Secure Initialization of Multiple Constrained Wireless Devices for an Unaided User

Authors:
Toni Perkovic;Mario Cagalj;Toni Mastelic;Nitesh Saxena;Dinko Begusic
Affiliations:
FESB, University of Split, Split;University of Split, Split;FESB, University of Split, Split;Polytechnic Institute of New York University, Brooklyn;FESB, University of Split, Split
Venue:
IEEE Transactions on Mobile Computing
Year:
2012

Citing 0
Cited 2

Secure ad hoc trust initialization and key management in wireless body area networks

ACM Transactions on Sensor Networks (TOSN)
Chorus: scalable in-band trust establishment for multiple constrained devices over the insecure wireless channel

Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

A number of protocols and mechanisms have been proposed to address the problem of initial secure key deployment in wireless networks. Most existing approaches work either with a small number of wireless devices (i.e., two) or otherwise rely on the presence of an auxiliary device (such as a programmable camera, computer, or Faraday cage). In this paper, we design a solution that allows a user unaided initialization (free from auxiliary devices) of a relatively large number of wireless devices. The proposed solution is based on a novel multichannel Group message Authentication Protocol (GAP), in which information is transmitted over both a radio and a visible light channel (VLC). A notable feature of GAP is that the information to be authenticated is independent of the short authentication string to be verified by the user (an indirect binding protocol [28]). This, as we show, results in a lower communication cost compared to existing direct binding protocols. The advantage in terms of the communication cost of our GAP protocol is especially important for power-constrained devices, such as wireless sensor motes. Another appealing feature of GAP is that it is secure in the attacker model where the VLC is semiauthentic, whereas existing protocols consider VLC to be authentic. This is made possible by using joint Manchester-Berger unidirectional error-detection codes that are secure and easy to interpret by a nonspecialist and unaided end user. Our overall key deployment mechanism has minimal hardware requirements: one LED, one button and, of course, a radio transceiver, and is thus suitable for initializing devices with constrained interfaces, such as (multiple) wireless sensor motes. We demonstrate the feasibility of the proposed method via a preliminary usability study. The study indicates that the method has reasonably low execution time, minimal error rate, and is user friendly.