ, Φ) and the distance (D) with respectto the screen, the expected luminance L̂C (where C indicates

Fig. 1. Workflow of the proposed VLC security system.

a particular color C ∈ {R,G,B}) on camera is derived basedon the visible light channel model:

L̂C(Θ,Φ, D) = H(Θ,Φ, D) ∗ LC +N (1)

where LC is the luminance value of the color C displayed onscreen, H(Θ,Φ, D) represents the channel response functionon the screen-to-camera channel, and N represents externallight interferences. Note that ∗ indicates the operator thatapplies the channel response to LC , and H(Θ,Φ, D) will beobtained through our empirical study (i.e., color shift curves).

2) Problem Formulation: Our objective is to secure the vis-ible light communication over screen-to-camera channel underthe presence of eavesdropping adversaries. Instead of relyingon traditional data encryption methods, the color shift propertyof screen-to-camera channel is utilized to prevent the unautho-rized users from decoding the transmitted data successfully.In particular, the expected luminance pattern should be onlycorrectly decoded by the legitimate user from certain viewingangles. Whereas the unauthorized users situated outside of theregion of the legitimate user’s viewing angles cannot decodethe pattern correctly. Assuming the luminance values observedby an attacker K and the legitimate user U are L̂C

K(Θ′,Φ′, D′)and L̂C

U (Θ,Φ, D), respectively, the following condition shouldbe satisfied to ensure the communication security as follows:

|L̂CK(Θ′,Φ′, D′)− L̂C

U (Θ,Φ, D)| ≥ ∆L, ∀Θ′,Φ′, d′

s.t., [Θ,Φ] [Θ′,Φ′]T ≥ ∆, D′ ≥ λ,

Θ ∈[θb, θu

],Φ ∈

[ϕb, ϕu

], D ∈

[db, du

].

(2)

where ∆L is the predefined luminance threshold,[Θ,Φ] [Θ′,Φ′]

T (with T represents vector transpose)represents the inner product of the 2D viewing angle vectorbetween the attacker and the legitimate user, ∆ and λ arethe thresholds indicating the restriction on viewing angle anddistance of the attacker with respect to the screen,

[θb, θu

],[

ϕb, ϕu]

and[db, du

]together regulate the region where the

legitimate user locates. In practice, if the screen is partitionedinto multiple grids, the proposed system should ensure asmany grids as possible to satisfy the above condition.

B. Design Challenges

To realize such a VLC security system based on theproblem formulation, we need to address the following threemain challenges:

- Easy Deployment. Due to the increasing popularity of theVLC system to support a broad range of applications, easydeployment is highly desirable. The designed system shouldtarget to use off-the-shelf devices.

- Reliable Key Mapping. We plan to design luminance patternson the screen, which could only be correctly decoded by thelegitimate user at a specific viewing angle/region. Thus, theproposed system should ensure the uniqueness of the secretkey for the legitimate user, while the attacker will most likelyderive the incorrect secret key from his viewing angle.

- Efficient Key Extraction for Various Screen Contents. Givena specific viewing angle, the camera-equipped user should beable to fast and accurately identify the encoded luminancepattern by eliminating both the geometric distortion due tothe perspective effects and external luminance interference. -Maintaining System Throughput. The designed VLC secret keydistribution system should maintain the throughput of visiblelight communication and does not disturb the normal viewingexperience of the legitimate user.

C. System Workflow

The basic idea of the proposed system is to map the secretkey to a unique optical pattern, which can only be correctlydecoded by the legitimate user situated at an expected viewingangle. According to the color shift property, the change of theviewing angle towards the screen results in different capturedoptical patterns at the camera. The details of the color shiftproperty are presented in Section IV. Such a unique opticalpattern then acts as a gridded mask to encode the transmittingdata stream embedded in the screen contents, and it also canbe decoded at the receiver for data stream extraction. Since wefocus on the secret key distribution over visible light channel,existing VLC modulation & demodulation approaches will beadopted here [4]. As depicted in Figure 1, the proposed systemconsists of five main components: Gridded Key Mapping, DataModulation & Encoding, User Access Region Identification,Key Extraction and Data Demodulation & Decoding.

The proposed system divides the screen into smaller grids,and each grid acts an independent visible light channel fordata transmission. The system utilizes the independent gridchannel characteristics to encode the secret key. Different gridsplay different roles. For instance, some of the grids filled withthe key information are referred as invalid grids, while othergrids do not carry any key information but are used for datatransmission referred as valid grids. The usage of the grids,including both the number and position of the invalid grids, tocarry key information is flexible and could be adjusted by thesystem. The valid grids also change their luminance randomlyduring data transmission to confuse the attacker.

