Authentication and authenticated key exchanges
Designs, Codes and Cryptography
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
Proceedings of the 7th International Workshop on Security Protocols
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
In Search of Usable Security: Five Lessons from the Field
IEEE Security and Privacy
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Integrity (I) Codes: Message Integrity Protection and Authentication Over Insecure Channels
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Loud and Clear: Human-Verifiable Authentication Based on Audio
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Simple and effective defense against evil twin access points
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Integrity Codes: Message Integrity Protection and Authentication over Insecure Channels
IEEE Transactions on Dependable and Secure Computing
THE WAY I SEE IT: When security gets in the way
interactions - Catalyzing a Perfect Storm
Provably secure password-authenticated key exchange using Diffie-Hellman
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Shake well before use: authentication based on accelerometer data
PERVASIVE'07 Proceedings of the 5th international conference on Pervasive computing
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
They can hear your heartbeats: non-invasive security for implantable medical devices
Proceedings of the ACM SIGCOMM 2011 conference
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
Hi-index | 0.00 |
This paper presents the first wireless pairing protocol that works in-band, with no pre-shared keys, and protects against MITM attacks. The main innovation is a new key exchange message constructed in a manner that ensures an adversary can neither hide the fact that a message was transmitted, nor alter its payload without being detected. Thus, any attempt by an adversary to interfere with the key exchange translates into the pairing devices detecting either invalid pairing messages or an unacceptable increase in the number of such messages. We analytically prove that our design is secure against MITM attacks, and show that our protocol is practical by implementing a prototype using off-the-shelf 802.11 cards. An evaluation of our protocol on two busy wireless networks (MIT's campus network and a reproduction of the SIGCOMM 2010 network using traces) shows that it can effectively implement key exchange in a real-world environment.