International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

BEDA: Button-Enabled Device Pairing

Authors:
Claudio Soriente
Gene Tsudik
Ersin Uzun
Download:
URL: http://eprint.iacr.org/2007/246
Search ePrint
Search Google
Abstract: Secure initial pairing of electronic gadgets is a challenging problem, especially considering lack of any common security infrastructure. The main security issue is the threat of so-called Man-in-the-Middle (MiTM) attacks, whereby an attacker inserts itself into the pairing protocol by impersonating one of the legitimate parties. A number of interesting techniques have been proposed, all of which involve the user in the pairing process. However, they are inapplicable to many common scenarios where devices to-be-paired do not possess required interfaces, such as displays, speakers, cameras or microphones. In this paper, we introduce BEDA (Button-Enabled Device Association), a protocol suite for secure pairing devices with minimal user interfaces. The most common and minimal interface available on wide variety of devices is a single button. BEDA protocols can accommodate pairing scenarios where one (or even both) devices only have a single button as their "user interface". Our usability study demonstrates that BEDA protocols involve very little human burden and are quite suitable for ordinary users.
BibTeX
@misc{eprint-2007-13527,
  title={BEDA: Button-Enabled Device Pairing},
  booktitle={IACR Eprint archive},
  keywords={public-key cryptography / Secure pairing, Human assisted authentication, Man-in-the-middle attacks},
  url={http://eprint.iacr.org/2007/246},
  note={ euzun@ics.uci.edu 13683 received 19 Jun 2007},
  author={Claudio Soriente and Gene Tsudik and Ersin Uzun},
  year=2007
}