ChapterPDF Available

Secure Device Association Trends and Issues

Authors:

Figures

Content may be subject to copyright.
Contents
Preface................................................................................................................................ix
Acknowledgments ...............................................................................................................xi
Editor ............... ................................... ................................... .......................................... xiii
Contributors ....... ............. ............ ............. ............ ............. ............ ............. ............ ........... xv
PART I GENERAL TOPICS: SECURITY OF WIRELESS AND
SELF-ORGANIZING NETWORKS
1Secure Device Association: Trends and Issues ................................................................. 3
YASIR ARFAT MALKANI, DAN CHALMERS, and IAN WAKEMAN
2Securing Route and Path Integrity in Multihop Wireless Networks ............................... 25
STEPHEN GLASS, MARIUS PORTMANN, and VALLIPURAM MUTHUKKUMARASAMY
3Handling Security Threats to the RFID System of EPC Networks................................ 45
JOAQUIN GARCIA-ALFARO, MICHEL BARBEAU, and EVANGELOS KRANAKIS
4Survey of Anomaly Detection Algorithms: Toward Self-Learning Networks................... 65
TAREM AHMED and RUMANA RAHMAN
5Reputation- and Trust-Based Systems for Wireless Self-Organizing Networks................ 91
JAYDIP SEN
PART II MOBILE AD HOC NETWORK AND VEHICULAR AD HOC
NETWORK SECURITY
6Security Threats in Mobile Ad Hoc Networks ............................................................ 127
SEVIL ¸SEN, JOHN A. CLARK, and JUAN E. TAPIADOR
7Key Management in Mobile Ad Hoc Networks........................................................... 147
SUDIP MISRA and SUMIT GOSWAMI
v
vi ¥Contents
8Combating against Security Attacks against Mobile Ad Hoc
Networks (MANETs) ..... ............. ............................ ............. ............. ........................ 173
ZUBAIR MUHAMMAD FADLULLAH, TARIK TALEB, and MARCUS SCHÖLLER
9Classification of Attacks on Wireless Mobile Ad Hoc Networks and Vehicular
Ad Hoc Networks: A Survey ........................ ............. ............. ..................... ............. ... 195
VIKRANT GOKHALE, S.K. GHOSH, and AROBINDA GUPTA
10 Security in Vehicular Ad Hoc Networks...................................................................... 227
VIKAS SINGH YADAV, SUDIP MISRA, and MOZAFFAR AFAQUE
11 Toward a Robust Trust Model for Ensuring Security and Privacy in VANETs .............. 251
UNE THOING ROSI and SYED ISHTIAQUE AHMED
12 Sybil Attack in VANETs: Detection and Prevention.................................................... 269
JYOTI GROVER, M.S. GAUR, and V. LAXMI
PART III WIRELESS SENSOR NETWORK SECURITY
13 Key Management Schemes of Wireless Sensor Networks: A Survey ............................. 297
SYED MUHAMMAD KHALIQ-UR-RAHMAN RAAZI, ZEESHAN PERVEZ,
and SUNGYOUNG LEE
14 Key Management Techniques for Wireless Sensor Networks: Practical
and Theoretical Considerations. ............. ..................... ............. ............. ..................... 317
EFFIE MAKRI and YANNIS C. STAMATIOU
15 Bio-Inspired Intrusion Detection for Wireless Sensor Networks .................................. 347
SWAPNA GHANEKAR, NANCY ALRAJEI, and FATMA MILI
16 Biological Inspired Autonomously Secure Mechanism for Wireless
Sensor Networks ........... ............. ............. ............................ ............. ............. ............ 375
KASHIF SALEEM, NORSHEILA FISAL, SHARIFAH HAFIZAH SYED ARIFFIN,
SHARIFAH KAMILAH SYED YUSOF, and ROZEHA A. RASHID
17 Controlled Link Establishment Attack on Key Pre-Distribution Schemes for
Distributed Sensor Networks and Countermeasures .................................................... 409
THANH DAI TRAN and JOHNSON I. AGBINYA
18 Proactive Key Variation Owing to Dynamic Clustering (PERIODIC)
in Sensor Networks .................. ............. ............. ............................ ............. ............. . 437
GICHEOL WANG and GIHWAN CHO
19 Secure Routing Architectures Using Cross-Layer Information for Attack Avoidance
(with Case Study on Wormhole Attacks) ............. ............................ ............. ............. .. 465
JAMES HARBIN, PAUL MITCHELL, and DAVID PEARCE
20 Reputation-Based Trust Systems in Wireless Sensor Networks .................................... 493
HANI ALZAID
Contents ¥vii
21 Major Works on the Necessity and Implementations of PKC in WSNs:
A Beginner’s Note............ ............. ............. ..................... ............. ............. ................. 525
AL-SAKIB KHAN PATHAN
PART IV WIRELESS MESH NETWORK SECURITY
22 Secure Access Control and Authentication in Wireless Mesh Networks........................ 545
BING HE, BIN XIE, DAVID ZHAO, and RANGA REDDY
23 Misbehavior Detection in Wireless Mesh Networks ................................................ .... 571
MD. ABDUL HAMID and MD. SHARIFUL ISLAM
Index .............................................................................................................................. 595
Chapter 1
Secure Device Association
Trends and Issues
Yasir Arfat Malkani, Dan Chalmers, and Ian Wakeman
Contents
1.1 Introduction. .. .. .. .. ... .. .. .. .. .. .. .. .. .. ... .. .. .. .. .. .. .. ... .. .. .. .. .. .. .. .. .. ... .. .. .. .. .. . 4
1.2 Background.. .. .. .. ... .. .. .. .. .. .. .. ... .. .. .. .. .. .. .. .. .. ... .. .. .. .. .. .. .. ... .. .. .. .. .. .. .. .. . 5
1.2.1 Attack Types in Device Association Model .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . 5
1.2.1.1 Eavesdropping .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. .. . .. . .. . .. . .. . .. . .. .. . .. . .. . 5
1.2.1.2 MiTM Attack..............................................................5
1.2.1.3 DoS Attack . .. .. .. .. .. .. .. .. ... .. .. .. .. .. .. .. ... .. .. .. .. .. .. .. .. .. ... .. .. .. 6
1.2.1.4 Bidding-Down Attack . . .. . . . .. . . . .. . . . .. . . . .. . . . .. . . .. . . . .. . . . .. . . . .. . . . .. 6
1.2.1.5 Compromised Devices.. .. .. .. .. .. .. ... .. .. .. .. .. .. .. .. .. ... .. .. .. .. .. .. .. . 7
1.2.2 Device Association in Ad Hoc Environments........................................7
1.2.2.1 Resurrecting Duckling Security Model.. .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . . 7
1.2.2.2 Talking to Strangers. .. .. .. .. .. ... .. .. .. .. .. .. .. ... .. .. .. .. .. .. .. .. .. ... .. .. 7
1.2.2.3 Device Association Using Visual Out-of-Band Channels.. .. .. .. .. .. .. .. . 8
1.2.2.4 Device Association Using Audio Out-of-Band Channels. . .. . .. . .. . .. . .. . 8
1.2.2.5 Device Association Using Accelerometers.. .. .. .. .. .. .. .. ... .. .. .. .. .. .. .. 9
1.2.2.6 Device Association Using Radio Signals . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . . 10
1.2.2.7 Device Association Using Biometric Data . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. 10
1.2.2.8 Button-Enabled Device Association (BEDA) . .. .. .. .. .. .. .. . .. .. .. .. .. . 10
1.2.2.9 Bluetooth Pairing. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . 11
1.2.2.10 Device Association Using Near-Field Communication Technology . .. . 12
1.2.2.11 Wireless Universal Serial Bus (WUSB) Association, WPS,
and Windows Connect now-Net. . .. . .. . .. . .. . .. . .. . .. .. .. . .. . .. . .. . .. . ..13
1.2.3 Comparative Analysis of Device Association Methods .. . .. . .. . .. . .. . .. . .. . .. . .. . . 13
1.3 Future Directions for Research.. . .. ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... .. 15
1.4 Conclusions . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . . 16
Acknowledgments .. .. ... .. .. .. ... .. .. .. ... .. .. .. ... .. .. .. ... .. .. .. ... .. .. .. ... .. .. .. ... .. .. .. ... . 19
3
4¥Security of Self-Organizing Networks
Terminologies.. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . . 19
Questions and Sample Answers . . .. .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. 19
Author’s Biography .. .. .. .. .. .. .. .. .. .. . .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. . .. .. . 22
References ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . .. . . 22
1.1 Introduction
More and more computing devices are coming into existence every day, which may vary in size,
capabilities, mode of interaction, and so on. As a result we are moving toward a world in which
computing is omnipresent. Many modern devices (e.g., smart printers, PDAs, smart phones, and
cameras) support multiple communication channels and almost all of them use wireless technology
in some form, such as Bluetooth, Infrared, Wibree, Zigbee, 802.11, IrDA, or ultrasound. Having
wireless technology in these devices does not guarantee that all of these devices can also take
advantage of Internet technology. However, those wireless-enabled devices that cannot connect
to Internet can still take advantage of other colocated devices in the vicinity by forming short-
term or long-term associations on ad hoc basis: for example, pairing a Bluetooth-enabled headset
with a mobile phone or an MP3 player (short term) and pairing of a PDA with home devices
in order to control them wirelessly (long term). Some other examples of pairing from everyday
life include pairing of a Bluetooth keyboard with a Desktop computer, pairing of a laptop with
an access point or a printer through the use of a WiFi or Bluetooth, and pairing of two mobile
phones to exchange the music files or other data. Since wireless communication is susceptible to
eavesdropping, thus one can easily launch man-in-the-middle (MiTM), denial-of-service (DoS), or
bidding-down attacks to break the secure pairing process.Therefore, the main goal of secure pairing
research is to provide assurance of the identity of the devices participating in the pairing process
and to secure them from being victims of eavesdropping attacks, such as MiTM attack. Achieving
this goal is a challenging problem from both the security and the usability or user interaction points
of view.
