A comparative study of secure device pairing methods. Kumar, A., Saxena, N., Tsudik, G., & Uzun, E. Pervasive and Mobile Computing, 5(6):734-749, 2009.
Website abstract bibtex ''Secure Device Pairing'' or ''Secure First Connect'' is the process of bootstrapping a secure channel between two previously unassociated devices over some (usually wireless) human-imperceptible communication channel. Absence of prior security context and common trust infrastructure open the door for the so-called Man-in-the-Middle and Evil Twin attacks. Mitigation of these attacks requires some level of user involvement in the device pairing process. Prior research yielded a number of technically sound methods relying on various auxiliary human-perceptible out-of-band channels, e.g., visual, acoustic and tactile. Such methods engage the user in authenticating information exchanged over the human-imperceptible channel, thus defending against MiTM attacks and forming the basis for secure pairing. This paper reports on a comprehensive and comparative evaluation of notable secure device pairing methods. This evaluation was obtained via a thorough analysis of these methods, in terms of both security and usability. The results help us identify methods best-suited for specific combinations of devices and human abilities. This work is an important step in understanding usability in one of the rare settings where a very wide range of users (not just specialists) are confronted with modern security technology.
@article{
title = {A comparative study of secure device pairing methods},
type = {article},
year = {2009},
identifiers = {[object Object]},
keywords = {hns-ccs,pairing,survey,usability},
pages = {734-749},
volume = {5},
websites = {http://dx.doi.org/10.1016/j.pmcj.2009.07.008},
id = {fc58365a-5a64-3ae8-8bab-88ec34f5fcb4},
created = {2018-07-12T21:31:12.632Z},
file_attached = {false},
profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},
group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},
last_modified = {2018-07-12T21:31:12.632Z},
read = {false},
starred = {false},
authored = {false},
confirmed = {true},
hidden = {false},
citation_key = {kumar:pairing09},
source_type = {article},
private_publication = {false},
abstract = {''Secure Device Pairing'' or ''Secure First Connect'' is the process of bootstrapping a secure channel between two previously unassociated devices over some (usually wireless) human-imperceptible communication channel. Absence of prior security context and common trust infrastructure open the door for the so-called Man-in-the-Middle and Evil Twin attacks. Mitigation of these attacks requires some level of user involvement in the device pairing process. Prior research yielded a number of technically sound methods relying on various auxiliary human-perceptible out-of-band channels, e.g., visual, acoustic and tactile. Such methods engage the user in authenticating information exchanged over the human-imperceptible channel, thus defending against MiTM attacks and forming the basis for secure pairing. This paper reports on a comprehensive and comparative evaluation of notable secure device pairing methods. This evaluation was obtained via a thorough analysis of these methods, in terms of both security and usability. The results help us identify methods best-suited for specific combinations of devices and human abilities. This work is an important step in understanding usability in one of the rare settings where a very wide range of users (not just specialists) are confronted with modern security technology.},
bibtype = {article},
author = {Kumar, Arun and Saxena, Nitesh and Tsudik, Gene and Uzun, Ersin},
journal = {Pervasive and Mobile Computing},
number = {6}
}
Downloads: 0
{"_id":"LqW6m7kSn9NHKzDjA","bibbaseid":"kumar-saxena-tsudik-uzun-acomparativestudyofsecuredevicepairingmethods-2009","downloads":0,"creationDate":"2019-02-15T15:14:58.477Z","title":"A comparative study of secure device pairing methods","author_short":["Kumar, A.","Saxena, N.","Tsudik, G.","Uzun, E."],"year":2009,"bibtype":"article","biburl":null,"bibdata":{"title":"A comparative study of secure device pairing methods","type":"article","year":"2009","identifiers":"[object Object]","keywords":"hns-ccs,pairing,survey,usability","pages":"734-749","volume":"5","websites":"http://dx.doi.org/10.1016/j.pmcj.2009.07.008","id":"fc58365a-5a64-3ae8-8bab-88ec34f5fcb4","created":"2018-07-12T21:31:12.632Z","file_attached":false,"profile_id":"f954d000-ce94-3da6-bd26-b983145a920f","group_id":"b0b145a3-980e-3ad7-a16f-c93918c606ed","last_modified":"2018-07-12T21:31:12.632Z","read":false,"starred":false,"authored":false,"confirmed":"true","hidden":false,"citation_key":"kumar:pairing09","source_type":"article","private_publication":false,"abstract":"''Secure