Usability analysis of secure pairing methods

Authors:
Ersin Uzun;Kristiina Karvonen;N. Asokan
Affiliations:
University of California, Irvine CA and Nokia Research Center, Helsinki, Finland;Helsinki University of Technology, Helsinki, Finland;Helsinki University of Technology, Helsinki, Finland and Nokia Research Center, Helsinki, Finland
Venue:
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Year:
2007

Citing 8
Cited 35

Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Designing an evaluation method for security user interfaces: lessons from studying secure wireless network configuration

interactions - A contradiction in terms?
Secure Device Pairing based on a Visual Channel (Short Paper)

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Loud and Clear: Human-Verifiable Authentication Based on Audio

ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Network-in-a-box: how to set up a secure wireless network in under a minute

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Secure communications over insecure channels based on short authenticated strings

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Efficient mutual data authentication using manually authenticated strings

CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
The Design of Everyday Things

The Design of Everyday Things

Mind your manners: socially appropriate wireless key establishment for groups

WiSec '08 Proceedings of the first ACM conference on Wireless network security
Simple and effective defense against evil twin access points

WiSec '08 Proceedings of the first ACM conference on Wireless network security
Universal device pairing using an auxiliary device

Proceedings of the 4th symposium on Usable privacy and security
GAnGS: gather, authenticate 'n group securely

Proceedings of the 14th ACM international conference on Mobile computing and networking
HAPADEP: Human-Assisted Pure Audio Device Pairing

ISC '08 Proceedings of the 11th international conference on Information Security
Automated Device Pairing for Asymmetric Pairing Scenarios

ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Seeing-Is-Believing: using camera phones for human-verifiable authentication

International Journal of Security and Networks
Secure Pairing of "Interface-Constrained" Devices Resistant against Rushing User Behavior

ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Serial hook-ups: a comparative usability study of secure device pairing methods

Proceedings of the 5th Symposium on Usable Privacy and Security
Usability and security of out-of-band channels in secure device pairing protocols

Proceedings of the 5th Symposium on Usable Privacy and Security
Authenticating ubiquitous services: a study of wireless hotspot access

Proceedings of the 11th international conference on Ubiquitous computing
A comparative study of secure device pairing methods

Pervasive and Mobile Computing
Blink 'Em All: Scalable, User-Friendly and Secure Initialization of Wireless Sensor Nodes

CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
On the Usability of Secure Association of Wireless Devices Based on Distance Bounding

CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Noninteractive self-certification for long-lived mobile ad hoc networks

IEEE Transactions on Information Forensics and Security - Special issue on electronic voting
Mobile user location-specific encryption (MULE): using your office as your password

Proceedings of the third ACM conference on Wireless network security
Creating home network access for the elderly

UAHCI'07 Proceedings of the 4th international conference on Universal access in human computer interaction: coping with diversity
Low-cost manufacturing, usability, and security: an analysis of bluetooth simple pairing and Wi-Fi protected setup

FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Efficient device pairing using "Human-comparable" synchronized audiovisual patterns

ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Two practical man-in-the-middle attacks on bluetooth secure simple pairing and countermeasures

IEEE Transactions on Wireless Communications
A closer look at recognition-based graphical passwords on mobile devices

Proceedings of the Sixth Symposium on Usable Privacy and Security
Influence of user perception, security needs, and social factors on device pairing method choices

Proceedings of the Sixth Symposium on Usable Privacy and Security
Authentication technologies for the blind or visually impaired

HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
Support of high-performance i/o protocols over mmWave networks

Proceedings of the 2010 ACM international workshop on mmWave communications: from circuits to networks
Groupthink: usability of secure group association for wireless devices

Proceedings of the 12th ACM international conference on Ubiquitous computing
On pairing constrained wireless devices based on secrecy of auxiliary channels: the case of acoustic eavesdropping

Proceedings of the 17th ACM conference on Computer and communications security
Authentication protocols based on low-bandwidth unspoofable channels: A comparative survey

Journal of Computer Security
How users associate wireless devices

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Pairing devices for social interactions: a comparative usability evaluation

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Usability of display-equipped RFID tags for security purposes

ESORICS'11 Proceedings of the 16th European conference on Research in computer security
RhythmLink: securely pairing I/O-constrained devices by tapping

Proceedings of the 24th annual ACM symposium on User interface software and technology
Don't Bump, Shake on It: the exploitation of a popular accelerometer-based smart phone exchange and its secure replacement

Proceedings of the 27th Annual Computer Security Applications Conference
Towards a secure human-and-computer mutual authentication protocol

AISC '12 Proceedings of the Tenth Australasian Information Security Conference - Volume 125
Go anywhere: user-verifiable authentication over distance-free channel for mobile devices

Personal and Ubiquitous Computing
Can Jannie verify? Usability of display-equipped RFID tags for security purposes

Journal of Computer Security - Research in Computer Security and Privacy: Emerging Trends

Quantified Score

Hi-index	0.00

Visualization

Abstract

Setting up security associations between end-user devices is a challenging task when it needs to be done by ordinary users. The increasing popularity of powerful personal electronics with wireless communication abilities has made the problem more urgent than ever before. During the last few years, several solutions have appeared in the research literature. Several standardization bodies have also been working on improved setup procedures. All these protocols provide certain level of security, but several new questions arise, such as "how to implement this protocol so that it is easy to use?" and "is it still secure when used by a non-technical person?" In this paper, we attempt to answer these questions by carrying out a comparative usability evaluation of selected methods to derive some insights into the usability and security of these methods as well as strategies for implementing them.