Security challenges emerge due to the ad hoc and dynamic nature of mobile ad hoc networks
(MANET), in which devices do not know each other a priori, but still need to develop spontaneous
interactions between themselves. This precludes the idea of preshared secret keys. Further, traditional
key exchange or key agreement approaches, such as Diffie–Hellman [1], are not applicable without
modification in wireless environments due to their vulnerability to an MiTM attack.
From a usability point of view, since most of the device owners are nontechnical, they want
minimal and easy interactions with their devices during the pairing process. They do not want
to remember a list of PIN numbers or secret passwords to establish the secure communication
channel between a pair of devices for several scenarios or situations. Since many users do not have
a deep technical understanding of the risks of pairing and there is a substantial cognitive overhead
in remembering the different kinds of steps of secure pairing for several categories of devices and
situations, many users may either deactivate security of the devices or select an inappropriate pairing
method, which may cause poor security. Therefore it is also a challenge to develop more general,
standardized, and user-friendly interaction methods that might increase the usability of pairing
schemes.
Some other challenges are due to the devices’ heterogeneity in terms of their communication
channels, user interfaces, power requirements, and sensing technology that make it hard to give a
single or standard solution for secure pairing of devices.
As a result of these challenges, a wide community of researchers has proposed many proto-
cols to deal with this issue. These protocols vary in the assumptions of required capabilities in the
Secure Device Association ¥5
devices, required human intervention, and in the way they utilize out-of-band or location-limited
side channels including physical, audio, visual, short-range wireless channels like Near-Field
Communications (NFC), and also combination of these whereever possible. As a consequence,
currently there exist many options for an ordinary user to establish a secure channel between the
devices from entering pins and passwords to verifying hashes of public keys and pressing buttons
simultaneously on the two devices. This notion contradicts with the usability goal of secure device
association methods.
In this chapter, we discuss and analyze the different existing solutions of secure device associa-
tion (pairing) and then discuss future directions by considering trade-offs among various existing
approaches for device pairing.
1.2 Background
1.2.1 Attack Types in Device Association Model
Device association (also known as security initialization, first-connect or device pairing in the
literature) can be referred as the process of establishing a secure channel between two unassociated
human-operated devices over a short-range wireless channel, such as Bluetooth, Infrared, or 802.11.
There are several kinds of possible security threats or attacks in device association scenarios. In this
section, we describe them in brief.
1.2.1.1 Eavesdropping
The most significant risk in device association models is that the underlying communication chan-
nel is wireless (e.g., Bluetooth, 802.11, etc.), which is open to everyone including bona fide users as
well as intruders or adversaries, and thus pairing partners cannot be physically secured the same way
as two peers in a point-to-point wired network. In an eavesdropping attack, an adversary secretly
listens to the conversation between pairing partners. The adversary’s main goal is to obtain con-
fidential information, including public/private keys, location information, contact details, data of
commercial value, or even devices’ capabilities.To reduce the risk of eavesdropping, the general solu-
tions include encryption, and physically securing the medium (line of sight transmission, frequency
hopping, etc.).
1.2.1.2 MiTM Attack
Simple eavesdropping is a passive attack, in which an adversary’s goal is to steal some confidential
information. However, active attacks are more dangerous, in which the main goal of an adversary
is to fool the legitimate device(s) to associate with the adversary’s device. An (MiTM) attack is the
most widespread and well-known active attack against device pairing protocols. It is a kind of active
eavesdropping, in which an adversary can fully intercept the messages moving in both directions,
modify, or corrupt the message, store messages for later replay, or insert new messages. To successfully
launch this attack, an adversary should be able to establish two independent connections with the
victims. In the event of a successful attack, the victims believe that they are communicating with
each other and the messages received by them are from a legitimate source; however, it is not the
case. In fact, all conversation is passed through the adversary, who is able to illegitimately analyze
and modify the real data, launch DoS attack, and even impersonate one partner to gain control
6¥Security of Self-Organizing Networks
Disclosure of sensitive information to 3rd party
Eavesdropping
Manipulation
Illegitimate analysis and modification of data
E can gain control over the device B
Man-in-the-middle
attacker
Intended communication
Actual communication
E
A B
Figure 1.1 MiTM attack scenario.
over the victim’s device(s) or gain access to data or resources. Figure 1.1 depicts the scenario of an
MiTM attack.
1.2.1.3 DoS Attack
The general goal of an adversary launching a DoS attack is to prevent communication between
wirelessly connected nodes. However, in the case of device pairing, a DoS attack prevents two
legitimate pairing partners from establishing a secure channel. It is a general concept that this is the
easiest attack that can be launched by an adversary in wireless environments. Since there has been
less emphasis on the prevention of DoS attack in pairing scenarios, many of the pairing schemes
are susceptible to DoS attack. For example, in pairing schemes that use audio as an out-of-band
channel, an attacker can launch a DoS attack by creating noisy environment for the user/devices.
The noisy environment may prevent the user from properly participating in the pairing process.
In the case of visual out-of-band channels, this attack can be launched by manipulating the lights
(dark, bright, flashing, etc.), so that bar codes, screens, and so on used to contain secure pairing
information cannot be read. However, these kinds of DoS attacks can be recognized by the user,
who can then try to eliminate them by changing the environment or by forcing the adversary not
to do so in case of source detection.
1.2.1.4 Bidding-Down Attack
Bidding-down attack is possible in scenarios where a list of choices to establish a secure channel is
available, and the selection of the best pairing protocol is negotiated based on some criteria, such as
device capabilities or user preferences. In this kind of attack, the goal of an adversary is to fool (i.e.,
bid down) the intended pair able devices to use weaker security than is possible. For instance, when
pairing two display and camera-equipped devices, an adversary could modify the capabilities of one
of the devices into display-less and/or camera-less device (i.e., bidding down) to force a radio-based
pairing protocol to be used, which is easier to intercept without being detected.
Secure Device Association ¥7
1.2.1.5 Compromised Devices
Compromised devices are a risk in any wireless system and are difficult to prevent at the protocol
level. In the case of secure device pairing, it is possible that an adversary may install malicious code
on the device(s). Then an adversary can access confidential information (e.g., shared secret) stored
on the device or use it to get authorized access to other available services. Further, a compromised
device could suggest pairing with only the adversary’s device or could run a weak pairing protocol.
It is the user’s responsibility to eliminate the chance of this attack by some mechanism, such as
deploying security software to detect the malicious code or to restrict the physical access of the
device to only those people whom he/she trusts.
1.2.2 Device Association in Ad Hoc Environments
The problem of secure device association continues to be a very active area of research in ad hoc
environments. The issue received significant attention from many researchers after Stajano et al.
[2–4] highlighted the challenges inherent in secure device association. As a result, currently we
have more than two dozen device association methods including their variations. Since overlapping
material on device pairing has started to appear in the literature (e.g., [5–8]), we believe that the
knowledge and understanding of existing methods is very important in order to propose new pairing
methods that should be really novel. Considering this fact, in this section we present the survey of
several approaches to device association along with a detailed comparative analysis (Section 1.2.3).
We first present several schemes proposed by academia and then we also discuss efforts taken by the
industry and standardization bodies.
1.2.2.1 Resurrecting Duckling Security Model
In their seminal Resurrecting Duckling paper [2] Stajano and Anderson presented a policy-based
mother–duckling security model that played an important role in raising the issue of secure device
association among a wide community of researchers. Their work [2–4] has been considered as
the first effort toward secure transient association between devices for MANET and ubiquitous
computing environments. The proposed mother–duckling model maps the relationships between
devices. “Mother” is a master device that imprints a “duckling” that is a slave device. The slave device
remains in one of the two states: imprinted or imprintable. The slave device is in the imprintable state
at the beginning or bootstrapping time. However, it switches from imprintable to the imprinted
(paired) state once it has got the shared secret from its master device. The slave remains in this
state until its death (i.e., while it keeps the shared secret provided by its master device). In fact,
the shared secret binds the slave device to its master device. As a consequence, the slave device
remains faithful to the master device and obeys no one else. Since the shared secret is transferred
from the master to the slave over a physical connection (such as using a cable) in plain-text form, the
proposed approach does not require complex cryptographic methods, such as Diffie–Hellman [1].
The authors also highlighted the concept of device-control mechanisms, that is, how to gain control
of personal devices, how to transfer or release control when needed, and how to regain control of
the same devices.
1.2.2.2 Talking to Strangers
Balfanz et al. [9] extended Stajano and Anderson’s work and proposed a two-phase authentication
method for pairing of colocated devices using infrared as a location-limited side channel (also known
8¥Security of Self-Organizing Networks
as out-of-band channel). In their proposed solution, preauthentication information is exchanged
over the infrared channel and then the user switches to the common wireless channel. Preauthen-
tication data contains cryptographic material as well as the complete address of the device. The
proposed method exploited public key cryptography in which devices exchange their public keys
over an insecure wireless channel followed by exchanging the hashes of respective public keys over
the location-limited side channel (i.e., infrared). Further, they are the first to introduce the concept
of demonstrative identification (i.e., identification in the form of a representation of an object, for
example, the printer in this room, the display in front of me, etc.) for authentication purposes in pair-
ing process. Slightly different variations, of Balfanz et al. [9] approach are proposed in [10,11], which
use laser and ultrasound as location-limited side channels to transfer the preauthentication data.
1.2.2.3 Device Association Using Visual Out-of-Band Channels
On the basis of the pairing protocol of Balfanz et al. [9], some other schemes are proposed through
the use of audio and visual out-of-band channels. One such system is Seeing-is-Believing (SiB) [12].
