EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The Cricket location-support system
MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
Security: for ubiquitous computing
Security: for ubiquitous computing
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts
UbiComp '01 Proceedings of the 3rd international conference on Ubiquitous Computing
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
Proceedings of the 7th International Workshop on Security Protocols
Modern Cryptography: Theory and Practice
Modern Cryptography: Theory and Practice
Public-key support for group collaboration
ACM Transactions on Information and System Security (TISSEC)
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Secure Device Pairing based on a Visual Channel (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Loud and Clear: Human-Verifiable Authentication Based on Audio
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Integrity regions: authentication through presence in wireless networks
WiSe '06 Proceedings of the 5th ACM workshop on Wireless security
A Human-Verifiable Authentication Protocol Using Visible Laser Light
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Improving the accuracy of ultrasound-based localisation systems
Personal and Ubiquitous Computing
Simple and effective defense against evil twin access points
WiSec '08 Proceedings of the first ACM conference on Wireless network security
HAPADEP: Human-Assisted Pure Audio Device Pairing
ISC '08 Proceedings of the 11th international conference on Information Security
Secure pairing of interface constrained devices
International Journal of Security and Networks
Using audio in secure device pairing
International Journal of Security and Networks
Serial hook-ups: a comparative usability study of secure device pairing methods
Proceedings of the 5th Symposium on Usable Privacy and Security
Usability and security of out-of-band channels in secure device pairing protocols
Proceedings of the 5th Symposium on Usable Privacy and Security
Caveat eptor: A comparative study of secure device pairing methods
PERCOM '09 Proceedings of the 2009 IEEE International Conference on Pervasive Computing and Communications
Provably secure password-authenticated key exchange using Diffie-Hellman
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Shake well before use: authentication based on accelerometer data
PERVASIVE'07 Proceedings of the 5th international conference on Pervasive computing
Amigo: proximity-based authentication of mobile devices
UbiComp '07 Proceedings of the 9th international conference on Ubiquitous computing
Security associations in personal networks: a comparative analysis
ESAS'07 Proceedings of the 4th European conference on Security and privacy in ad-hoc and sensor networks
Usability analysis of secure pairing methods
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Efficient device pairing using "Human-comparable" synchronized audiovisual patterns
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
SAS-Based authenticated key agreement
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Efficient mutual data authentication using manually authenticated strings
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Hi-index | 0.00 |
When users wish to establish wireless communication between their devices, the channel needs to be bootstrapped first. Usually, the channel is desired to be authenticated and confidential, in order to mitigate any malicious control of or eavesdropping over the communication. When there is no prior security context, such as, shared secrets, common key servers or public key certificates, device association necessitates some level of user involvement into the process. A wide variety of user-aided security association techniques have been proposed in the past. A promising set of techniques require out-of-band communication between the devices (e.g., auditory, visual, or tactile). The usability evaluation of such techniques has been an active area of research. In this paper, our focus is on the usability of an alternative method of secure association --- Integrity regions (I-regions) [40] --- based on distance bounding. I-regions achieves secure association by verification of entity proximity through time-to-travel measurements over ultrasonic or radio channels. Security of I-regions crucially relies on the assumption that human users can correctly gauge the distance between two communicating devices. We demonstrate, via a thorough usability study of the I-regions technique and related statistical analysis, that such an assumption does not hold in practice. Our results indicate that I-regions can yield high error rates, undermining its security and usability under common communication scenarios.