Device Pairing'' or ''Secure First Connect'' is the process of bootstrapping a secure channel between two previously unassociated devices over some (usually wireless) human-imperceptible communication channel. Absence of prior security context and common trust infrastructure open the door for the so-called Man-in-the-Middle and Evil Twin attacks. Mitigation of these attacks requires some level of user involvement in the device pairing process. Prior research yielded a number of technically sound methods relying on various auxiliary human-perceptible out-of-band channels, e.g., visual, acoustic and tactile. Such methods engage the user in authenticating information exchanged over the human-imperceptible channel, thus defending against MiTM attacks and forming the basis for secure pairing. This paper reports on a comprehensive and comparative evaluation of notable secure device pairing methods. This evaluation was obtained via a thorough analysis of these methods, in terms of both security and usability. The results help us identify methods best-suited for specific combinations of devices and human abilities. This work is an important step in understanding usability in one of the rare settings where a very wide range of users (not just specialists) are confronted with modern security technology.","bibtype":"article","author":"Kumar, Arun and Saxena, Nitesh and Tsudik, Gene and Uzun, Ersin","journal":"Pervasive and Mobile Computing","number":"6","bibtex":"@article{\n title = {A comparative study of secure device pairing methods},\n type = {article},\n year = {2009},\n identifiers = {[object Object]},\n keywords = {hns-ccs,pairing,survey,usability},\n pages = {734-749},\n volume = {5},\n websites = {http://dx.doi.org/10.1016/j.pmcj.2009.07.008},\n id = {fc58365a-5a64-3ae8-8bab-88ec34f5fcb4},\n created = {2018-07-12T21:31:12.632Z},\n file_attached = {false},\n profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},\n group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},\n last_modified = {2018-07-12T21:31:12.632Z},\n read = {false},\n starred = {false},\n authored = {false},\n confirmed = {true},\n hidden = {false},\n citation_key = {kumar:pairing09},\n source_type = {article},\n private_publication = {false},\n abstract = {''Secure Device Pairing'' or ''Secure First Connect'' is the process of bootstrapping a secure channel between two previously unassociated devices over some (usually wireless) human-imperceptible communication channel. Absence of prior security context and common trust infrastructure open the door for the so-called Man-in-the-Middle and Evil Twin attacks. Mitigation of these attacks requires some level of user involvement in the device pairing process. Prior research yielded a number of technically sound methods relying on various auxiliary human-perceptible out-of-band channels, e.g., visual, acoustic and tactile. Such methods engage the user in authenticating information exchanged over the human-imperceptible channel, thus defending against MiTM attacks and forming the basis for secure pairing. This paper reports on a comprehensive and comparative evaluation of notable secure device pairing methods. This evaluation was obtained via a thorough analysis of these methods, in terms of both security and usability. The results help us identify methods best-suited for specific combinations of devices and human abilities. This work is an important step in understanding usability in one of the rare settings where a very wide range of users (not just specialists) are confronted with modern security technology.},\n bibtype = {article},\n author = {Kumar, Arun and Saxena, Nitesh and Tsudik, Gene and Uzun, Ersin},\n journal = {Pervasive and Mobile Computing},\n number = {6}\n}","author_short":["Kumar, A.","Saxena, N.","Tsudik, G.","Uzun, E."],"urls":{"Website":"http://dx.doi.org/10.1016/j.pmcj.2009.07.008"},"bibbaseid":"kumar-saxena-tsudik-uzun-acomparativestudyofsecuredevicepairingmethods-2009","role":"author","keyword":["hns-ccs","pairing","survey","usability"],"downloads":0},"search_terms":["comparative","study","secure","device","pairing","methods","kumar","saxena","tsudik","uzun"],"keywords":["hns-ccs","pairing","survey","usability"],"authorIDs":[]}