SiB takes advantage of the common presence of cameras in modern handheld devices and utilizes
two-dimensional bar codes for exchanging preauthentication data (i.e., public keys) between the
devices. In the proposed approach, device A encodes cryptographic material into a two-dimensional
bar code and displays it on the screen; then device B reads it through a camera to set up an
authenticated channel. In the simplest case, SiB requires the first device (A) to have a display to
show the 2D bar codes and the second device (B) a camera. Then the user is required to focus and
place the camera of device B at the first device’s (device A) screen properly to take a photograph
of the displayed bar code. SiB supports several use cases based on the device capabilities. For
example, when the first device has a camera and the other device has only a display, then only the
first device (camera-equipped) can authenticate the other device—that is, the display-only device
(1-way authentication). In the second use case, when both devices are camera and display equipped,
then both the devices can authenticate each other by two protocol runs, one in each direction
(2-way authentication). In another use case, when only one device has a camera and the other
device has neither a camera nor a display, the user can then print a two-dimensional bar code on a
sticker, containing the cryptographic material, and attach the sticker to the other (camera-less and
display-less device) device. In this case, the user takes a photograph of the sticker and performs the
SiB protocol as usual.
Another pairing method that uses a visual out-of-band channel is proposed by Saxena et al.
[13]. To reduce the camera requirement in one of the pairing devices in SiB, they extended the
work of McCune et al. [12] and proposed an improvement to it through the use of a simple
light source, such as an LED, and short authenticated integrity checksums. In fact, they showed
that mutual authentication can be achieved with a one-way visual channel, while SiB requires
two visual channels, one in each direction (for full functionality). In the proposed scheme [13],
device A needs to be equipped with a camera and device B with a single LED. Device A takes a
video clip of a blinking pattern on device B’s LED. Then the video clip is parsed to extract an
authentication string.
1.2.2.4 Device Association Using Audio Out-of-Band Channels
Loud and Clear (L&C) [14] and Human-Assisted Pure Audio Device Pairing (HAPADEP) [15] use
audio as an out-of-band channel to establish a secure channel between the devices. The main idea
of the L&C [14] scheme is to encode the hash of the first device’s public key into a MadLib
Secure Device Association ¥9
sentence (i.e., grammatically correct but nonsensical sentence) and transmit it over a device-to-
human channel using a speaker or a display. The second device also encodes the hash of the received
public key from the first device into the MadLib sentence and transmits it over a device-to-human
channel using a speaker or a display. The user is then responsible for comparing the two sentences
and to accepting or rejecting the pairing. There are four variants of this approach: speaker to speaker,
speaker to display, display to speaker, and display to display. In the first variant, the user is required
to compare and verify the two sentences vocalized by the pairing candidate devices. In the second
variant, the user is required to compare the vocalized MadLib sentence with the sentence displayed
on the other device. In the third variant, the user is required to compare the displayed MadLib
sentence on one device with the vocalized MadLib sentence from the other device. In the fourth
variant, the user is required to compare the MadLib sentences displayed on both the devices. In
all the variants, the user is responsible for accepting or rejecting the pairing based on the results of
comparison.
Soriente et al. proposed HAPADEP [15], which is a follow-on from L&C [14]. Soriente et al.
consider the problem of pairing two devices that have no common standard wireless communication
channel, such as Bluetooth or WiFi, at the time of pairing.The proposed scheme uses only audio to
exchange both public keys and hashes of public keys. The proposed system consists of two phases:
key transfer and key verification. In the key-transfer phase, the first device (device A) encodes
cryptographic material along with protocol messages into a fast audio codec and plays the resulting
audio sequence. The other device (device B) records and decodes this audio sequence in order to
obtain the key. This process is also repeated in reverse direction so that device A could get the key
from device B. In the second phase, each device computes a hash of the received public key and
encodes it into a pleasant audio sequence, such as a melody. Then the user is required to listen and
compare the audio sequences played by both devices and accept or reject the pairing based on the
results of comparison. This scheme is only applicable to those scenarios where both devices have a
microphone and a speaker.
1.2.2.5 Device Association Using Accelerometers
Unlike the approaches described above, the idea of shaking devices together to pair them has
become more common. Smart-its-Friends [5] is the first effort that proposed pairing of two devices
using a common movement pattern and used accelerometers as an out-of-band channel. In this
approach, two devices are held and shaken together simultaneously. Then common readings from
the embedded accelerometers in the devices are utilized to establish the communication channel
between the two devices. However, security has not been the major concern of Smart-its-Friends.
The follow-on schemes to Smart-its-Friends are Are You With Me [8] and Shake Well Before Use [6].
In Are You With Me [8], the main goal was to show that accelerometer’s data can be used to reliably
determine that a set of devices are being carried by the same person. The authors showed that one
can reliably determine whether the two devices are being carried by the same person or not using
only eight seconds of walking data. However, one of the major limitations of the proposed system
is that they require the user(s) to walk [8].
Mayrhofer and Gellersen [6] extended Holmquist et al.’s [5] approach and proposed two proto-
cols to securely pair the devices. Both the proposed protocols exploit cryptographic primitives with
accelerometer data analysis for secure device-to-device authentication. The first protocol uses public
key cryptography and is more secure as compared to the second protocol, which is more efficient
and computes a secret key directly from the accelerometer’s data. In the second scheme, the user is
required to hold and shake the devices together for approximately 20 s to generate a 128-bit shared
10 ¥Security of Self-Organizing Networks
secret [6]. Kirovski et al. proposed Martini Synch [16], another accelerometer-based approach to
securely pair the devices that use the idea of joint fuzzy hashing [7].
1.2.2.6 Device Association Using Radio Signals
Another approach that requires shaking or moving patterns is Shake Them Up [17]. The authors
suggest a movement-based technique for pairing two resource-constrained devices that involves
shaking and twirling them in very close proximity to each other. In the proposed scheme, intended
pairing partners are shaken together to exchange the radio packets and agree on a key one bit at a
time relying on the attacker’s inability to determine the source of each radio packet (i.e., sending
device). Unlike accelerometer-based schemes, this approach exploits the source indistinguishability
property of radio signals and does not require embedded accelerometers. Castelluccia and Mutaf
[17] described the source indistinguishability as two parties Alice and Bob run the previously
described key exchange protocol, but the eavesdropper should not be able to distinguish the pack-
ets sent by Alice from the packets sent by Bob. This source indistinguishability property requires
that communication should be temporally and spatially indistinguishable. To achieve the temporal
indistinguishability, the authors use a CSMA-based system. To achieve the spatial indistinguisha-
bility, the authors suggested that devices should be shaken and twirled in very close proximity
to each other.
Varshavsky et al. [18] proposed Amigo, a proximity-based technique for secure pairing of colo-
cated devices. They extended the Diffie–Hellman key exchange protocol with the addition of a key
verification stage. The proposed approach utilizes commonality of radio signals from locally avail-
able wireless access points to establish the secure channel between the devices. Any attacker who is
not physically very close would see a different pattern of access point signal strengths. Radio-based
approaches to secure device association either require no or minimal hardware and user involvement
during the pairing process. However, these schemes are not applicable in the scenarios where devices
support only Bluetooth technology.
1.2.2.7 Device Association Using Biometric Data
Biometrics represents a common technique for identifying human beings. Owing to the success
of biometric-based user authentication systems, researchers realized that many benefits could be
achieved by combining biometrics with cryptography. As a consequence, Buhan et al. proposed two
systems [19,20] that utilize biometric data to establish a secure channel between the devices. Both
the proposed systems are based on the Balfanz et al. model [9], and biometrics is used as an out-
of-band channel. In Feeling-is-Believing (FiB) [19]; Buhan et al. investigated the grip pattern and
proposed to generate a shared secret key from biometric data using quantization and cryptanalysis.
In SAfE [20], keys are extracted from images during the preauthentication phase, which are used
for authentication in subsequent phase.
1.2.2.8 Button-Enabled Device Association (BEDA)
Soriente et al. [21] proposed BEDA. The main idea of the proposed approach is to transfer the
short secret key from one device to the other using ‘button-presses’ and then use that key to
authenticate the public keys of the devices. A short secret key (21-bits) is agreed between the two
devices via one of its four variants. These variants are called button-to-button (B-to-B), display-
to-button (D-to-B), short vibration-to-button (SV-to-B), and long vibration-to-button (LV-toB).
In fact, the only difference between these variants is the way the first device (device A) transfers
Secure Device Association ¥11
the bits of the generated short secret to the other device (device B). Bits of a short secret are
encoded by the devices using the time interval between two events, such as a button-press-event.
For example, the first and basic variant (i.e., B-to-B) involves the user simultaneously pressing
buttons on both of the devices within certain random time intervals and each of these intervals
are used to derive three bits of the short secret key. In the D-to-B variant, it requires the first
device to have a display that emits visual signals by showing a blinking square on its screen. The
user reacts to blinking square events by pressing the button on the other device. In the SV-to-B
variant, it requires one of the devices to have vibration capability. It is similar to the D-to-B scheme;
however, it transmits signals through short vibration events instead of blinking square. Finally, LV-
to-B variant is also similar to the SV-to-B and D-to-B variants; however, in this scheme, instead of
short vibration or blinking square events, signals are emitted through either the start or the end of
a long vibration.
1.2.2.9 Bluetooth Pairing
Bluetooth [22] is a short-range wireless technology that allows modern devices—such as mobile
phones, PDAs, cameras, and other handheld devices—to communicate with each other over a
distance of up to 100 m. It works on a 2.4 GHz ISM band and is considered to be one of the
simplest ways to wirelessly exchange information between two devices in close proximity. In order
to establish a secure communication link between intended pairing devices, the user needs to go
through the Bluetooth pairing setup procedure. In Bluetooth pairing, devices need to exchange a
short passkey or PIN code to prove that the owners of both devices are agreed to pair the devices
with each other. Below are the general steps involved in the Bluetooth pairing process (Figure 1.2):
Bluetooth-enabled
device A (Master)
Bluetooth-enabled
device B (Slave)
Initiate device/service
discovery process
Set discoverable/visible
mode ON
Select device-B from the
list of found devices
Enter passkey or
pin code
Link/channel establishment
Service/device discovery session
Exchange of passkey/pin code
Pairing succeeded, if passkey matches
Enter passkey or
pin code
Figure 1.2 Bluetooth pairing process.
