usable bootstrapping of secure ad hoc communication ersin uzun parc 1
TRANSCRIPT
Usable Bootstrapping of Secure Ad Hoc Communication
Ersin Uzun
PARC
1
Outline
What is “first connect” (aka “device pairing” or “bootstrapping secure communication”)? Why is it hard to secure? Why usability is important?
Methods & standards, and the current state.
2
Secure pairing of personal devices Pairing: bootstrapping the
association and the security contexts for subsequent communication.
E.g., Pairing a bluetooth phone and a
headset
Enrolling a phone or PC into a home WLAN
3
4
What devices? Desktops
Laptops
PDAs
Phones
MP3 Players
Wireless Headsets
Cameras
Device (e.g., TV) Remotes
Access Points
FAX-s/Copiers/Printers
Sensors? RFIDs?
Pacemakers? Dialysis devices?
Setting up a security association (authenticated secure communication) where:
no prior context exists (no PKI, common TTPs, key servers, shared secrets, etc.)
Ordinary non-expert users
Cost-sensitive commodity devices
Problem
Ohh! I cannot even pair my socks!
5
Wireless channel: susceptible to eavesdropping
Let’s use K as the secret keyAlice Bob
OK
6
Encrypted Communication using K
Uups!
Let’s use K as the secret keyAlice Bob
OK
Eve can decrypt the communication!Eve can impersonate either party!
7
Communication Communication
Also open to active attacks…
PKE1
Eve
PKAAlice Bob
PKE2 PKB
Man in the middle attackover Diffie-Hellman key agreement
8
Mechanisms should be intuitive
...and work on various devices!
SSID? WPA? Passcode!
Which E61?
9
… and secure
10
Security and usability coexistence Better usability = insecure?
More security = harder to use?
11
Goal: Secure, intuitive, inexpensive methods for secure communication bootstrapping One well-studied approach: using two communication
channels Assumption: Peer devices are physically identifiable Two channels:
1. Wireless channel
2. OOB channel: Human perceivable or location-limited
Other approaches Based on physical properties of wireless signals
Distance-bounding Environmental sensing
12
Some examples (not a complete list!) Various OOB channels
Cables Resurrecting Duckling, [Stanajo, et al. IWSP’99]
Camera, barcodes/LEDs Seeing-is-believing, [McCune, et al. S&P’05] SIB revisited, [Saxena, et al. S&P’06] GAnGS, [Chen, et al. Mobicom’08] SPATE, [Lin, et al. Mobisys’09]
Speakers and microphones Loud And Clear, [Goodrich, et al. ICDCS’06) HAPADEP, [Soriente, et al. ISC’08)
Other hardware Accelerometers “Shake well before use”, [Mayrhofer, et al. Pervasive’07] Ultrasound, laser transceivers and many others....
Standardization activities Wi-fi protected setup Bluetooth secure pairing Wireless USB association models
Location limited channels IrDA: Talking to Strangers, [Balfanz, et al. NDSS’02] NFC: Bluetooth specs draft
Distance-bounding (e.g., Capkun et al. TMC’10), Env. sensing (Krumm et al. Ubicomp’07)
13
Where are we now? Proposals are not adapted by manufacturers I still cannot securely pair a Bluetooth handset and a
phone in the presence of an active attacker My mother still cannot secure her WLAN at home
without my help
Emerging scenarios are even more challenging Group pairing Home sensor networks Pairing with personal RFID tags
14
Thanks!
15