Groupthink: usability of secure group association for wireless devices

Authors:
Rishab Nithyanand;Nitesh Saxena;Gene Tsudik;Ersin Uzun
Affiliations:
University of California, Irvine, Irvine, CA, USA;Polytechnic Institute of NYU, Brooklyn, NY, USA;University of California, Irvine, Irvine, CA, USA;University of California, Irvine, Irvine, CA, USA
Venue:
Proceedings of the 12th ACM international conference on Ubiquitous computing
Year:
2010

Citing 28
Cited 11

Measuring usability: are effectiveness, efficiency, and satisfaction really correlated?

Proceedings of the SIGCHI conference on Human Factors in Computing Systems
Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts

UbiComp '01 Proceedings of the 3rd international conference on Ubiquitous Computing
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks

Proceedings of the 7th International Workshop on Security Protocols
Public-key support for group collaboration

ACM Transactions on Information and System Security (TISSEC)
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Secure Device Pairing based on a Visual Channel (Short Paper)

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Loud and Clear: Human-Verifiable Authentication Based on Audio

ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
A Human-Verifiable Authentication Protocol Using Visible Laser Light

ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Mind your manners: socially appropriate wireless key establishment for groups

WiSec '08 Proceedings of the first ACM conference on Wireless network security
Simple and effective defense against evil twin access points

WiSec '08 Proceedings of the first ACM conference on Wireless network security
GAnGS: gather, authenticate 'n group securely

Proceedings of the 14th ACM international conference on Mobile computing and networking
HAPADEP: Human-Assisted Pure Audio Device Pairing

ISC '08 Proceedings of the 11th international conference on Information Security
Using audio in secure device pairing

International Journal of Security and Networks
SPATE: small-group PKI-less authenticated trust establishment

Proceedings of the 7th international conference on Mobile systems, applications, and services
Serial hook-ups: a comparative usability study of secure device pairing methods

Proceedings of the 5th Symposium on Usable Privacy and Security
Usability and security of out-of-band channels in secure device pairing protocols

Proceedings of the 5th Symposium on Usable Privacy and Security
Caveat eptor: A comparative study of secure device pairing methods

PERCOM '09 Proceedings of the 2009 IEEE International Conference on Pervasive Computing and Communications
The Factor Structure of the System Usability Scale

HCD 09 Proceedings of the 1st International Conference on Human Centered Design: Held as Part of HCI International 2009
Provably secure password-authenticated key exchange using Diffie-Hellman

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Shake well before use: authentication based on accelerometer data

PERVASIVE'07 Proceedings of the 5th international conference on Pervasive computing
Usability analysis of secure pairing methods

FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Efficient device pairing using "Human-comparable" synchronized audiovisual patterns

ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
SAS-based group authentication and key agreement protocols

PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Secure communications over insecure channels based on short authenticated strings

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
SAS-Based authenticated key agreement

PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Efficient mutual data authentication using manually authenticated strings

CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Ad hoc security associations for groups

ESAS'06 Proceedings of the Third European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Key agreement in ad hoc networks

Computer Communications

Pairing devices for social interactions: a comparative usability evaluation

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Usability of display-equipped RFID tags for security purposes

ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Fast track article: Looking ahead in pervasive computing: Challenges and opportunities in the era of cyber-physical convergence

Pervasive and Mobile Computing
Fast track article: Looking ahead in pervasive computing: Challenges and opportunities in the era of cyber-physical convergence

Pervasive and Mobile Computing
EasyGroups: binding mobile devices for collaborative interactions

CHI '12 Extended Abstracts on Human Factors in Computing Systems
Secure ad hoc trust initialization and key management in wireless body area networks

ACM Transactions on Sensor Networks (TOSN)
Chorus: scalable in-band trust establishment for multiple constrained devices over the insecure wireless channel

Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
How groups of users associate wireless devices

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A comparative evaluation of touch-based methods to bind mobile devices for collaborative interactions

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
SafeSlinger: easy-to-use and secure public-key exchange

Proceedings of the 19th annual international conference on Mobile computing & networking
Can Jannie verify? Usability of display-equipped RFID tags for security purposes

Journal of Computer Security - Research in Computer Security and Privacy: Emerging Trends

Quantified Score

Hi-index	0.01

Visualization

Abstract

A fairly common modern setting entails users, each in possession of a personal wireless device, wanting to communicate securely, via their devices. If these users (and their devices) have no prior association, a new security context must be established. In order to prevent potential attacks, the initial context (association) establishment process must involve only the intended devices and their users. A number of methods for initial secure association of two devices have been proposed; their usability factors have been explored and compared extensively. However, a more challenging problem of initial secure association of a group of devices (and users) has not received much attention. Although a few secure group association methods have been proposed, their usability aspects have not been studied, especially, in a comparative manner. This paper discusses desirable features and evaluation criteria for secure group association, identifies suitable methods and presents a comparative usability study. Results show that some simple methods (e.g., peer- or leader-based number comparisons) are quite attractive for small groups, being fast, reasonably secure and well-received by users.