SECURE DEVICE PAIRING : A USABILITY STUDY

Ubiquitous computing systems are becoming more common nowadays. Usually, these systems are composed of several modern hand-held devices, which support wireless communication in some form, such as WiFi, IrDA, Bluetooth, etc. Since wireless communication is open to everyone, the issue is how to pair two unassociated devices securely. Consequently, a wide community of industrial as well as academic researchers have proposed more than two dozen schemes and protocols that use various forms of out-ofband channels to pair the two devices securely. The main goal of the research community working on this issue has been to develop and/or propose such pairing systems/schemes, which should be automatic, secure and usable. One such system is proposed by Malkani et. al. [1]. The main goal of this research was to design a generic system that facilitates association of two co-located devices by demonstration of physical proximity in ubiquitous computing environments. In this paper, we are presenting the usability study of several pairing schemes and the proposed system, which was carried out to evaluate the overall system.

[1]  Eyal de Lara,et al.  Amigo: Proximity-Based Authentication of Mobile Devices , 2007, UbiComp.

[2]  E. Merzari,et al.  Large-Scale Simulations on Thermal-Hydraulics in Fuel Bundles of Advanced Nuclear Reactors , 2007 .

[3]  Nitesh Saxena,et al.  Automated Device Pairing for Asymmetric Pairing Scenarios , 2008, ICICS.

[4]  Ian Wakeman,et al.  Secure Device Association: Trends and Issues , 2010 .

[5]  Frank Stajano,et al.  The Resurrecting Duckling - What Next? , 2000, Security Protocols Workshop.

[6]  Avishai Wool,et al.  Cracking the Bluetooth PIN , 2005, MobiSys '05.

[7]  Darko Kirovski,et al.  The Martini Synch : Using Accelerometers for Device Pairing , 2007 .

[8]  Frank Stajano,et al.  The Resurrecting Duckling: security issues for ubiquitous computing , 2002, S&P 2002.

[9]  Christian Gehrmann,et al.  Manual authentication for wireless devices , 2004 .

[10]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[11]  A. W. Roscoe,et al.  Usability and security of out-of-band channels in secure device pairing protocols , 2009, SOUPS.

[12]  Michael Kreutzer,et al.  Pre-Authentication Using Infrared , 2005 .

[13]  Bernt Schiele,et al.  Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts , 2001, UbiComp.

[14]  Rene Mayrhofer,et al.  An Authentication Protocol using Ultrasonic Ranging , 2006 .

[15]  Ersin Uzun,et al.  Usability Analysis of Secure Pairing Methods , 2007, Financial Cryptography.

[16]  Rene Mayrhofer,et al.  An Authentication Protocol using Ultrasonic Ranging Technical Report Number COMP-002-2006 , October 2006 , 2006 .

[17]  Pieter H. Hartel,et al.  Secure Ad-hoc Pairing with Biometrics: SAfE , 2007 .

[18]  Nitesh Saxena,et al.  Pairing Devices with Good Quality Output Interfaces , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[19]  E. Uzun,et al.  BEDA : Button-Enabled Device Association , 2007 .

[20]  Rene Mayrhofer,et al.  Shake well before use: two implementations for implicit context authentication , 2007 .

[21]  Pieter H. Hartel,et al.  Feeling is Believing: a location limited channel based on grip pattern biometrics and cryptanalysis , 2006 .

[22]  Matthias Ringwald,et al.  Spontaneous Interaction with Everyday Devices Using a PDA , 2002 .

[23]  Yang Wang,et al.  Serial hook-ups: a comparative usability study of secure device pairing methods , 2009, SOUPS.

[24]  Krishna M. Sivalingam,et al.  Cryptographic key exchange based on locationing information , 2007, Pervasive Mob. Comput..

[25]  Nitesh Saxena,et al.  Universal device pairing using an auxiliary device , 2008, SOUPS '08.

[26]  William R. Claycomb,et al.  Towards secure resource sharing for impromptu collaboration in pervasive computing , 2007, SAC '07.

[27]  Arun Kumar,et al.  Caveat Emptor: A Comparative Study of Secure Device Pairing Methods , 2009, PerCom.

[28]  L. Faulkner Beyond the five-user assumption: Benefits of increased sample sizes in usability testing , 2003, Behavior research methods, instruments, & computers : a journal of the Psychonomic Society, Inc.

[29]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[30]  Yasir Arfat Malkani,et al.  PSIM: A tool for analysis of device pairing methods , 2010, ArXiv.

[31]  Jakob Nielsen,et al.  Measuring usability: preference vs. performance , 1994, CACM.

[32]  Kristiina Karvonen,et al.  Usability Testing for Secure Device Pairing in Home Networks , 2007 .

[33]  Eyal de Lara,et al.  Proximity-based authentication of mobile devices , 2009, Int. J. Secur. Networks.

[34]  N. Asokan,et al.  Secure device pairing based on a visual channel , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[35]  Claudio Soriente,et al.  HAPADEP: Human-Assisted Pure Audio Device Pairing , 2008, ISC.

[36]  Michael K. Reiter,et al.  Seeing-Is-Believing: using camera phones for human-verifiable authentication , 2009, Int. J. Secur. Networks.

[37]  Brian D. Noble,et al.  LoKey: Leveraging the SMS Network in Decentralized, End-to-End Trust Establishment , 2006, Pervasive.

[38]  René Mayrhofer,et al.  A Human-Verifiable Authentication Protocol Using Visible Laser Light , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[39]  Claude Castelluccia,et al.  Shake them up!: a movement-based pairing protocol for CPU-constrained devices , 2005, MobiSys '05.

[40]  Tim Kindberg,et al.  Context authentication using constrained channels , 2002, Proceedings Fourth IEEE Workshop on Mobile Computing Systems and Applications.

[41]  Michael Sirivianos,et al.  Loud and Clear: Human-Verifiable Authentication Based on Audio , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[42]  René Mayrhofer,et al.  Shake Well Before Use: Authentication Based on Accelerometer Data , 2007, Pervasive.

[43]  James R. Lewis,et al.  IBM computer usability satisfaction questionnaires: Psychometric evaluation and instructions for use , 1995, Int. J. Hum. Comput. Interact..

[44]  TsudikGene,et al.  A comparative study of secure device pairing methods , 2009 .

[45]  Yasir Arfat Malkani,et al.  Secure device association for ad hoc and ubiquitous computing environments , 2009, 2009 International Conference on Emerging Technologies.

[46]  Ian Wakeman,et al.  A generic framework for device pairing in ubiquitous computing environments , 2012 .

[47]  Nitesh Saxena,et al.  Efficient Device Pairing Using "Human-Comparable" Synchronized Audiovisual Patterns , 2008, ACNS.