Fundamentals of interactive computer graphics
Fundamentals of interactive computer graphics
The Untrusted Computer Problem and Camera-Based Authentication
Pervasive '02 Proceedings of the First International Conference on Pervasive Computing
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
Proceedings of the 7th International Workshop on Security Protocols
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Secure Device Pairing based on a Visual Channel (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Loud and Clear: Human-Verifiable Authentication Based on Audio
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Simple and effective defense against evil twin access points
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Security associations in personal networks: a comparative analysis
ESAS'07 Proceedings of the 4th European conference on Security and privacy in ad-hoc and sensor networks
Usability analysis of secure pairing methods
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Efficient device pairing using "Human-comparable" synchronized audiovisual patterns
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Secure communications over insecure channels based on short authenticated strings
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
SAS-Based authenticated key agreement
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Automated Device Pairing for Asymmetric Pairing Scenarios
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Point&Connect: intention-based device pairing for mobile phone users
Proceedings of the 7th international conference on Mobile systems, applications, and services
Secure Pairing of "Interface-Constrained" Devices Resistant against Rushing User Behavior
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Two heads are better than one: security and usability of device associations in group scenarios
Proceedings of the Sixth Symposium on Usable Privacy and Security
Authentication technologies for the blind or visually impaired
HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
Usability classification for spontaneous device association
Personal and Ubiquitous Computing
Secure and usable out-of-band channels for ad hoc mobile device interactions
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Hi-index | 0.00 |
The operation of achieving authenticated key agreement between two human-operated devices over a short-range wireless communication channel (such as Bluetooth or WiFi) is referred to as "Pairing". The devices in such a scenario are ad hoc in nature, i.e., they can neither be assumed to have a prior context (such as pre-shared secrets) with each other nor do they share a common trusted on- or off-line authority. However, the devices can generally be connected using auxiliary physical channel(s) (such as audio, visual, etc.) that can be authenticated by the device user(s) and thus form a basis for pairing. One of the main challenges of secure device pairing is the lack of good quality output interfaces as well as corresponding receivers on devices. In [13], we presented a pairing scheme which is universally applicable to any pair of devices (such as a WiFi AP and a laptop, a Bluetooth keyboard and a desktop, etc.). The scheme is based upon the device user(s) comparing short and simple synchronized audiovisual patterns, such as "beeping" and "blinking". In this paper, we automate the (manual) scheme of [13] by making use of an auxiliary, commonly available device such as a personal camera phone. Based on a preliminary user study we conducted, we show that the automated scheme is generally faster and more user-friendly relative to the manual scheme. More importantly, the proposed scheme turns out to be quite accurate in the detection of any possible attacks.