12 ¥Security of Self-Organizing Networks
1. The pairing process starts when the first device (device A), such as Bluetooth-enabled mobile
phone or PDA, searches for other Bluetooth-enabled devices in the vicinity. A list of Bluetooth
devices found would be shown on the screen of device A. Note that only those devices
can be found that are already in Bluetooth discoverable mode and their visibility option is
turned ON.
2. Device A selects device B (such as other mobile phone or PDA) from the available list of
devices. Then, device A asks the user to enter a PIN code or passkey. It could be any special
code of your choice; however, it must be remembered, because it needs to be entered on
the other device (device B). Note that in some of the resources/interface-constrained device
scenarios, it is not possible to enter the passkey or PIN code. In that case, there is a fixed code,
such as 0000, which the user is required to enter onto the other device.
3. Once the user has entered the passkey on device A, it sends it to device B.
4. If device B is not a resource-constrained device, it asks the user to enter the same PIN code
or passkey; otherwise it simply uses its own standard/fixed passkey (e.g., 0000).
5. Finally, device B sends back the user-entered passkey to device A. If device B’s passkey is the
same as entered by device A, then automatically a trusted association takes place between the
devices.
1.2.2.10 Device Association Using Near-Field Communication Technology
Near-Field Communication (NFC) is a short-range, high-frequency, low-bandwidth wireless
connectivity standard defined by the NFC Forum [23]. Since NFC uses magnetic field induc-
tion to enable communication between devices, it allows users to securely pair the NFC-enabled
devices by simply touching them together or holding them in very close proximity of up to 10 cm.
NFC-enabled devices are capable of establishing a peer-to-peer network to exchange content and
access services. It operates on a 13.56 MHz frequency with a data transfer rate of up to 424 kbit/s,
with a bandwidth of 14 kHz. However, NFC in combination with other wireless technologies, such
as Bluetooth or WiFi, can be used for exchanging a huge amount of data or can support longer
communication.
In NFC, there are two kinds of devices—active devices that generate their own field, and
passive devices that retrieve power from the field generated by active devices. NFC supports two
basic modes of communication: active mode and passive mode. In active mode, both the devices
generate their own magnetic field and require a power supply in each of them. While in pas-
sive mode, one of the devices (an active device) generates its magnetic field and the other devices
(i.e., passive device, such as a contactless smart card) retrieve the power from the active device.
There are many scenarios where NFC can be used. One such common scenario is the pairing of
an NFC-enabled camera and a computer. In that scenario, the user could transfer all the pho-
tographs in the camera into his/her computer just touching them together or putting them in very
close proximity. The touch mechanism makes it clear for the user which two devices are selected
for intended association and takes away the burden of selecting the right devices (i.e., discovery
and device identification) from a long list of available devices. Other possible applications/uses
of NFC include smart posters, replacement of contactless credit cards with NFC-enabled mobile
phones, and support services (through the use of voice clips) for the visually impaired people.
WiFi protected setup (WPS) also incorporates one of the methods that use NFC as an out-of-
band channel. Recently, there has been much greater availability of this technology in commercial
devices including Nokia 6131, Motorola L7, SAGEM my700X Contactless, LG600V, and Samsung
D500E.
Secure Device Association ¥13
1.2.2.11 Wireless Universal Serial Bus (WUSB) Association, WPS,
and Windows Connect now-Net
The Wireless USB (WUSB) group was formed in 2004 to define the WUSB specifications that took
about one year to complete. WUSB is a short-range (up to 10 m), high-bandwidth (110 Mbit/s)
wireless radio communication technology, which is developed to simplify the process of establishing
associations between a pair of wireless-enabled devices. The main goal of this technology is to replace
wired USB. In WUSB, device A (i.e., the host device) and device B exchange connection host
ID, connection device ID, and connection key during the association process. This information is
utilized later on to set up secure communication between device A and the device B. WUSB supports
two types of association models: cable association model and numeric association model. Device A
or host device supports both the models; while the other device having only USB ports supports the
cable association model, and the device with only a display supports the numeric association model.
The cable association model utilizes a USB cable to perform the first-time association between a host
and a device. Once the association has been completed, the cable is no longer needed and future
communications with the device can be entirely wireless. In the numeric association model, the first-
time association is performed over the ultra-wideband (UWB) radio. The WiFi Alliance officially
launched WPSs in early 2007. The goal was to provide a standard and simple way for easy and secure
establishment and configuration of wireless home networks. Another effort for standardization of
secure device association is Microsoft’s Windows Connect now-NET technology. It provides a way
to set up secure wireless network, and works for both in-band wireless devices and out-of-band
Ethernet devices.
1.2.3 Comparative Analysis of Device Association Methods
As described above, the issue of secure device association received significant attention from many
researchers, after Stajano and Anderson in their seminal paper [2] highlighted the challenges inherent
in secure device association. Since the secret key is transferred in plain-text form in their proposed
approach, it is susceptible to dictionary attacks. It also requires the same physical interface in both
the devices to transfer the secret, which makes such an approach inapplicable in scenarios where
the devices do not have a common physical interface. Further, it is also difficult to carry the cables
all the time. However, Resurrecting Duckling and Talking to Strangers both require minimal user
interaction that is an advantage from usability point of view. The common drawback of Talking to
Strangers [9] and some other similar approaches [10,11,24] (in terms of use of secondary-location-
limited-side channel) is twofold: first, they need some kind of physical interface (e.g., IrDA, laser,
ultrasound, etc.) for the preauthentication phase and are vulnerable to a passive eavesdropping
attack in the location-limited side channels, for example, two remotes and one projector. Further,
some of the location-limited side channels, such as infrared and laser, are highly vulnerable to denial
of service (DoS) attacks. Those schemes that use audio and/or visual out-of-band channels [12–14]
for secure device association also suffer from a few problems. For example, SiB [12] requires that
one of the peers must be equipped with camera; while in L&C [14] a speaker and/or display is
required. Camera-equipped devices are usually prohibited in high security areas; while the latter
is not suitable for hearing-impaired users. Further, bar code scanning requires sufficient proximity
and light in SiB; while L&C and HAPADEP [15] place some burden on the user for comparison
of MadLib sentences and audible sequences, respectively. An adversary can easily subvert bar code
stickers on devices in SiB to launch the successful attack, while ambient noise makes authentication
either weak or difficult in L&C as well as in HAPADEP. For example in SiB, a user wants to pair
14 ¥Security of Self-Organizing Networks
his/her handheld device with a display-less printer to print a confidential document. Since the
printer is display-less, a bar code sticker is attached to it. It is possible that an adversary subverts the
bar code or swaps it with another printer available in the next building. In that scenario, once the
pairing is established, and the user sends the document to the printer, it is printed by the adversary’s
printer in the next building. However, this scheme is more secure in the scenarios where both the
devices are camera equipped and also have displays. Since [13] is a variation of SiB, so this scheme
has some of the same limitations as SiB, such as requiring close proximity and a camera in at least
one of the devices. Further, in the case of L&C and HAPADEP more research and development
is required in the areas of speech engines, audio codec technology, as well as in L&C Dictionary.
Moreover, L&C and HAPADEP also suffer from the fact that users cannot be forced to carefully
listen to the audio played by the devices. It means a user who does not understand the importance
of security might not pay proper attention to the sound played by the devices, and thus can easily
ignore the verification stage, and may confirm a false match. Secure pairing of devices by shaking
them together is an interesting approach. However, these schemes require embedded accelerometers
in both the devices. Further, shaking devices together is always not possible, since there is a large
variety of devices, such as printers, projectors, and laptops that cannot be held and shaken together
simultaneously.
In contrast to the above approaches, AMIGO [18] and Shake Them Up [17] exploit radio
signals to establish the secure channel. Since AMIGO uses the similarity of radio signals from the
nearby access points, it is not applicable in scenarios, where the radio data is not available to process
or where the wireless network is easy to eavesdrop on while remaining physically hidden to the
bona fide users. Further, it is hard to identify the intended device in AMIGO when many other
devices surround it, because in the proposed scheme, the calculated physical proximity is of coarse
granular nature. Moreover, it is also a fact that in many developing countries 802.11-based wireless
technology is less popular compared to Bluetooth technology that is common due to the widespread
use of mobile phones. Shake Them Up is susceptible to attack by an eavesdropper who exploits the
differences in the baseband frequencies of the two radio sources. Biometric-based solutions to device
pairing are considered to be good from the usability point of view in which biometrics is used as an
out-of-band channel. The reason is that biometric-based channels put little cognitive load on the
users. However, the logic and calculations to accurately recognize the biometric patterns are a heavy
burden on its applications. Since no two biometric measurements, even coming from the same user
and using the same measurement setup are identical; the issues regarding the accuracy of recognition
techniques still need more research and improvement. Another drawback of this approach is that it
requires biometric readers in both the devices.
Bluetooth pairing requires the human operator to put the communicating partners into discov-
ery mode. After discovery and selection of a device, the channel is secured by entering the same PIN
or password into both devices that give rise to a number of usability and security issues [25,26]. For
example, a short password or PIN number makes it vulnerable to dictionary or exhaustive search
attacks. In [25] it was shown that an adversary can easily derive a 4-digit PIN from an eavesdropped
communication during pairing process in less than 0.06 s on a common computer by mounting
brute force attack. Further, in Bluetooth pairing an adversary can eavesdrop to break the security
from a long distance using powerful antennas. As a consequence, the Bluetooth Special Interest
Group (SIG) reacted to these concerns by creating Secure Simple Pairing. The protocol supports
four association modes: passkey entry, numeric comparison, just works, and an out-of-band model.
As far as NFC is concerned, it is extremely short-range technology as compared to other short-
range technologies, such as Infrared and Bluetooth. Therefore in many scenarios, NFC is used in
combination with Bluetooth, where NFC is used for pairing (Authenticating) a Bluetooth session
Secure Device Association ¥15
used for the transfer of data. NFC setup time is much shorter than Bluetooth. NFC requires less
than 0.2 ms to set up the connection; while Bluetooth requires approximately 6 s. Soriente et al.
