Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts
UbiComp '01 Proceedings of the 3rd international conference on Ubiquitous Computing
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
Proceedings of the 7th International Workshop on Security Protocols
Public-key support for group collaboration
ACM Transactions on Information and System Security (TISSEC)
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Secure Device Pairing based on a Visual Channel (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Loud and Clear: Human-Verifiable Authentication Based on Audio
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Simple and effective defense against evil twin access points
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Acoustic Modems for Ubiquitous Computing
IEEE Pervasive Computing
Shake well before use: authentication based on accelerometer data
PERVASIVE'07 Proceedings of the 5th international conference on Pervasive computing
Usability analysis of secure pairing methods
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Efficient device pairing using "Human-comparable" synchronized audiovisual patterns
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
SAS-Based authenticated key agreement
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Efficient mutual data authentication using manually authenticated strings
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Secure Pairing of "Interface-Constrained" Devices Resistant against Rushing User Behavior
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Blink 'Em All: Scalable, User-Friendly and Secure Initialization of Wireless Sensor Nodes
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
On the Usability of Secure Association of Wireless Devices Based on Distance Bounding
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Groupthink: usability of secure group association for wireless devices
Proceedings of the 12th ACM international conference on Ubiquitous computing
Pairing devices for social interactions: a comparative usability evaluation
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Secure negotiation for manual authentication protocols
CMS'11 Proceedings of the 12th IFIP TC 6/TC 11 international conference on Communications and multimedia security
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Body sensor network key distribution using human interactive channels
Proceedings of the 4th International Symposium on Applied Sciences in Biomedical and Communication Technologies
Usability classification for spontaneous device association
Personal and Ubiquitous Computing
Data-minimizing authentication goes mobile
CMS'12 Proceedings of the 13th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
MultiNet: reducing interaction overhead in domestic wireless networks
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
User-aided reader revocation in PKI-based RFID systems
Journal of Computer Security - ESORICS 2010
Hi-index | 0.00 |
The number and diversity of personal electronic gadgets have been steadily increasing but there has been fairly little progress in secure pairing of such devices. The pairing challenge revolves around establishing on-the-fly secure communication without any trusted (on- or off-line) third parties between devices that have no prior association. One basic approach to counter Man-in-the-Middle (MiTM) attacks in such setting is to involve the user in the pairing process. Previous research yielded some interesting secure pairing techniques, some of which ask too much of the human user, while others assume availability of specialized equipment (e.g., wires, photo or video cameras) on personal devices. Furthermore, all prior methods assumed an established insecure channel over a common digital (human-imperceptible) communication medium, such as infrared, 802.11 or Bluetooth.In this paper we introduce a very simple technique called HAPADEP (Human-Assisted Pure Audio Device Pairing). HAPADEP uses the audio channel to exchange both data and verification information among devices without requiring any other means of common electronic communication. Despite its simplicity, a number of interesting issues arise in the design of HAPADEP. We discuss design and implementation highlights as well as usability features and limitations.