1 / 15

Usable Bootstrapping of Secure Ad Hoc Communication

Usable Bootstrapping of Secure Ad Hoc Communication. Ersin Uzun PARC. Outline. What is “ first connect” (aka “device pairing” or “bootstrapping secure communication”)? Why is it hard to secure? Why usability is important? Methods & standards, and the current state.

amina
Download Presentation

Usable Bootstrapping of Secure Ad Hoc Communication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC

  2. Outline • What is “first connect” (aka “device pairing” or “bootstrapping secure communication”)? • Why is it hard to secure? • Why usability is important? • Methods & standards, and the current state.

  3. Secure pairing of personal devices • Pairing: bootstrapping the association and the security contexts for subsequent communication. • E.g., • Pairing a bluetooth phone and a headset • Enrolling a phone or PC into a home WLAN

  4. What devices? • Desktops • Laptops • PDAs • Phones • MP3 Players • Wireless Headsets • Cameras • Device (e.g., TV) Remotes • Access Points • FAX-s/Copiers/Printers • Sensors? RFIDs? • Pacemakers? Dialysis devices?

  5. Problem Ohh! I cannot even pair my socks! • Setting up a security association (authenticated secure communication) where: • no prior context exists (no PKI, common TTPs, key servers, shared secrets, etc.) • Ordinary non-expert users • Cost-sensitive commodity devices

  6. Wireless channel: susceptible to eavesdropping Alice Bob Let’s use K as the secret key OK Encrypted Communication using K

  7. Uups! Alice Bob Let’s use K as the secret key OK Communication Communication Eve can decrypt the communication! Eve can impersonate either party!

  8. Also open to active attacks… Alice Bob Eve PKA PKE1 PKE2 PKB Man in the middle attack over Diffie-Hellman key agreement

  9. Mechanisms should be intuitive SSID? WPA? Passcode! Which E61? ...and work on various devices!

  10. … and secure

  11. Security and usability coexistence • Better usability = insecure? • More security = harder to use?

  12. Goal: Secure, intuitive, inexpensive methods for secure communication bootstrapping • One well-studied approach: using two communication channels • Assumption: Peer devices are physically identifiable • Two channels: • Wireless channel • OOB channel: Human perceivable or location-limited • Other approaches • Based on physical properties of wireless signals • Distance-bounding • Environmental sensing

  13. Some examples (not a complete list!) • Various OOB channels • Cables • Resurrecting Duckling, [Stanajo, et al. IWSP’99] • Camera, barcodes/LEDs • Seeing-is-believing, [McCune, et al. S&P’05] • SIB revisited, [Saxena, et al. S&P’06] • GAnGS, [Chen, et al. Mobicom’08] • SPATE, [Lin, et al. Mobisys’09] • Speakers and microphones • Loud And Clear, [Goodrich, et al. ICDCS’06) • HAPADEP, [Soriente, et al. ISC’08) • Other hardware • Accelerometers  “Shake well before use”, [Mayrhofer, et al. Pervasive’07] • Ultrasound, laser transceivers and many others.... • Standardization activities • Wi-fi protected setup • Bluetooth secure pairing • Wireless USB association models • Location limited channels • IrDA: Talking to Strangers, [Balfanz, et al. NDSS’02] • NFC: Bluetooth specs draft • Distance-bounding (e.g., Capkun et al. TMC’10), Env. sensing (Krumm et al. Ubicomp’07)

  14. Where are we now? • Proposals are not adapted by manufacturers • I still cannot securely pair a Bluetooth handset and a phone in the presence of an active attacker • My mother still cannot secure her WLAN at home without my help Emerging scenarios are even more challenging • Group pairing • Home sensor networks • Pairing with personal RFID tags

  15. Thanks!

More Related