![Page 1: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/1.jpg)
Usable Bootstrapping of Secure Ad Hoc Communication
Ersin Uzun
PARC
1
![Page 2: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/2.jpg)
Outline
What is “first connect” (aka “device pairing” or “bootstrapping secure communication”)? Why is it hard to secure? Why usability is important?
Methods & standards, and the current state.
2
![Page 3: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/3.jpg)
Secure pairing of personal devices Pairing: bootstrapping the
association and the security contexts for subsequent communication.
E.g., Pairing a bluetooth phone and a
headset
Enrolling a phone or PC into a home WLAN
3
![Page 4: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/4.jpg)
4
What devices? Desktops
Laptops
PDAs
Phones
MP3 Players
Wireless Headsets
Cameras
Device (e.g., TV) Remotes
Access Points
FAX-s/Copiers/Printers
Sensors? RFIDs?
Pacemakers? Dialysis devices?
![Page 5: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/5.jpg)
Setting up a security association (authenticated secure communication) where:
no prior context exists (no PKI, common TTPs, key servers, shared secrets, etc.)
Ordinary non-expert users
Cost-sensitive commodity devices
Problem
Ohh! I cannot even pair my socks!
5
![Page 6: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/6.jpg)
Wireless channel: susceptible to eavesdropping
Let’s use K as the secret keyAlice Bob
OK
6
Encrypted Communication using K
![Page 7: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/7.jpg)
Uups!
Let’s use K as the secret keyAlice Bob
OK
Eve can decrypt the communication!Eve can impersonate either party!
7
Communication Communication
![Page 8: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/8.jpg)
Also open to active attacks…
PKE1
Eve
PKAAlice Bob
PKE2 PKB
Man in the middle attackover Diffie-Hellman key agreement
8
![Page 9: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/9.jpg)
Mechanisms should be intuitive
...and work on various devices!
SSID? WPA? Passcode!
Which E61?
9
![Page 10: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/10.jpg)
… and secure
10
![Page 11: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/11.jpg)
Security and usability coexistence Better usability = insecure?
More security = harder to use?
11
![Page 12: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/12.jpg)
Goal: Secure, intuitive, inexpensive methods for secure communication bootstrapping One well-studied approach: using two communication
channels Assumption: Peer devices are physically identifiable Two channels:
1. Wireless channel
2. OOB channel: Human perceivable or location-limited
Other approaches Based on physical properties of wireless signals
Distance-bounding Environmental sensing
12
![Page 13: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/13.jpg)
Some examples (not a complete list!) Various OOB channels
Cables Resurrecting Duckling, [Stanajo, et al. IWSP’99]
Camera, barcodes/LEDs Seeing-is-believing, [McCune, et al. S&P’05] SIB revisited, [Saxena, et al. S&P’06] GAnGS, [Chen, et al. Mobicom’08] SPATE, [Lin, et al. Mobisys’09]
Speakers and microphones Loud And Clear, [Goodrich, et al. ICDCS’06) HAPADEP, [Soriente, et al. ISC’08)
Other hardware Accelerometers “Shake well before use”, [Mayrhofer, et al. Pervasive’07] Ultrasound, laser transceivers and many others....
Standardization activities Wi-fi protected setup Bluetooth secure pairing Wireless USB association models
Location limited channels IrDA: Talking to Strangers, [Balfanz, et al. NDSS’02] NFC: Bluetooth specs draft
Distance-bounding (e.g., Capkun et al. TMC’10), Env. sensing (Krumm et al. Ubicomp’07)
13
![Page 14: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/14.jpg)
Where are we now? Proposals are not adapted by manufacturers I still cannot securely pair a Bluetooth handset and a
phone in the presence of an active attacker My mother still cannot secure her WLAN at home
without my help
Emerging scenarios are even more challenging Group pairing Home sensor networks Pairing with personal RFID tags
14
![Page 15: Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1](https://reader035.vdocuments.us/reader035/viewer/2022062318/5514f86b550346a80c8b5031/html5/thumbnails/15.jpg)
Thanks!
15