SyncTap: synchronous user operation for spontaneous network connection
Personal and Ubiquitous Computing
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Loud and Clear: Human-Verifiable Authentication Based on Audio
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Network-in-a-box: how to set up a secure wireless network in under a minute
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Lessons learned from the deployment of a smartphone-based access-control system
Proceedings of the 3rd symposium on Usable privacy and security
Keep your enemies close: distance bounding against smartcard relay attacks
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Serial hook-ups: a comparative usability study of secure device pairing methods
Proceedings of the 5th Symposium on Usable Privacy and Security
Usability and security of out-of-band channels in secure device pairing protocols
Proceedings of the 5th Symposium on Usable Privacy and Security
Caveat eptor: A comparative study of secure device pairing methods
PERCOM '09 Proceedings of the 2009 IEEE International Conference on Pervasive Computing and Communications
A comparative study of secure device pairing methods
Pervasive and Mobile Computing
Security associations in personal networks: a comparative analysis
ESAS'07 Proceedings of the 4th European conference on Security and privacy in ad-hoc and sensor networks
Usability analysis of secure pairing methods
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Two heads are better than one: security and usability of device associations in group scenarios
Proceedings of the Sixth Symposium on Usable Privacy and Security
Efficient mutual data authentication using manually authenticated strings
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Two heads are better than one: security and usability of device associations in group scenarios
Proceedings of the Sixth Symposium on Usable Privacy and Security
How users associate wireless devices
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Pairing devices for social interactions: a comparative usability evaluation
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Theoretical foundations for user-controlled forgetting in scrutable long term user models
Proceedings of the 23rd Australian Computer-Human Interaction Conference
Usability classification for spontaneous device association
Personal and Ubiquitous Computing
EasyGroups: binding mobile devices for collaborative interactions
CHI '12 Extended Abstracts on Human Factors in Computing Systems
Counting clicks and beeps: Exploring numerosity based haptic and audio PIN entry
Interacting with Computers
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Sensing-enabled channels for hard-to-detect command and control of mobile devices
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Using a 2DST waveguide for usable, physically constrained out-of-band Wi-Fi authentication
Proceedings of the 2013 ACM international joint conference on Pervasive and ubiquitous computing
Hi-index | 0.00 |
Recent years have seen a proliferation of secure device pairing methods that try to improve both the usability and security of today's de-facto standard -- PIN-based authentication. Evaluating such improvements is difficult. Most comparative laboratory studies have so far mainly focused on completeness, trying to find the single best method among the dozens of proposed approaches -- one that is both rated the most usable by test subjects, and which provides the most robust security guarantees. This search for the "best" pairing method, however, fails to take into account the variety of situations in which such pairing protocols may be used in real life. The comparative study reported here, therefore, explicitly situates pairing tasks in a number of more realistic situations. Our results indicate that people do not always use the easiest or most popular method -- they instead prefer different methods in different situations, based on the sensitivity of data involved, their time constraints, and the social conventions appropriate for a particular place and setting. Our study also provides qualitative data on factors influencing the perceived security of a particular method, the users' mental models surrounding security of a method, and their security needs.