Secure Device Pairing Based on a Visual Channel: Design and Usability Study
IEEE Transactions on Information Forensics and Security
Pairing" is the establishment of authenticated key agreement between two devices over a wireless channel. Such devices are ad hoc in nature as they lack any common preshared secrets or trusted authority. Fortunately, these devices can be connected via auxiliary physical (audio, visual, tactile) channels which can be authenticated by human users. They can therefore be used to form the basis of a pairing operation. Recently proposed pairing protocols and methods are based upon bidirectional
... al channels. However, various pairing scenarios are asymmetric in nature, i.e., only a unidirectional physical channel exists between two devices (such as between a cell phone and an access point). In this paper, we show how strong mutual authentication can be achieved even with a unidirectional visual channel, where prior methods could provide only a weaker property termed as presence. This could help reduce the execution time and improve usability of prior pairing methods. In addition, by adopting recently proposed improved pairing protocols, we propose how visual channel authentication can be used even on devices that have very limited displaying capabilities, all the way down to a device whose display consists of a cheap single lightsource, such as an LED. We present the results of a preliminary usability study evaluating our proposed method.