[27], described different possible types of attacks on NFC. For example, NFC offers no protection
against eavesdropping and is also vulnerable to data corruption and data modifications. However, it
is practically impossible to launch MiTM attack in NFC, especially when Active–Passive commu-
nication mode is used [27]. WUSB project is perceived to have failed at the end of 2008 after the
withdrawal of Intel. Two major reasons that play a role in its failure are the need of a power supply
cable for the WUSB devices and the consumption of a large amount of energy.
Some other efforts toward providing secure device association include Lokey [28], manual
authentication [29], a generic framework [30], and NFC-based schemes [31]. LoKey uses SMS
messages to authenticate key exchange over the Internet, which incurs substantial monetary cost
and delay. Gehrmann et al. [29] proposed several manual schemes that enable handheld devices to
authenticate their public keys by some kind of user interaction. In the proposed schemes, the user
manually exchanges short message authentication codes between the devices. These short message
authentication codes are strings of very short length, between 16 and 20 bits. For example, in one
of the proposed method the user is required to compare the short strings displayed on the screens
of intended pair able devices. While, in another case in which one of the device is display-less, the
user is required to type the short string displayed on the first device onto the other device (i.e.,
display-less device).
In summary, each of the proposed schemes we surveyed has strengths and weaknesses—often
in hardware requirements, strength against various attacks or usability in particular scenarios. We
proposed in [30] a generic framework for secure device association. In the proposed system devices
first register their capabilities with the directory service. Then, whenever two devices need to create an
association, the client (device A) queries the directory service to discover and acquire the required
information to initiate a secure pairing with the target device (device B). On the basis of the
information from directory service, both the client (device A) and resource (device B) mutually
execute a common pairing protocol. The protocol that is chosen can be selected to achieve mutually
agreeable levels of security and usability within the constraints of the devices available and the
scenario the users find themselves in.
1.3 Future Directions for Research
From the comparative analysis presented in the previous section, we can conclude that no one has
yet devised the perfect pairing protocol. Pairing protocols vary in the strength of their security,
the level of required user intervention, their susceptibility to environmental conditions and in
the required physical capabilities of the devices, and the required proximity between the devices.
It is therefore appropriate to investigate ways of integrating different pairing protocols within a
general architecture for providing secure and usable pairing mechanisms for a large set of ad hoc
scenarios.
Further, most of the prior work on secure device association considered the demonstrative
approach (i.e., requires user involvement and/or manual efforts to identify the intended partner) for
the identification and discovery of the intended pair able colocated device. For example, in SiB [12]
and the Resurrecting Duckling Security Model [2], the discovery of the intended pair able device is
performed manually; while in Talking to Strangers [9] communicating partners exchange their
connectivity information over the secondary channel (i.e., infrared). However, in many situations
automatic device discovery is required. If we continue to multiply the number of manuals or
16 ¥Security of Self-Organizing Networks
out-of-band discovery mechanisms, users will become confused about the selection of the device
discovery method during pairing process. For instance, a user wanting to create an association of
a mobile phone having microphone, speaker, camera, display, and infrared with another mobile
phone having microphone, speaker, display, no camera, and no infrared might be confused about
the varied types of manual or out-of-band possibilities of device discovery [13]. We therefore agree
with the view proposed by Saxena et al. [13] that it should not be the user’s responsibility to figure out
how and which method to use for device discovery each time; instead an automatic device discovery
should take place. One of the efforts toward this is taken by Malkani et al. [30,32]; however, this
issue requires more attention from researchers.
Moreover, as described earlier, there is a large and growing literature on secure device association.
However, some of the proposed techniques or protocols have not been implemented; while others
are implemented and evaluated in a stand-alone manner without being compared with other related
works. Examples of these include the Resurrecting Duckling Security Model [2], Talking to Strangers
[9], AMIGO [18], Shake Well Before Use [6], some of the Saxena et al.’s proposed methods [33],
and four variants of the BEDA [21] approach. It might be because of unavailability of such tools
that provide a common platform to test the usability or security of these methods. This creates
the need to design new tools such as simulators, benchmarks, and usability testing frameworks
(e.g., [35,36]) that can be used to evaluate the existing as well as new pairing schemes. Finally, in
Table 1.1, we have summarized the features of some of the device association methods described in
this chapter.
1.4 Conclusions
Wireless networks are common-place nowadays and almost all modern computing devices support
wireless communication in some form. These networks differ from more traditional computing
systems due to the ad hoc and spontaneous nature of interactions among devices. These systems
are prone to security risks, such as eavesdropping, and require different techniques as compared
to traditional security mechanisms. Recently, secure device association has got significant atten-
tion from many researchers and a significant set of techniques and protocols have been proposed.
More recently, numerous standardization and industrial bodies, (such as Microsoft, WiFi Alliance,
Bluetooth SIG, and the USB Forum) have also recognized the significance of this problem and are
working on specifying more general, usable, and secure procedures for device pairing. However, as
we have shown in our survey of the state of the art, currently available schemes for secure device
pairing vary in their security against different attacks, in the needed hardware capabilities, and
in the necessary level of user attention. Some of these techniques consider devices equipped with
infrared, laser, or ultrasound transceivers, while others require embedded accelerometers, cameras
and/or LEDs, displays, and microphones and/or speakers. Some techniques exploit the knowledge
of radio environment to securely pair the devices; others require the user’s careful attention and sig-
nificant manual intervention in the pairing process. However, less attention is paid toward the issue
of a more generic or standard pairing mechanism or infrastructure that covers a large set of ad hoc
scenarios. Finally, we attempted to highlight the gaps left by prior work and presented some future
research directions using a survey and a comparative analysis of the existing methods for secure
device association. Finally, we envision that in a world of heterogeneous devices and requirements,
we need mechanisms to allow automated selection of the best device association protocols without
requiring the user to have an in-depth knowledge of the minutiae of the underlying technologies.
Further, these mechanisms should facilitate unobtrusive device identification, matching of pairing
Secure Device Association ¥17
Table 1.1 Features Summary of Device Association Methods
Minimum Hardware or Equipment
Required in Each of the Device Out-of-Band/Location-Limited
Pairing Method Device A Device B Human/User Effort Required Secondary Channel
Resurrecting Duck-
ling Security Model
A cable and the same physical inter-face
(e.g., USB port) on both devices
Set up cable connection between the
devices
Cable
Talking to Strangers Infrared (IrDA) port on both devices Set up infrared (IrDA) connection
between the devices
Infrared (IrDA)
Smart-its-Friends 2D accelerometers on both devices Move/shake devices together simulta-
neously until the response signal is
received
Accelerometer/Motion/
Tactile
Are You with Me? 2D accelerometers on both devices Walk around to shake the devices
(sensors) for a certain time period
Accelerometer/Motion
Shake Well Before
Use
2D accelerometers on both devices Move/shake devices together simulta-
neously until the response signal is
received
Accelerometer/Motion/
Tactile
SiB Display Photo camera Properly place camera of device B at the
displayed bar code on device A with suffi-
cient proximity and take the photograph
Visual
L&C (Display–
Speaker)
Display Speaker Compare the MadLib sentence displayed
on the screen of device A with the vocal-
ized MadLib sentence from device B
Combination of audio
and visual
continued
18 ¥Security of Self-Organizing Networks
Table 1.1 (continued) Features Summary of Device Association Methods
Minimum Hardware or Equipment
Required in Each of the Device Out-of-Band/Location-Limited
Pairing Method Device A Device B Human/User Effort Required Secondary Channel
L&C (Speaker–
Speaker)
Speaker Speaker Compare the two vocalized MadLib
sentences from both of the devices
Audio
HAPADEP Speaker Microphone Compare two audible
sequences/melodies
Audio
Shake Them Up 802.11 network
card/
interface
802.11 network
card/
interface
Shake/twirl/move devices around until
pairing is done or the response signal is
received
Combination of 802.11
and motion
AMIGO 802.11 network
card/
interface
802.11 network
card/
interface
Shake/wave hand near the device until
pairing is done or the response signal is
received
Combination of 802.11
and tactile
BEDA (Button to
button)
A single button on both devices Press button on both devices simulta-
neously with random time intervals until
the response signal is received
Tactile
BEDA (Display to
button)
Display A single button Press and release the button on device B
whenever the display of device A flashes
Tactile
BEDA (Short vibra-
tions to button)
Vibration capability A single button Press and release the button on device B
whenever device A vibrates
Tactile
BEDA (Long vibra-
tions to button)
Vibration capability A single button Press and hold the button on device B
while device A vibrates
Tactile
Source: Data from Malkani, Y. A. and L. D. Dhomeja, in Proceedings of 5th IEEE International Conference on Emerging Technologies (ICET-09). © IEEE
2009.
Secure Device Association ¥19
techniques to requirements, and chains of communication to bridge between devices of different
capability and improved security by combining techniques where possible.
Acknowledgments
Some pieces of information are taken from the author’s earlier published work [30,34].
Terminologies
Authentication
Device pairing
Eavesdropping attacks
Mobile/Ad hoc systems
Security initialization
Spontaneous interaction
Out-of-band channels
Questions and Sample Answers
1. Describe the term “device pairing.”
Device pairing is the task of establishing or bootstrapping a secure communication link
between two devices in close proximity. To achieve this, the protocol must consider the absence
of any prior common device context and trusted third party. Secure device association, security
initialization, and secure first-connect are some of the alternative terms used to describe the
process of device pairing.
2. What is meant by “out-of-band channel”?
An out-of-band channel is a secondary communication channel. Such a channel usually has
additional security guarantees (e.g., confidentiality or message integrity) that help to create
a secure association between a pair of devices. In many cases, the additional security comes
through the absence of vulnerability to attacks on the network and/or a requirement that
engagement with the channel is physically visible to the users, and it might be as simple as
direct person-to-person verbal exchange. Out-of-band channels are also known as location-
limited side channels or constrained channels. One of the major uses of out-of-band channels
is to transfer messages for authentication during the pairing process. Out-of-band channels
can be categorized into two broad categories: input out-of-band channels and output out-of-
band channels. The first category is usually used to enter some data into the device(s) during
the pairing process, such as entering PIN code or passkey using a keypad. The latter category
is used for verification purposes through the use of some output capability of the device, such
as a display.