To start, our system can flexibly adjust the transmissionoptical pattern based on the position of the legitimate user,instead of restricting the user have to reside at a fixed positionto obtain the secret key information. To achieve this, ourstrategies is to set a default luminance value at four cornergrids on the transmitter screen. Then the legitimate usercaptures the screen content, and acknowledges the transmitterabout the observed luminance values at the four corner gridsthrough public wireless channels. Specifically, the legitimateuser can encode the observed luminance values as flashlightsignals that can be captured by the camera on the transmitter,or utilize WiFi and Bluetooth connections that are publiclyaccessible in many places nowadays to send the observed

Viewing Angle (degree)-80 -60 -40 -20 0 20 40 60 80

Dete

cted

Lum

inanc

e Va

lue

0

50

100

150

200

250

300L0L30L60L90L120L150L180L210L240L255

Fig. 2. Luminance curves of vertical angle range Φ ∈ (−80◦, 80◦) withhorizontal angle fixed at Θ = 0◦.

luminance values. We do not require the security of out-of-band channels (e.g., WiFi and Bluetooth).. By matching thesevalues to the color shift profiles, the legitimate user accessregion could be uniquely determined based on the relationshipbetween the expected luminance pattern and viewing angles.The secret data will then be modulated to the correspondingoptical patterns on screen with respect to the legitimate useraccess region.

The system has the secret key and data stream as twoinputs for Gridded Key Mapping and Data Modulation &Video Fusion components, respectively. The secret key is firstmapped to such an optical pattern that can only be correctlydecoded by the legitimate user based on the pre-built colorshift profile for each grid on screen. The color shift profileonly needs to be built once, and solely maintained at thetransmitter (i.e., screen). Then the optical pattern is mapped tothe valid grids with different number and screen positions eachtime when there is a secret key to be distributed. Thus, it isdifficult for an attacker to predict the expected optical patternused for the secret key transmission. Specifically, we develop asecret key matching based algorithm, which utilizes each gridindependently to encode the secret key. The expected opticalpattern at receiver will be converted to a gridded mask. Afterthe secret key is successfully received, the data stream, asthe second input, is then modulated as unobtrusive luminancechanges against arbitrary video contents. Before being sentto the screen-to-camera channel, the modulated data streamis encoded with the gridded mask. Correspondingly, the datademodulation & decoding will be performed based on thecaptured screen contents and recover the original data stream.The detailed description of each component is presented inlater sections.

D. Attack Model

In this work, we utilize the terminologies of unautho-rized user and attacker interchangeably. The attacker has thecapability to access the screen (i.e., transmitter), but at adifferent angle and distance from the legitimate user. Theattacker is equipped with the same kind of devices as thelegitimate user’s to capture the screen contents and eavesdropsthe security information embedded in the detected luminance.The decoding algorithms for security information extractionare public for any receiving device. The attacker makes theefforts to avoid residing at the same viewing angle and distanceas the legitimate user. The closer the attacker gets to thelegitimate user, the higher the risk he/she will be exposed.Thus the attacker is detected in proximity, and the systemwill suspend the data transmission. Therefore the adversarialintent can not be achieved. Furthermore, the attacker does notaccess the legitimate users color shift profiles. In this work,we only consider an attacker with passive behaviors such aseavesdropping with the purpose of obtaining the secret key,while for those active attackers who would interfere with theenvironmental light conditions will end up not be able to cracka correct key.

Viewing Angle (degree)-80 -60 -40 -20 0 20 40 60 80

Dete

cted

Lum

inanc

e Va

lue

0

50

100

150

200

250

300L0L30L60L90L120L150L180L210L240L255

Fig. 3. Luminance curves of horizontal angle range Θ ∈ (−80◦, 80◦) withvertical angle fixed at Φ = 0◦.

IV. FEASIBILITY STUDY

Color shift property over screen-to-camera channel wouldresult in significant difference on the expected optical patternsfrom different vertical viewing angles. Therefore, it is criticalto ensure the expected optical pattern can be correctly detectedby the legitimate user. Specifically, two requirements shouldbe satisfied: 1) the expected optical pattern captured by thelegitimate user should be known by the transmitter; 2) theexpected optical pattern captured by the legitimate user shouldbe unique from all available vertical viewing angles.

A. Color Shift Study

An LCD comprises of a matrix of LC (liquid crystal)molecules between two polarizers and a uniform backlightbeneath them. Varying the voltage applied to the LC moleculescontrols their direction and in turn the light intensity eventuallyemitted from the screen. When the viewer looks at the screenfrom different angles, the line of light transmission is alsoat different angles with regard to the direction of the LCmolecules. This results in the light polarization directionsbeing rotated differently by the LC molecules, leading todifferent light intensities emitted from the same pixel todifferent angles. To study the color shift property, we carry outa series of preliminary experiments in a typical home/officeenvironment, where a number of default luminance values(e.g., 10) ranging from 0 to 255 applied to the same screenare detected from different viewing angles from (0◦,−80◦) to(0◦,80◦). Figure 2 and Figure 3 depict the luminance curvesalong the vertical and horizontal directions respectively. Theimportant observations are that 1) given one default luminanceon screen, the detected luminance values are different as theviewing angles changes, and 2) given one particular viewingangle, the detected luminance values show different variationtrend as the default luminance value on the screen changes.The above observations indicate that it is difficult to predictthe color shift pattern at different viewing angles, unless all thecombination of default luminance values and viewing anglesare visited. For different LCD screens, the color shift patternsare also exhibited differently, so there is no way to derive thecolor shift pattern of one particular LCD screen from otherLCD screens. Further, the color shift pattern is asymmetric,so it is also impossible to infer the expected optical pattern ata particular viewing angle from its symmetrical viewing angle.This phenomenon is more obvious in the vertical direction thanthat in the horizontal direction.

