Secure device pairing under realistic conditions

Creating a trust relationship between two devices is commonly designated as pairing protocol. This practice is essential for the security of dynamic networks as it protects against rogue device insertion. If the pairing itself is not secure all afterward security will be compromised. All existing methods require either a pre-existing secure channel between devices or a common security context (e.g. Public Key Infrastructure) or the handling of cryptographic information by the user. All these requirements are rarely achieved in practice. We propose a solution where these requirements are relaxed. In particular, the user is not required to memorize type-in or even check any cryptographic information. Therefore, this solution is suitable for devices with only LEDs and a button such as WiFi access points, modems and small portable devices.