3. List any four common sources that represent input out-of-band channels.
Keypad/Button, microphone, camera, and accelerometers.
4. List any four common sources that represent output out-of-band channels.
Display, speaker, LED, and vibrators.
20 ¥Security of Self-Organizing Networks
5. Why is the problem of secure device pairing challenging?
There are several reasons that make secure device pairing a challenging real-world problem.
A list of some of the major reasons is given below:
1. Wireless technology: Devices involved in device pairing scenarios use wireless technology
in some form and thus are susceptible to eavesdropping. As a consequence, it also opens
doors for other security threats, such as MiTM attack.
2. Ad hoc and spontaneous interaction among the devices.
3. No preshared secret between the intended pairing partners.
4. Unavailability of centralized trusted third party.
5. Nonexistence of any offline or online security infrastructure, such as PKI.
6. Lack of common device context/capabilities between the devices.
7. Devices’ heterogeneity in terms of communication channel, power requirements, and
available sensor technology.
6. What are the major requirements for device pairing solutions?
When proposing a solution to a certain problem, one must need to consider its essential
requirements. In the same way, there are also some major requirements that need significant
attention when proposing/developing a solution for secure device pairing. A list of these
requirements is given below:
1. Usability: This requirement states that the process of secure pairing should be easy to use
and comprehensible by an ordinary (nontechnical) user.
2. Security: An attack against the pairing process should not be possible without an extensive
preplanning and the use of very sophisticated equipment.
3. No extra hardware: The solution should avoid the addition of any extra hardware in the
devices to properly carry out the pairing process.
4. No additional interface: This requirement states that the solution should use the same com-
munication channel for both security initialization and further communication between
the devices.
5. Support for device heterogeneity: The solution should support pairing in varied scenarios
(use cases), with various device capabilities.
7. Write a detailed scenario of your choice that demonstrates the importance of secure device
pairing in everyday life.
The scenario presented below clearly demonstrates the need and importance of secure device
pairing in every day life.
Let us first introduce Angela who is working in a well-reputed organization. She organizes
a meeting with representatives of some customers to give them a confidential briefing about
a new product that her company is launching in the near future. The meeting is organized
in a hotel equipped with modern smart devices, but which is unfamiliar to Angela. On the
meeting day, Angela is getting late, so she leaves her office in hurry and forgets to print some
important documents required during the meeting. When she reaches the hotel, she wants to
pair her laptop with a nearby printer to print the documents, without having to gain special
permissions on the hotel network or pass files to a receptionist. That she has been allowed
into the room with the printer is sufficient credentials. Next she goes to the meeting room,
where she wants to pair her laptop with the projector securely, since the presentation carries
some sensitive data. In addition to preventing eavesdroppers on a connection expected to
last for several hours, Angelas laptop selects a mechanism that allows her to demonstrate to
the room that the data are coming from her laptop. After her meeting and before leaving,
Secure Device Association ¥21
she needs to discuss a confidential issue with her boss. At this time, she wants to pair her
Bluetooth-enabled headset with her mobile phone. Finally, when she finishes everything and
needs to leave the hotel, she wants to provide the hotel with a signature stored on her work
contactless smart ID card to use in authenticating their invoice.
8. Briefly describe the out-of-band association model of Bluetooth Secure Simple Pairing.
The out-of-band association model of Bluetooth Secure Simple Pairing is designed to be used
with several possible out-of-band channels, such as NFC technology. It addresses the two
major requirements of device pairing, security and usability (or simplicity). It can be used in
the scenarios where a demonstrative approach to device pairing is desired. For example, this
association model allows the user to demonstratively discover (identify) the intended devices
to establish the association between them. Since, in this model, cryptographic material is
exchanged over the out-of-band channel between intended devices, thus the security of this
model also relies on the type of out-of-band channels used during the pairing process. For
example, when NFC is used as an out-of-band channel, it is hard to mount the MiTM
attack due to the characteristics of the NFC channel. Further, the user’s experience from
usability point of view may also vary in several device pairing scenarios depending on the
chosen out-of-band channel. For instance, in an NFC-based out-of-band channel, the user
only needs to touch the two devices together to initiate the security relation between a pair
of devices.
9. Name some of the short-range wireless data standards.
1. Bluetooth 2.0/2.1/3.0
2. NFC
3. WiFi (IEEE 802.11)
4. WUSB
5. UWB
6. Infrared (however, less common in modern devices)
7. Wibree
8. Zigbee—IEEE 802.15.4
10. What are the major features of NFC that make it an important technology for very short-range
communication?
Some of the major features of NFC that make it an important technology for short-range
wireless communication are listed below:
1. Availability: Recently, NFC has got significant attention from the industry, and become
a rapidly growing technology. We advocate that NFC has found its place in the market,
and currently a large number of NFC-enabled devices are available in the market.
2. Usability: NFC provides user-friendly methods to establish the link between two NFC-
enabled devices, such as simply touching a pair of devices or holding them in very close
proximity.
3. Security against MiTM attack: Owing to the characteristics of NFC, it is extremely difficult
for an adversary to successfully mount the MiTM attack.
4. Support for variety of applications: NFC has a number of applications, such as smart posters,
easy payment methods for goods and ticketing, maintaining automatic attendance records
for employees in an organization, and so on.
5. Compatibility: NFC is compatible with other similar existing infrastructures, such as con-
tactless infrastructure of ticketing and transportation.
22 ¥Security of Self-Organizing Networks
Author’s Biography
Yasir Arfat Malkani is a lecturer in the Institute of Mathematics and Computer Science (IMCS),
University of Sindh, Jamshoro, Pakistan. Currently, he is a DPhil student and associate tutor at
the University of Sussex, Brighton, United Kingdom. He was awarded the Vice Chancellor’s silver
medal for securing first position in MSc computer science at the University of Sindh in 2003. He
was appointed as a research associate in the University of Sindh in 2004, and then as a lecturer in July
2005. He was awarded a PhD scholarship from the University of Sindh in 2006 to pursue his DPhil
studies at the University of Sussex. His main area of research is pervasive computing. He studies
the issue of establishing whether two devices are colocated and enabling secure communication
based on evidence of colocation, without any other prior knowledge of each other. He has defined a
framework and core protocol for such a system and implemented a basic prototype. Ongoing work
is being undertaken in analyzing the security and usability of existing protocols, developing and
testing features in his protocols, and building a more general implementation for evaluation.
Dan Chalmers is a senior lecturer in the Software Systems group of the School of Informatics at
the University of Sussex, Brighton, United Kingdom. Before working at the University of Sussex he
worked for Imperial College London and Ericsson Ltd. He has a BEng(Hons) in software engineering
from University of Manchester Institute of Science and Technology (UMIST)—now a part of the
University of Manchester, Manchester, United Kingdom, an MSc in advanced computing and a
PhD, both from the Department of Computing, Imperial College London. His research focuses
on the way knowledge of context (including resource limits, location, and other physical and social
aspects of context) can be used to modify behavior and affect data display and configuration of
systems.
Ian Wakeman is a senior lecturer in the Software Systems group of the School of Informatics at the
University of Sussex, Brighton, United Kingdom. He has a BA in electrical and information sci-
ences from Cambridge University, Cambridge, United Kingdom, an MS from Stanford University,
California, and a PhD from University College London (UCL), London, United Kingdom. His
research could be described as user-centered networking, investigating protocols and techniques to
make computer networks work for people. This has spawned over 50 refereed papers in fields as
diverse as congestion control for packetized video and programming languages for active networks
and has more recently focused on trust-based approaches for network and system configuration in
pervasive computing.
References
1. Diffie, W. and M. E. Hellman, New directions in cryptography. IEEE Transactions on Information Theory,
1976; IT-22(6): 644–654.
2. Stajano, F. and R. Anderson, The Resurrecting Duckling: Security issues for ad-hoc wireless networks,
in Security Protocols. 2000. Springer: Berlin/Heidelberg, pp. 172–182.
3. Stajano, F., The Resurrecting Duckling–what next?, in Revised Papers from the 8th International Work-
shop on Security Protocols. 2001, Springer: Berlin/Heidelberg, pp. 204–214.
4. Stajano, F. and R. Anderson, The Resurrecting Duckling: Security issues for ubiquitous computing.
Computer, 2002; 35(4): 22–26.
5. Holmquist, L. E., et al., Smart-Its Friends: A technique for users to easily establish connections between
smart artefacts, in Proceedings of the 3rd International Conference on Ubiquitous Computing. 2001,
Springer: Berlin/Heidelberg, pp. 116–122.
Secure Device Association ¥23
6. Mayrhofer, R. and H. Gellersen, Shake Well Before Use: Authentication based on accelerometer data,
in 5th International Conference on Pervasive Computing (Pervasive 2007). 2007. Toronto, Ontario,
Canada.
7. Kirovski, D., M. Sinclair, and D. Wilson, The Martini Synch: Joint fuzzy hashing via error correction,
in Security and Privacy in Ad-hoc and Sensor Networks. 2007. Springer: Berlin/Heidelberg, pp. 16–30.
8. Lester, J., B. Hannaford, and G. Borriello, Are You with Me?–using accelerometers to determine if
two devices are carried by the same person, in Pervasive Computing. 2004. Springer: Berlin/Heidelberg
pp. 33–50.
9. Balfanz, D., et al., Talking to strangers: Authentication in adhoc wireless networks, in Symposium on
Network and Distributed Systems Security (NDSS ’02). 2002. San Diego, CA.
10. Mayrhofer, R., M. Hazas, and H. Gellersen, An authentication protocol using ultrasonic ranging,
Technical Report. 2006, Lancaster University.