Next, we need to locate the most appropriate range ofviewing angles that ensures the legitimate user to obtainreliable expected optical pattern. Given the color shift patternalong vertical direction as in Figure 2, we partition the viewingangle Θ into two different regions as below: 1) Vertical angleΦ ∈ (−80◦,−50◦)

∪(50◦, 80◦) and horizontal angle Θ = 0◦

: The detected luminance values are much lower than thedefault luminance values set on screen, so it is not reliableto retrieve the expected luminance values at the receiver side

! !"

! !#

Fig. 4. Illustration of the legitimate user access region.

due to the limited luminance sensitivity on camera. We do notprefer to adopt this region for our proposed system; 2) Verticalangle Φ ∈ (−50◦, 50◦) and horizontal angle Θ = 0◦: Thedetected luminance values do not have significant degradationin comparison with the default luminance values set on thescreen, so it should satisfy the requirements for expectedluminance value detection. More importantly, the detectedluminance value does not keep constant in this viewing angleregion, so it would result in different luminance values to bedetected from any two different viewing angles. For the colorshift pattern along horizontal direction as shown in Figure 3, 1)Horizontal angle Θ ∈ (−80◦,−50◦)

∪(50◦, 80◦) and vertical

angle Φ = 0◦: the detection luminance values also have sharpdegradation as that in vertical direction; 2) Horizontal angleΘ ∈ (−50◦, 50◦) and vertical angle Φ = 0◦: the detectedluminance curves are so smooth that may result in similardetected luminance values at two far-away viewing angles, soit is not practical to rely the color shift properties solely alonghorizontal direction to secure the VLC channel.

In general, the color shift properties on screen-to-camerachannel can be summarized as follows: 1) fixed RGB com-bination color follows stable detected luminance curve withviewing angle change; 2) the vertical angle impact on thedetected luminance is larger than horizontal angle impact; and3) each luminance curve is unpredictable and unique. It cannotbe obtained with theoretical calculation.

B. Legitimate User Access Region

Before introducing the proposed system, we first needto define the legitimate user access region, which is criticalto perform secret key distribution utilizing the color shiftprofiles. As introduced in Section IV-A, the luminance valueson each individual color channel represent a unique pattern ata specific vertical viewing angle, correspondingly the overallluminance value contributed from three color channels alsoshow distinct patterns from different vertical viewing angles.It enables the legitimate user to map the secret key to anexpected luminance pattern dedicated to a small vertical view-ing angle region, which is different from that of attacker’s.In the meanwhile, since the detected luminance in horizontaldirection changes much smoother than that in the verticaldirection, the horizontal viewing angle has more flexibility onthe region that allows legitimate user to access. Specifically,the legitimate user access region is defined as a pyramidregion with the width in horizontal direction (i.e., X axis)larger than that in vertical direction (i.e., Y axis) as shownin Figure 4. Within this region, the legitimate user can receivethe expected luminance pattern from the screen. Outside thisregion, the users obtain different luminance patterns, andthereby miss or only access partial secret key embedded in theexpected luminance values. Considering the symmetric colorshift property in the horizontal direction of LCD screen, thelegitimate user access region should be as much as close tothe horizontal angle 0◦.

V. ALGORITHM

The goal of the algorithm design is to map a secret keyto a unique luminance pattern on screen, and such luminancepattern can only be correctly decoded within the legitimateuser access region.

A. Color Shift Profiling

In order to perform practical secret key distribution, wefirst need to build the color shift profiles, which are thecollections of the detected luminance values from differentviewing angles. We have the screen divided into multiple gridsto carry out concurrent data transmissions, where the secretkey is transmitted in the manner of valid grids, and the datatransmission is performed through invalid grids. According tocolor shift study, the camera will obtain different expectedluminance patterns on each grid even if the whole screenhas one single luminance value from different viewing angles.Therefore, the color shift profiles should include 1) (luminancesetting, angle) on the screen, and 2) (expected luminancevalue, angle) can be captured by the camera.

In our empirical study, we choose 10 luminance valuesranging from 0 to 255 with the interval 30 as the benchmark lu-minance, and each of these luminance values will be applied tom×n grids on the screen. For the convenience of processing,we utilize a chessboard-like pattern to represent the grids onscreen. Next, the expected luminance values on these grids willbe collected by the camera from 17 different viewing anglesranging from −80◦ to +80◦ in vertical direction. At eachviewing angle, m×n expected luminance values are recorded.Figure 5 displays an example of color shift profiles fromdifferent viewing angles. It confirms that different grids havedifferent expected luminance values with the same benchmarkluminance. Considering all the benchmark luminance valuesand viewing angles, 17 × 10 × m × n expected luminancevalues will be collected to build the color shift profiles intotal. To facilitate practical system design, the transmitter (i.e.,screen) only needs to build the color shift profile once, whichis unknown to the users.

