A comparative study of secure device pairing methods. Kumar, A., Saxena, N., Tsudik, G., & Uzun, E. Pervasive and Mobile Computing, 5(6):734-749, 2009.
A comparative study of secure device pairing methods [link]Website  abstract   bibtex   
''Secure Device Pairing'' or ''Secure First Connect'' is the process of bootstrapping a secure channel between two previously unassociated devices over some (usually wireless) human-imperceptible communication channel. Absence of prior security context and common trust infrastructure open the door for the so-called Man-in-the-Middle and Evil Twin attacks. Mitigation of these attacks requires some level of user involvement in the device pairing process. Prior research yielded a number of technically sound methods relying on various auxiliary human-perceptible out-of-band channels, e.g., visual, acoustic and tactile. Such methods engage the user in authenticating information exchanged over the human-imperceptible channel, thus defending against MiTM attacks and forming the basis for secure pairing. This paper reports on a comprehensive and comparative evaluation of notable secure device pairing methods. This evaluation was obtained via a thorough analysis of these methods, in terms of both security and usability. The results help us identify methods best-suited for specific combinations of devices and human abilities. This work is an important step in understanding usability in one of the rare settings where a very wide range of users (not just specialists) are confronted with modern security technology.
@article{
 title = {A comparative study of secure device pairing methods},
 type = {article},
 year = {2009},
 identifiers = {[object Object]},
 keywords = {hns-ccs,pairing,survey,usability},
 pages = {734-749},
 volume = {5},
 websites = {http://dx.doi.org/10.1016/j.pmcj.2009.07.008},
 id = {fc58365a-5a64-3ae8-8bab-88ec34f5fcb4},
 created = {2018-07-12T21:31:12.632Z},
 file_attached = {false},
 profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},
 group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},
 last_modified = {2018-07-12T21:31:12.632Z},
 read = {false},
 starred = {false},
 authored = {false},
 confirmed = {true},
 hidden = {false},
 citation_key = {kumar:pairing09},
 source_type = {article},
 private_publication = {false},
 abstract = {''Secure Device Pairing'' or ''Secure First Connect'' is the process of bootstrapping a secure channel between two previously unassociated devices over some (usually wireless) human-imperceptible communication channel. Absence of prior security context and common trust infrastructure open the door for the so-called Man-in-the-Middle and Evil Twin attacks. Mitigation of these attacks requires some level of user involvement in the device pairing process. Prior research yielded a number of technically sound methods relying on various auxiliary human-perceptible out-of-band channels, e.g., visual, acoustic and tactile. Such methods engage the user in authenticating information exchanged over the human-imperceptible channel, thus defending against MiTM attacks and forming the basis for secure pairing. This paper reports on a comprehensive and comparative evaluation of notable secure device pairing methods. This evaluation was obtained via a thorough analysis of these methods, in terms of both security and usability. The results help us identify methods best-suited for specific combinations of devices and human abilities. This work is an important step in understanding usability in one of the rare settings where a very wide range of users (not just specialists) are confronted with modern security technology.},
 bibtype = {article},
 author = {Kumar, Arun and Saxena, Nitesh and Tsudik, Gene and Uzun, Ersin},
 journal = {Pervasive and Mobile Computing},
 number = {6}
}

Downloads: 0