11. Mayrhofer, R. and M. Welch, A human-verifiable authentication protocol using visible laser light, in
the 2nd International Conference on Availability, Reliability and Security, ARES 2007. Vienna, Austria.
12. McCune, J. M., A. Perrig, and M. K. Reiter, Seeing-is-believing: Using camera phones for human-
verifiable authentication, in IEEE Symposium on Security and Privacy, 2005. Oakland, California, pp.
110–124.
13. Saxena, N., et al., Secure device pairing based on a visual channel, in SP’06: Proceedings of the 2006
IEEE Symposium on Security and Privacy (S&P’06), 2006. IEEE Computer Society, Washington, DC,
pp. 306–313.
14. Goodrich, M. T., et al. Loud and clear: Human-verifiable authentication based on audio, in
26th IEEE International Conference on Distributed Computing Systems, ICDCS 2006. Lisbon,
Portugal.
15. Soriente, C., G. Tsudik, and E. Uzun, HAPADEP: human assisted pure audio device pairing. Cryptology
ePrint Archive, Report 2007/093, 2007.
16. Kirovski, D., M. Sinclair, and D. Wilson, The Martini Synch. Technical Report MSR-TR-2007-123,
Microsoft Research, September 2007.
17. Castelluccia, C. and P. Mutaf, Shake them up!: A movement-based pairing protocol for CPU-constrained
devices, in Proceedings of the 3rd International Conference on Mobile Systems, Applications, and Services.
2005, Seattle, Washington: ACM.
18. Varshavsky, A., et al., Amigo: Proximity-based authentication of mobile devices, in Ubiquitous Comput-
ing,UbiComp 2007, 2007. Innsbruck, Austria, pp. 253–270.
19. Buhan, I. R., J. M. Doumen, P. H. Hartel, and R. N. J. Veldhuis, Feeling is believing: A location limited
channel based on grip pattern biometrics and cryptanalysis. Technical Report TR-CTIT-06-29, Centre
for Telematics and Information Technology, University of Twente, Enschede. 2006.
20. Buhan, I., et al., Secure ad-hoc pairing with biometrics: SAfE, in Proceedings of First International
Workshop on Security for Spontaneous Interaction (IWSSI ’07), 2007. Innsbruck, Austria.
21. Soriente, C., G. Tsudik, and E. Uzun, BEDA: Button-enabled device association, in International
Workshop on Security and Spontaneous Interaction (IWSSI ’07). 2007 Innsbruck, Austria.
22. The Official BluetoothrTechnology Info Site: http://www.bluetooth.com
23. The Near Field Communication (NFC) Forum: http://www.nfc-forum.org/home
24. Spahic, A., et al., Pre-authentication using infrared, in Privacy, Security and Trust within the Context of
Pervasive Computing, 2005. Springer: US, pp. 105–112.
25. Shaked, Y. and A. Wool, Cracking the Bluetooth PIN, in MobiSys ’05, in Proceedings of the 3rd Interna-
tional Conference on Mobile Systems, Applications, and Services, 2005. Seattle, Washington: ACM.
26. Jakobsson, M. and S. Wetzel, Security weaknesses in Bluetooth, Lecture Notes in Computer Science, 2001.
Springer: Berlin/Heidelberg, pp. 176–191.
27. Haselsteiner, E. and K. Breitfuß, Security in near field communication (NFC), in Proceedings of Work-
shop on RFID Security, July 2006. Graz, Austria, pp. 3–13.
28. Nicholson, A., et al., LoKey: Leveraging the SMS network in decentralized, end-to-end trust establish-
ment, in Pervasive Computing. 2006. Springer: Berlin/Heidelberg, pp. 202–219.
29. Gehrmann, C. and C. J. Mitchell, Manual authentication for wireless devices. RSA Cryptobytes, 2004;
7(1): 29–37.
24 ¥Security of Self-Organizing Networks
30. Malkani, Y. A., et al., Towards a general system for secure device pairing by demonstration of physical
proximity, in MWNS-09 Co-located with IFIP Networking 2009 Conference, 2009. Shaker Verlag: Aachen,
Germany, pp. 13–24.
31. Rekimoto, J., et al., Proximal interactions: A direct manipulation technique for wireless networking, in
INTERACT 2003. 2003. Zurich, Switzerland.
32. Malkani, Y. A., D. Chalmers, and I. Wakeman, Towards a general system for secure device pairing by
demonstration of physical proximity (Poster), in UBICOMP Grand Challenge: Workshop on Ubiquitous
Computing at a Crossroads: Art, Science, Politics and Design. 6th and 7th January, 2009, Huxley Building,
Imperial College, London.
33. Saxena, N. and J. Voris, Pairing devices with good quality output interfaces, in International Workshop
on Wireless Security and Privacy (WISP) (co-located with ICDCS), 2009. Montreal, Quebec, Canada.
34. Malkani, Y. A. and L. D. Dhomeja, Secure device association for ad hoc and ubiquitous computing
environments, in Proceedings of 5th IEEE International Conference on Emerging Technologies (ICET-09),
2009. Islamabad, Pakistan.
35. Kostiainen, K., et al., Framework for comparative usability testing of distributed applications. Technical
Report NRC-TR-2007-005, Nokia Research Center, Helsinki, Finland, 2007.
36. Mayrhofer, R., Towards an open source toolkit for ubiquitous device authentication, in Proceedings of
the Fifth IEEE international Conference on Pervasive Computing and Communications Workshops, 2007.
IEEE Computer Society, Washington, DC, pp. 247–254.
... The main goal of the research community working on the secure device pairing issue is to provide mechanisms that give assurance of the identity of the devices participating in the pairing process and to secure them from being victims of eavesdropping attacks, such as MiTM attack. Achieving this goal is a challenging problem from both the security and the usability points of view [43,44]. ...
... This notion contradicts with the usability goal of secure device pairing schemes. As a motivating example towards this, consider the following scenario, which is reproduced from [43]. ...
... The proposed system integrates device discovery, several pairing schemes and a selection mechanism into a single model that facilitates association of any pair of devices in a wide range of scenarios by using the devices' existing capabilities and user preferences, and also assists the user to select an appropriate pairing protocols and relieves him/her from choosing between more than two dozen of pairing schemes. The interested readers can find the detailed analysis of these existing schemes in [43,44]. ...
Article
Full-text available
Recently secure device pairing has had significant attention from a wide community of academic as well as industrial researchers and a plethora of schemes and protocols have been proposed, which use various forms of out-of-band exchange to form an association between two unassociated devices. These protocols and schemes have different strengths and weaknesses – often in hardware requirements, strength against various attacks or usability in particular scenarios. From ordinary user's point of view, the problem then becomes which to choose or which is the best possible scheme in a particular scenario. We advocate that in a world of modern heterogeneous devices and requirements, there is a need for mechanisms that allow automated selection of the best protocols without requiring the user to have an in-depth knowledge of the minutiae of the underlying technologies. Towards this, the main argument forming the basis of this research work is that the integration of a discovery mechanism and several pairing schemes into a single system is more efficient from a usability point of view as well as security point of view in terms of dynamic choice of pairing schemes. In pursuit of this, we have proposed a generic system for secure device pairing by demonstration of physical proximity. The contributions presented in this paper include the design and prototype implementation of the proposed framework along with a novel Co-Location protocol.
... Interested reader can find the survey and detailed analysis of these existing paring schemes and protocols in (Malkani et al., 2009aMalkani et al., , 2010a). The key features of the PoP framework are below: ...
... : As stated, the proposed system integrates the device discovery mechanism and a set of several pairing protocols/schemes mainly identified and discussed in (Malkani et al., 2009aMalkani et al., , 2010a). Since none of the discovery systems in their original form were found to be suitable in for integration and prototype implementation of the PoP framework in terms of complexity and the features offered by these systems, Malkani et al., (2009b) developed their own registration and discovery mechanism through combining several features of its own (such as confidentiality and integrity protection) and the existing well known discovery systems. ...
... It is noted that the usability study results of eight pairing schemes are also useful in improving the protocol selection criteria in PoP Framework. Finally, we believe that the results and findings of this work including (Malkani et al., 2009aMalkani et al., , 2009bMalkani et al., , 2010aMalkani et al., , 2010bMalkani et al., ,2012aMalkani et al., ,2012b) motivates the research community to re-think the issue of secure device pairing and come up with a more standardized, common and universal solution. ...
Article
Full-text available
Security and privacy remain to be a major concern for the computing world – from traditional wired networks to modern mobile ad-hoc networks (MANETs) and ubiquitous/pervasive computing systems. Ubiquitous computing systems vary from conventional computing systems due to several reasons, such as ubiquitous computing systems are by nature ad hoc, more dynamic and there is spontaneous interaction among the devices. Most of the time, these systems are composed of modern small, handheld or embedded devices. These modern devices have support for some kind of wireless channel (i.e. WiFi, Infrared, Bluetooth, Laser etc) for communication purposes. As the wireless channels are inherently prone to security risks, the communication among the devices in these systems is not secure and these are susceptible to various attacks, such as MiTM attack. Consequently, in order to secure these systems, we need different tools and techniques than conventional security mechanisms. One of the recently addressed issues in ad-hoc and ubiquitous computing systems is the establishment of a secure channel between two devices. In literature, it is called secure device pairing. This issue is addressed by many researchers and several solutions have been proposed. We also realized the importance of this issue and proposed a framework based approach to secure device pairing. The focus of this paper is the performance evaluation and extended usability analysis of the proposed Proof-of-Proximity (PoP) framework.
... The main goal of secure pairing research is to provide assurance of the identity of the devices participating in the pairing process and to secure them from being victims of eavesdropping attacks, such as MiTM attack. Achieving this goal is a challenging problem from both the security and the usability or user interaction points of view [1]. Towards, this we advocated that a common device pairing infrastructure could be an effective (from usability point of view) approach for ubiquitous computing environments. ...