B. User Access Region Identification

Before the secret key transmission, in order to avoid theambient light interference, the transmitting screen at first is setto pure black color before performing key extraction, so thatthe receiver could collect current ambient light signals N pro-jected on the screen in Equation 2. Such interference will bededucted from the detected luminance values in the rest of theframes. Next, the transmitter needs to recognize the legitimateuser access region, which is critical to establish the securevisible light channel between a pair of transceivers. Withoutloss of generality, the transmitter sends a default luminancevalue at four corner grids on screen, and the legitimate useracknowledges the corresponding observed luminance valuesthrough public wireless channels (i.e., encoded as flashlightsignals to be captured by the camera on transmitter, or sentover existing WiFi or Bluetooth links). Next, the transmitter isable to identify the legitimate user access region based on therelationship between expected luminance pattern and viewingangles in color shift profiles. Therefore, the secure visible lightchannel is established with the common knowledge on thelegitimate user access region between transmitter and receiver.Since the attackers have no idea about the color profiles thatare stored on transmitter, they still can not determine the le-gitimate user access region even the acknowledged luminancevalues from receiver are intercepted.

(a) Default luminance 30 atthe viewing angle (Θ,Φ) =(0◦, 10◦).

(b) Default luminance 120 atthe viewing angle (Θ,Φ) =(0◦, 20◦).

Fig. 5. Illustration of color shift profiling for different viewing angles.

C. Key Matching based Method

Basic Idea. Key matching based method aims to encodethe secret key to such a luminance pattern on screen thatcould only be successfully decoded by the receivers withinthe legitimate user access region. To achieve this, it is criticalto select appropriate valid grids on the screen, and assignluminance values from the color shift profiles to these validgrids. Therefore, it could involve as many as possible validgrids rendering different expected luminance values betweenlegitimate user and attacker in Equation 2.

Key Mapping. In this step, the transmitter maps out sucha luminance pattern on screen that could result in the expectedluminance value Le on the valid grids for the legitimateuser. We first choose a certain number of valid grids onthe screen, and the number of valid grids is defined as thekey length K. It is essential to have the valid grids widelydistributed over the screen. According to the color shift studyin Section IV, the expected luminance value is sensitive tothe changes on the legitimate user access region, so the widedistribution of valid grids could minimize the opportunities ofthe attacker to obtain the correct expected luminance values.Specifically, we traverse the luminance profile of each grid onthe chessboard, and seek for a subset of valid grids Gv thatcould produce the expected luminance value at the legitimateuser access region. Next, K valid grids of Gv will be chosenand filled with appropriate luminance values L̂ to ensure thatthe detected luminance values at the legitimate user accessregion match the expected luminance values Le. Since eachgrid on the screen has an independent color shift profile, L̂will be obtained through exhaustive search in the color shiftprofiles for different valid grids.

By now we could retain the expected luminance value forthe valid grids within the legitimate user access region. Theremay be multiple L̂ values fulfilling the above requirement,but some L̂ may make the attacker also obtain the expectedluminance value for the valid grids outside the legitimate useraccess region. Improper L̂ should be eliminated based on therequired condition in Equation 2. Therefore, the valid gridsassigned by the transmitter can only be correctly identifiedby legitimate user. Furthermore, since the expected luminancevalue is publicly available for any user, to further enhance thesecurity and confuse the attacker, some of the remaining grids(i.e., invalid grids) will be filled in with the luminance valuesthat would also match the expected luminance value outsideof the legitimate user access region.

Key Extraction. Next, the legitimate user will identifythe expected luminance pattern, and extract all the validgrids. We assume L̃ is the luminance value read out fromthe captured screen content for a specific valid grid [m,n].According to the visible light channel model in Equation 1,L̃ may not exactly match the expected luminance value atthe legitimate user access region due to the ambient light

interference. The difference between L̃ and Le is representedas δ = |Le [m,n]− L̃ [m,n] |.

To tolerate the error introduced by the interference, wevalidate each grid through the following hypothesis test witha predefined threshold ∆L:

I =

{0 δ 6 ∆L

1 δ > ∆L(3)

where I indicates whether the grid matches the expected lumi-nance value. If the difference between the detected luminancevalue and expected luminance value is less than ∆T , thegrid will be marked as a valid grid; otherwise it will bemarked as an invalid grid, which will participate in the datacommunication.

Security Analysis. The key matching based method re-sults in a set of discrete valid grids on the screen, andthe luminance value on each valid grid is chosen from thecolor shift profiles with respect to a particular legitimateuser access region. Experimental results (in Section VII-C)show that it is highly impossible for the attacker to obtainall valid grids without entering the legitimate user accessregion. Furthermore, the invalid grids are also designed toproduce the expected luminance value at some viewing anglesoutside of the legitimate user access region. If the attackerhappens to reside at these viewing angles, some invalid gridswill incorrectly be detected as valid grids. Since the numberof valid grids, which represents the key length, is randomlychosen at the transmitter, the attacker may obtain differentnumbers of valid grids outside the legitimate user accessregion.

