Efficient and practical DHEKE protocols
ACM SIGOPS Operating Systems Review
SPINS: security protocols for sensor networks
Proceedings of the 7th annual international conference on Mobile computing and networking
Security Weaknesses in Bluetooth
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
Proceedings of the 7th International Workshop on Security Protocols
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
TinySec: a link layer security architecture for wireless sensor networks
SenSys '04 Proceedings of the 2nd international conference on Embedded networked sensor systems
Proceedings of the 3rd international conference on Mobile systems, applications, and services
MiniSec: a secure sensor network communication architecture
Proceedings of the 6th international conference on Information processing in sensor networks
On the security of public key protocols
SFCS '81 Proceedings of the 22nd Annual Symposium on Foundations of Computer Science
Security associations in personal networks: a comparative analysis
ESAS'07 Proceedings of the 4th European conference on Security and privacy in ad-hoc and sensor networks
Key agreement in ad hoc networks
Computer Communications
How to secure bluetooth-based pico networks
SAFECOMP'07 Proceedings of the 26th international conference on Computer Safety, Reliability, and Security
Hi-index | 0.00 |
In wireless personal area networks, establishing trust and authentication with previously unknown parties is both necessary and important. We propose an auxiliary channel Diffie-Hellman encrypted key-exchange authentication scheme to establish secure authentication between two previously unknown devices. The key exchange creates a high-entropy shared key from a low-entropy PIN that is transferred through an auxiliary channel. The strong shared key is then used for authentication of exchanged public keys. The scheme protects against both man-in-the-middle and passive eavesdropping attacks, including offline PIN cracking. We focus on Bluetooth version 2.1 and analyze the Simple Pairing protocols. We restrict the supported usage scenarios for the Just Works and Passkey Entry protocols and design a protocol using our proposed solution to replace both protocols. We recognize that our proposed protocol is substantially more secure than the current Just Works protocol, achieves the same security level as the Passkey Entry protocol while maintaining the usability and convenience level for the user. In addition, the proposed protocol considerably reduces the number of messages exchanged compared to the Passkey Entry protocol.