... Previously we have presented a detailed survey of the state-of-theart in secure device pairing [1]. Each of the proposed schemes we have surveyed has strengths and weaknesses often in hardware requirements, strength against various attacks or usability in particular scenarios. ...
... schemes and/or their variations that are used to demonstrate the physical proximity of devices through the use of out-of-band channels. For a detailed survey of pairing schemes, refer [1]. We are presenting the overview of the overall system as below: ...
Conference Paper
Full-text available
Ad-hoc interactions between devices over wireless networks present a security problem: the generation of shared secrets to initialize secure communication over a medium that is inherently vulnerable to various attacks. However, these scenarios can also build on physical security of spaces by using protocols in which users visibly demonstrate their presence to generate an association. As a consequence, secure device pairing has received significant attention. A plethora of schemes and protocols have been proposed, which use various forms of out-of-band exchange to form an association between two devices. These protocols and schemes have different strengths and weaknesses -- often in hardware requirements, strength against various attacks or usability in particular scenarios. From ordinary user's point of view, the problem then becomes which to choose or which is the best possible scheme in a particular scenario. This problem could be relieved by automation. We advocate that the integration of a discovery mechanism, several pairing schemes and a selection protocol into a single system is more efficient for users. In this paper, we present such a system along with its implementation details.
... The main goal of the research community working on the secure device pairing issue has been to provide mechanisms that give assurance of the identity of the devices participating in the pairing process and to secure them from being victims of eavesdropping attacks, such as MiTM attack. Achieving this goal is a challenging problem from both the security and the usability points of view [32][33]. Consequently, Malkani et. ...
... The proposed system integrates device discovery, several pairing schemes and a protocol selection mechanism into a single model that facilitates association of any pair of devices in a wide range of scenarios by using the devices' existing capabilities and user preferences, and also assists the user to select an appropriate pairing protocol and relieves him/her from choosing between more than two dozen of pairing schemes. The interested readers can find the detailed analysis of these existing schemes in [32][33] and the detailed system architecture of the proposed system in [1]. The focus of this paper is the usability study of eight pairing schemes as well as the proposed system, which integrates them. ...
Article
Full-text available
Ubiquitous computing systems are becoming more common nowadays. Usually, these systems are composed of several modern hand-held devices, which support wireless communication in some form, such as WiFi, IrDA, Bluetooth, etc. Since wireless communication is open to everyone, the issue is how to pair two unassociated devices securely. Consequently, a wide community of industrial as well as academic researchers have proposed more than two dozen schemes and protocols that use various forms of out-ofband channels to pair the two devices securely. The main goal of the research community working on this issue has been to develop and/or propose such pairing systems/schemes, which should be automatic, secure and usable. One such system is proposed by Malkani et. al. [1]. The main goal of this research was to design a generic system that facilitates association of two co-located devices by demonstration of physical proximity in ubiquitous computing environments. In this paper, we are presenting the usability study of several pairing schemes and the proposed system, which was carried out to evaluate the overall system.
Article
Wireless mesh networks provide long-distance wireless network connectivity over heterogeneous devices for greater scalability and availability. However, protecting legitimate long-distance wireless links from wormhole attacks is an important yet challenging security issue in wireless mesh networks. In this paper, we propose a reputation-based cross-layer intrusion detection system to effectively detect various wormhole attacks. The proposed system analyses the behaviours of the routing paths in wireless mesh networks to correctly isolate the malicious wormhole paths from legitimate long-distance wireless links. It uses reputation and cross-layer parameters for comprehensive ability to isolate the wormhole attacks in routing paths. This isolation ensures full utilisation of legitimate long-distance wireless links in wireless mesh networks, which is not possible with the existing wormhole attack detection approaches. Experimental results show that the proposed system increases the detection rate, decreases the false alarm rate, and secures legitimate long-distance wireless links in wireless mesh networks. Copyright © 2014 John Wiley & Sons, Ltd.
Article
Full-text available
This report presents a method for establishing and secur-ing spontaneous interactions on the basis of spatial references which are obtained by accurate sensing of relative device positions. Utilising the Relate ultrasonic sensing system, we construct an interlocked protocol using radio frequency messages and ultrasonic pulses for verifying that two devices share a secret. This verification is necessary to prevent man-in-the-middle attacks on standard Diffie-Hellman key agreement.
Article
Full-text available
Co-location of devices is a useful basis for access control policies for ad-hoc connections, as physical security, visibility and social norms provide reassurances to the device owners and participants. There are various possible techniques for demonstrating co-location through physical interactions, which others have started to explore. In some cases these provide the basis for encryption, in others simply confirmation of presence. In all cases these techniques are dependant upon hardware capabilities, offer varying physical scope and levels of attack resistance, and require different levels of user attention and visible public action. Different trade-offs amongst these considerations are desired in different situations. In this paper we present a framework for negotiating such pairings. This facilitates device identification, matching of pairing techniques to requirements, chains of communication to bridge between devices of different capability and improved security by combining techniques where possible.
Chapter
Full-text available
Using complex authentication and verification methods is not always feasible in application fields with time and resource restrictions. However, fast and configuration-less authentication methods are required in many pervasive computing applications using wireless connectivity. In this paper we present an authentication mechanism which uses context information for its first phase, the so called pre-authentication phase. During this phase a connection between two devices is established to generate a common secret as a prerequisite for the subsequent authentication. We present an implementation of a special device called “magic wand”, using optical communication for the pre-authentication phase. With the help of this device it is also possible to quickly authenticate devices for subsequent use in service discovery.
Conference Paper
Full-text available
As the proliferation of pervasive and ubiquitous computing devices continues, users will carry more devices. Without the ability for these devices to unobtrusively interact with one another, the user’s attention will be spent on coordinating, rather than using, these devices. We present a method to determine if two devices are carried by the same person, by analyzing walking data recorded by low-cost MEMS accelerometers using the coherence function, a measure of linear correlation in the frequency domain. We also show that these low-cost sensors perform similarly to more expensive accelerometers for the frequency range of human motion, 0 to 10Hz. We also present results from a large test group illustrating the algorithm’s robustness and its ability to withstand real world time delays, crucial for wireless technologies like Bluetooth and 802.11. We present results that show that our technique is 100% accurate using a sliding window of 8 seconds of data when the devices are carried in the same location on the body, is tolerant to inter-device communication latencies, and requires little communication bandwidth. In addition we present results for when devices are carried on different parts of the body.
Conference Paper
Full-text available
In this paper we address the problem of secure communication and authentication in ad-hoc wireless networks. This is a difficult problem, as it involves bootstrapping trust between strangers. We present a user-friendly solution, which provides secure authentication using almost any established public-key-based key exchange protocol, as well as inexpensive hash-based alternatives. In our approach, devices exchange a limited amount of public information over a privileged side channel, which will then allow them to complete an authenticated key exchange protocol over the wireless link. Our solution does not require a public key infrastructure, is secure against passive attacks on the privileged side channel and all attacks on the wireless link, and directly captures users' intuitions that they want to talk to a particular previously unknown device in their physical proximity. We have implemented our system in Java for a variety of different devices, communication media, and key exchange protocols.
Conference Paper
In the near future, many personal electronic devices will be able to communicate with each other over a short range wireless channel. We investigate the principal security issues for such an environment. Our discussion is based on the concrete example of a thermometer that makes its readings available to other nodes over the air. Some lessons learned from this example appear to be quite general to ad-hoc networks, and rather different from what we have come to expect in more conventional systems: denial of service, the goals of authentication, and the problems of naming all need re-examination. We present the resurrecting duckling security policy model, which describes secure transient association of a device with multiple serialised owners.
Article
This paper gives a comprehensive analysis of security with respect to NFC. It is not limited to a certain application of NFC, but it uses a system- atic approach to analyze the various aspects of security whenever an NFC in- terface is used. The authors want to clear up many misconceptions about se- curity and NFC in various applications. The paper lists the threats, which are applicable to NFC, and describes solutions to protect against these threats. All of this is given in the context of currently available NFC hardware, NFC applications and possible future developments of NFC.
Conference Paper
Device pairing is a significant problem for a large class of increasingly popular resource-constrained wireless protocols such as Bluetooth. The objective of pairing is to establish a secure wireless communication channel between two specific devices without a public-key infrastructure, a secure near-field communication channel, or electrical contact. We use a surprising user-device interaction as a solution to this problem. By adding an accelerometer, a device can sense its motion in a Cartesian space relative to the inertial space. The idea is to have two devices in a fixed, relative position to each other. Then, the joint object is moved randomly in 3D for several seconds. The unique motion generates approximately the same distinct signal at the accelerometers. The difference between the signals in the two inertially conjoined sensors should be relatively small under normal motion induced manually. The objective is to derive a deterministic key at both sides with maximized entropy that will be used as a private key for symmetric encryption. Currently, our prototype produces between 10–15 bits of entropy per second of usual manual motion using off-the-shelf components.
Conference Paper
In the context of the security of wireless ad hoc networks, we previously explored the problem of secure transient association between a master and a slave device in the absence of an online authentication server. We introduced the Resurrecting Duckling security policy model to address this problem. Master-slave relationships, however, do not exhaust the range of interesting interactions. We therefore extend the Duckling model to also cover relationships between peers.
Conference Paper
Secure Device Association (also known as security initialization, first-connect or simply pairing in the literature) can be referred as the process of establishing a secure channel between a pair of devices in close proximity. There have been many recent proposals to provide secure pairing of devices in close proximity. All vary in their security against different attacks, the needed hardware capabilities and the necessary level of user attention. In a world of heterogeneous devices and requirements, we need mechanisms to allow automated selection of the best device association protocols without requiring the user to have an in-depth knowledge of the minutiae of the underlying technologies. Further, these mechanisms should facilitate unobtrusive device identification, matching of pairing techniques to requirements, chains of communication to bridge between devices of different capability and improved security by combining techniques where possible. In this paper, we present research trends and issues in the area of secure device association for ad hoc and ubiquitous computing environments followed by a short survey of the existing methods.