D. Data Transmission

After the secret key is successfully distributed to the legit-imate user, we adopt the existing work [4] to perform the datatransmission. The data stream embedded in the video framesis transmitted in an unobtrusive luminance manner, which willnot disturb the user’s viewing experience on watching a video.Specifically, the data stream is multiplexed as complementarycolor intensity changes over Red, Green, and Blue (RGB)channels onto the video frames. As shown in the systemworkflow in Figure 1, we next need to perform the dataencoding via the secret key in the key matching algorithmafter the data modulation. The real data stream embeddedin the video frames are only appeared on invalid grids fortransmission, while the valid grids only create random datastreams to confuse the attackers. So the data throughput isproportional to the number of invalid grids.

VI. PROTOTYPE IMPLEMENTATION

We implement the proposed secret key distribution systemover visible light channel with C++ and OpenCV libraries.OpenCV libraries provide well-developed image processingand feature detection functions. The transmitter and receiverare deployed on an LCD monitor and smartphone respectively.In particular, we choose Dell 24′′ LCD monitor with therefresh rate of 60fps as the transmitter because for thetransmitter to encode data, its screen needs to be able todisplay at least 60 frames per second and exhibits color shift atvarious viewing angles. There are two inputs, the data streamand a binary secret key, for the transmitter to processing. Thetransmitter maps the secret key to a gridded optical pattern,modulates the data stream onto the video frames, and displaysthe multiplexed video stream on screen. We utilize the built-in

(a) Chessboard Display. (b) Video Display.

Fig. 6. Experimental setup.

function cvRectangle in OpenCV to create a communicationlayer, which is used to generate chessboard grids and assigndifferent luminance values on the grids based on the secretkey to be distributed.

For the receiver, we choose iPhone 6, which has the built-in camera with the refresh rate of 240fps, so that it canbe able to capture the data stream embedded in the videostream at 60fps, To implement the receiver, we use the moduleAVCapture in the iOS AVFoundation framework to recordvideos, and then decode the secret key from the recorded videowith the build-in OpenCV functions. The receiver captures thescreen contents on screen, detects the gridded optical patternand calculate average luminance on each grid. Specifically,we utilize cvFindChessboardCorners function to identify thechessboard from the captured screen content, and extract theluminance value of each grid. To provide reliable detectionresults, we enable the built-in light sensor in smartphone toadjust the ISO value in camera, so that it could adapt to thedarkness of external environment.

VII. PERFORMANCE EVALUATION

In this section, we evaluate the performance of the pro-posed secret key distribution system. We examine the detectedluminance of the grids on the screen from different viewingangels, and evaluate the grid identification accuracy and bitsdecoding accuracy over the screen-to-camera VLC channel.We first introduce our experimental methodology and metrics,and then discuss the evaluation results.

A. Methodology

The proposed secret key distribution system is evaluatedwith a TN LCD screen (i.e, 24′′ Dell monitor with 1600×900resolution and 60Hz refresh rate as the transmitter) and twosmartphones (i.e., we use iPhone 6 to act as both legitimateusers and attacker) in typical home/office environments, wherethe external light interferences keep constant. Note that theproposed system is suitable for generic monitors and off-the-shelf mobile devices without specialized hardware require-ments. The screen is held by a monitor arm that can adjustthe orientation of the screen as shown in Figure 6 (a). Theexposure time and ISO of camera are fixed at 1/90sec and 100,respectively, and the white balance on the camera is locked.

To evaluate the key distribution effectiveness and securityof the proposed system, we place one iPhone 6 within thelegitimate user access region that could be 65cm, 80cm and100cm from the screen as shown in Figure 6 (a), and we alsohave another iPhone 6 reside outside the legitimate user accessregion with the same distance. The reason why we use thesame type of devices acting as both the legitimate user andattacker is to ensure equivalent capabilities when extractingthe secret key from the transmitter. if other types of devicesare employed, the attacker will experience low possibilityto successfully to obtain the correct secret key. The colorshift profiling process has the screen automatically display the

default luminance values, while the camera captures the colorshift profiles when the viewing angle is manually adjustedto cover all the viewing angles. The whole process usuallylasts for less than 1 hour. The expected luminance patterns,which involve 10 different luminance values ranging from 0to 255, with respect to different legitimate user access regionsare designed according to the rules defined in the proposedkey matching algorithm. We vary the viewing angles of thecamera by changing the orientation of the screen to capturethe luminance pattern on the screen, and both legitimateuser and attacker will perform key extraction individually.In this experiment, the viewing angle varies from −80◦ to80◦ both vertically and horizontally, which is controlled by adigital protractor, and we examine security performance fromdifferent viewing angles. In particular, we generate 5 differentchessboards of the size 5×5, 6×6, 7×7, 8×8 and 9×9 forperformance evaluation. Only the results for the size 5×5and 9×9 are given in this paper, since the performance ofother sizes falls between that of 5×5 and 9×9. Based on ourempirical study, in general the expected luminance detectionthreshold is fixed at ±5 unless explicitly mentioned.

