CryptoDB
BEDA: Button-Enabled Device Pairing
Authors: | |
---|---|
Download: | |
Abstract: | Secure initial pairing of electronic gadgets is a challenging problem, especially considering lack of any common security infrastructure. The main security issue is the threat of so-called Man-in-the-Middle (MiTM) attacks, whereby an attacker inserts itself into the pairing protocol by impersonating one of the legitimate parties. A number of interesting techniques have been proposed, all of which involve the user in the pairing process. However, they are inapplicable to many common scenarios where devices to-be-paired do not possess required interfaces, such as displays, speakers, cameras or microphones. In this paper, we introduce BEDA (Button-Enabled Device Association), a protocol suite for secure pairing devices with minimal user interfaces. The most common and minimal interface available on wide variety of devices is a single button. BEDA protocols can accommodate pairing scenarios where one (or even both) devices only have a single button as their "user interface". Our usability study demonstrates that BEDA protocols involve very little human burden and are quite suitable for ordinary users. |
BibTeX
@misc{eprint-2007-13527, title={BEDA: Button-Enabled Device Pairing}, booktitle={IACR Eprint archive}, keywords={public-key cryptography / Secure pairing, Human assisted authentication, Man-in-the-middle attacks}, url={http://eprint.iacr.org/2007/246}, note={ euzun@ics.uci.edu 13683 received 19 Jun 2007}, author={Claudio Soriente and Gene Tsudik and Ersin Uzun}, year=2007 }