To evaluate the encrypted data transmission accuracy andthroughput, we develop the proposed secure communicationsystem based on our visible light channel communicationsystem, Uber-in-Light [4], which has achieved comparabledata rate with other existing VLC communication systems(Highlight [3] and Inframe [2]). We evaluate the communi-cation performance of the proposed secure communicationsystem based on Uber-in-light [4]. The data streams areembedded into a drama video with 30fps lasting for 1minas shown in Figure 6 (b), and only the invalid grids allowreal data transmission. Both legitimate user and attacker areequipped with the cameras to capture the video frames fordata decoding. The data transmission accuracy is evaluatedwith respect to specific legitimate user access regions, and thethroughput is inspected under the impact of chessboard size.

B. Metrics

To evaluate the system performance comprehensively, wedefine the following two metrics, Grid Identification Accuracyand Bit Decoding Accuracy, as follows:

1) Grid Identification Accuracy: The system independentlydetects the luminance value on each grid when distributingthe secret key, and identify the grids who render the expectedluminance values. The grid identification accuracy Pgrid is de-fined as the percentage of correctly identified grids Gr over thegrids that are supposed to produce expected luminance value inlegitimate user access region Gs, i.e., Pgrid = (Gr

∩Gs)/Gs.

2) Bit Decoding Accuracy.: The bit decoding accuracy isdefined as the percentage of correctly received bits over alldata bits transmitted over the screen-to-camera channel as,Pbits = (br

∩bs)/bs, where br is the bits correctly decoded

at the receiver, and bs is all the transmitted bits.

C. Evaluation Results

1) Grid Identification Accuracy: Impact of Viewing An-gles. We first study the grid identification accuracy when vary-ing the viewing angles in vertical direction Φ but fixed at Θ =0◦ in horizontal direction. Both the 5×5 and 9×9 chessboardare deployed in the experiments. Figure 7 depicts the averagegrid identification accuracy for both the legitimate user andattacker given 4 different legitimate user access regions (i.e.,(Θ,Φ) = (0◦,±20◦) and (0◦,±40◦)). For both chessboard

Viewing angle (degree)-50 -40 -30 -20 -10 0 10 20 30 40 50

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100

Attacker at 5×5 chessboardLegitimate user at 5×5 chessboardAttacker at 9×9 chessboardLegitimate user at 9×9 chessboard

Viewing angle (degree)-50 -40 -30 -20 -10 0 10 20 30 40 50

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100

Attacker at 5×5 chessboardLegitimate user at 5×5 chessboardAttacker at 9×9 chessboardLegitimate user at 9×9 chessboard

(a) (Θ,Φ) = (0◦, 20◦). (b) (Θ,Φ) = (0◦,−20◦).

Viewing angle (degree)-50 -40 -30 -20 -10 0 10 20 30 40 50

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100

Attacker at 5×5 chessboardLegitimate user at 5×5 chessboardAttacker at 9×9 chessboardLegitimate user at 9×9 chessboard

Viewing angle (degree)-50 -40 -30 -20 -10 0 10 20 30 40 50

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100

Attacker at 5×5 chessboardLegitimate user at 5×5 chessboardAttacker at 9×9 chessboardLegitimate user at 9×9 chessboard

(c) (Θ,Φ) = (0◦, 40◦). (d) (Θ,Φ) = (0◦,−40◦).

Fig. 7. Grid Identification Accuracy in the vertical direction whenthe legitimate user is positioned at four different vertical angles,(0◦, 20◦), (0◦,−20◦), (0◦, 40◦), and (0◦,−40◦) on the 5×5 and 9×9chessboards; and the attacker accesses the screen from outside the legitimateuser access region.

sizes, the legitimate user always has 100% grid identificationaccuracy while the attacker outside legitimate user accessregion maintains consistent low accuracy. It implies that theattacker can barely recover most of the valid grids withoutentering the legitimate user access region. This is becausethe expected luminance values vary so sharply as shown inFigure 2 that even small changes on the viewing angle wouldinduce significant changes on the expected luminance outsidelegitimate user access region. Given that the valid grids arescatteredly distributed, it is easy to infer that the key matchingbased method is not sensitive to the chessboard size, whichis confirmed by the results shown in Figure 7. We focus on5×5 chessboard in the rest of the performance evaluation dueto the less impact on chessboard size.

Next we discuss the grid identification accuracy when theviewing angle varies in the horizontal direction but fixed invertical direction. As shown in Figure 8 (a)-(c), given anyspecific angle in vertical direction (i.e., Φ = ±20◦ or 40◦), italways retains the grid identification accuracy for legitimateuser as high as over 80% when the legitimate user accessregion is restricted within Θ = [−10◦, 10◦] in horizontaldirection, while the attacker has low accuracy (i.e., less than20%) outside of this region. Figure 8 (d) has relatively highergrid identification accuracy for the attacker (i.e., 60%), sincethe expected luminance at Φ = −40◦ does not change as sharpas those at other vertical angles along the horizontal direction.

Grid Identification Accuracy Study of different keylengths. We study the impact of key length to our keymatching based approach. Specifically, the grid identificationaccuracy is examined as the difference of viewing anglesbetween legitimate user and attacker changes. Figure 9 showsthat the grid identification accuracy for the attacker alwaysmaintains as low as 20% for both short and long key lengths(i.e., ≤ 4 and ≥ 5). It indicates that our key matching methodis robust to defend against the attacks with different keylengths.

Impact of Distance, Threshold and Wide-Range UserAccess Region. In Figure 10 (a), we study the impact ofgeometric distance between transmitter and receiver to the grididentification accuracy. As the distance increases, the mutualinterference on the adjacent grids become innegligible for keymatching based method. It may result in similar expected

Viewing angle (degree)-50 -40 -30 -20 -10 0 10 20 30 40 50

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100AttackerLegitimate user

Viewing angle (degree)-50 -40 -30 -20 -10 0 10 20 30 40 50

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100AttackerLegitimate user

(a) (Θ,Φ) = (−10◦, 20◦) (b) (Θ,Φ) = (−10◦,−20◦)

to (10◦, 20◦). to (10◦,−20◦).

Viewing angle (degree)-50 -40 -30 -20 -10 0 10 20 30 40 50

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100AttackerLegitimate user

Viewing angle (degree)-50 -40 -30 -20 -10 0 10 20 30 40 50

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100AttackerLegitimate user

(c) (Θ,Φ) = (−10◦, 40◦) (d) (Θ,Φ) = (−10◦,−40◦)

to (10◦, 40◦). to (10◦,−40◦).

Fig. 8. Grid Identification Accuracy of different legitimate user access regionin the horizontal direction.

Viewing angle difference (degree)0 10 20 30 40 50 60 70 80

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100AttackerLegitimate user

Viewing angle difference (degree)0 10 20 30 40 50 60 70 80

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100AttackerLegitimate user

(a) short key length: ≤ 4. (b) long key length: ≥ 5.

Fig. 9. Grid Identification Accuracy of the attacker across multiple chess-boards under different key lengths.

luminance for the same valid grid at different viewing angles.So the overall performance with short distance is slightly betterthan that with long distance.

Figure 10 (b) presents the impact of different thresholds(i.e., ±5 and ±10) for the expected luminance detection. Asthe threshold increases, the grid identification accuracy forthe attacker increases accordingly. The expected luminancevalues of some grids may not have much difference betweenthe legitimate user and attacker. If these grids happen to bevalid grids, it is also possible to correctly determine them asvalid grids with a larger threshold by the attacker. Further, thethreshold should not be too small in avoid of the impact ofambient light interference.

Previous results study the security performance for narrow-range legitimate user access region, which corresponds to onespecific viewing angle. However, with careful design on theexpected luminance pattern, the proposed system could alsoserve for wide-range legitimate user access region. As shownin Figure 10 (c) and (d), we find that the grid identificationaccuracy still maintains over 90% when the viewing angledifferences increases to 10◦ and 20◦ in the vertical andhorizontal directions, respectively. The above results indicatethe possibility of introducing wide-range legitimate user accessregion to our proposed system for secret key distribution.Such wide-range legitimate user access region provides theflexibility for mobile users, but it also increases the risk thatthe attacker may enter the legitimate user access region.

2) System Bit Decoding Accuracy: We discuss the bitdecoding accuracy for the data stream encrypted with secretkey generated by the key matching based method. As shownin the Figure 11 (a), we observe that the bit decoding accuracy

Viewing angle difference (degree)0 10 20 30 40 50 60 70 80

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100Attacker 65cmLegitimate user 65cmAttacker 80cmLegitimate user 80cmAttacker 100cmLegitimate user 100cm

Viewing angle difference (degree)0 10 20 30 40 50 60 70 80

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100Attacker threshold ±5Legitimate user threshold ±5Attacker threshold ±10Legitimate user threshold ±10

(a) Different distances. (b) Different thresholds.

Viewing angle difference (degree)0 10 20 30 40 50 60 70 80

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100AttackerLegitimate user

Viewing angle difference (degree)0 10 20 30 40 50 60 70 80

Grid

iden

tific

atio

n ac

cura

cy (%

)

0

20

40

60

80

100AttackerLegitimate user

(c) Wide-range in the vertical direction. (d) Wide-range in the horizontal direction.

Fig. 10. Grid Identification Accuracy with different transmission distances,thresholds and wide-range legitimate user access region.

Viewing angle-20 -10 0 10 20 30

Bit

Dec

odin

g A

ccur

acy

(%)

0

20

40

60

80

100Attacker (θ, φ) = (0, +20)Legitimate user (θ, φ) = (0, +20)Attacker (θ, φ) = (0, +30)Legitimate user (θ, φ) = (0, +30)

5x5 6x6 7x7 8x8 9x9

100

150

200

250

300

350

Chessboard Size

Thro

ughp

ut (b

ps)

(a) Bit decoding accuracy (b) Throughput

Fig. 11. Performance of Data Transmission.

of legitimate user keeps as high as over 95% at the viewingangle 20◦ and 30◦, while the attacker can only achieve around50% accuracy outside legitimate user access region, which isequivalent to random guess.

3) System Throughput: Finally, the throughput perfor-mance of the proposed VLC security system is studied.Figure 11 (b) presents the throughput for key matching basedmethod under different number of grids on chessboard. Wefind that the throughput keep increasing while the number ofgrid on the chessboard goes larger. Particularly, it achievesover 300bps when deploying 9×9 chessboard. The results alsoconfirms that the proposed security mechanisms introduceslittle throughput overhead comparing with Uber-in-Light [4].

VIII. CONCLUSIONS

In this paper, we propose a secret key distribution sys-tem leveraging the color shift property over screen-to-camerachannel. Inspired by such observation that the visible infor-mation displayed on screen would result in different opticalpatterns from different viewing angles, we develop the secretkey matching based algorithm to map the secret key into aunique gridded optical pattern that is only accessible from aspecific region. In particular, the proposed method encodesthe secret key to an expected luminance pattern on each gridindependently, so it provides high flexibility of the legitimateuser access region with different key lengths, and controlsthe system throughput easily. We prototype the proposedsystem with off-the-shelf devices and evaluate it under variousexperimental scenarios. The experimental results confirm theeffectiveness of our system in terms of high bit-decodingaccuracy for the legitimate users and very low key recoveryaccuracy for the attackers.

IX. ACKNOWLEDGMENT

This work was supported in part by the US NationalScience Foundation under grant numbers CNS-1409767, CNS-1514436, and the Army Research Office under grant numberW911NF-13-1-0288.

REFERENCES

[1] W. Hu, H. Gu, and Q. Pu, “Lightsync: Unsynchronized visual com-munication over screen-camera links,” in ACM MobiCom, 2013, pp.15–26.

[2] A. Wang and et al., “Inframe++: Achieve simultaneous screen-humanviewing and hidden screen-camera communication,” in ACM MobiSys,2015, pp. 181–195.

[3] T. Li and et al., “Hilight: Hiding bits in pixel translucency changes,”in VLCS, 2014, pp. 45–50.

[4] I. Mostafa and et al., “Uber-in-light: Unobtrusive visible light commu-nication leveraging complementary color channel,” in IEEE INFOCOM,2016.

[5] R. Nandakumar, K. K. Chintalapudi, V. Padmanabhan, and R. Venkate-san, “Dhwani: Secure peer-to-peer acoustic nfc,” in SIGCOMM. NewYork, NY, USA: ACM, 2013, pp. 63–74.

[6] B. Zhang and et al., “Sbvlc: Secure barcode-based visible light commu-nication for smartphones,” in IEEE INFOCOM, 2014, pp. 2661–2669.

[7] C. Mulliner, “Vulnerability analysis and attacks on nfc-enabled mobilephones,” in Availability, Reliability and Security, 2009, pp. 695–700.

[8] M. M. A. Allah, “Strengths and weaknesses of near field commu-nication (nfc) technology,” Global Journal of Computer Science andTechnology, vol. 11, no. 3, 2011.

[9] K. Laeeq and J. A. Shamsi, “A study of security issues, vulnerabilitiesand challenges in internet of things,” Securing Cyber-Physical Systems,p. 221, 2015.

[10] G. Woo, A. Lippman, and R. Raskar, “Vrcodes: Unobtrusive and activevisual codes for interaction by exploiting rolling shutter,” in ISMAR,Nov 2012, pp. 59–64.

[11] B. Schneier, Applied Cryptography: Protocols, Algorithms, and SourceCode in C. John Wiley & Sons, Inc., 1995.

[12] B. Prashanth and Y. Pandurangaiah, “Generation of secret key forphysical layer to evaluate channel characteristics in wireless communi-cations,” Conference on Emerging Research in Computing, Information,Communication and Applications, 2013.

[13] L. Zhang and et al., “Kaleido: You can watch it but cannot record it,”in ACM MobiCom, 2015, pp. 372–385.

[14] S. Kim and et al., “Enabling concurrent dual views on common lcdscreens,” in ACM SIGCHI Conference on Human Factors in ComputingSystems, 2012, pp. 2175–2184.

[15] A. Burton and et al., “Performance analysis for 180 receiver in visiblelight communications,” in IEEE ICCE, 2012, pp. 48–53.

[16] S. Schmid and et al., “Led-to-led visible light communication net-works,” in ACM MobiHoc, 2013, pp. 1–10.

[17] C.-W. Chow and et al., “Secure communication zone for white-lightled visible light communication,” Optics Communications, vol. 344,pp. 81–85, 2015.

[18] C. Rohner and et al., “Security in visible light communication: Novelchallenges and opportunities,” Sensors & Transducers Journal, vol. 192,no. 9, pp. 9–15, 2015.

[19] G. Van Damme, K. Wouters, and B. Preneel, “Practical experiences withnfc security on mobile phones,” Proceedings of the RFIDSec, vol. 9,p. 27, 2009.

[20] K. Markantonakis, “Practical relay attack on contactless transactionsby using nfc mobile phones,” RFIDsec, vol. 12, p. 21, 2012.

[21] M. C. Stone, “Color and brightness appearance issues in tiled displays,”IEEE Computer Graphics and Applications, vol. 21, no. 5, pp. 58–66,2001.

[22] T. Toyooka and et al., “Viewing angle performance of tn-lcd with hybridaligned nematic film,” Displays, vol. 20, pp. 221–229, 1999.

[23] C. Harrison and S. E. Hudson, “A new angle on cheap lcds: makingpositive use of optical distortion,” in ACM symposium on User interfacesoftware and technology, 2011, pp. 537–540.