TY - GEN
T1 - Serial hook-ups
T2 - 5th Symposium On Usable Privacy and Security, SOUPS 2009
AU - Kobsa, Alfred
AU - Sonawalla, Rahim
AU - Tsudik, Gene
AU - Uzun, Ersin
AU - Wang, Yang
PY - 2009
Y1 - 2009
N2 - Secure Device Pairing is the bootstrapping of secure communication between two previously unassociated devices over a wireless channel. The human-imperceptible nature of wireless communication, lack of any prior security context, and absence of a common trust infrastructure open the door for Man-in-the-Middle (aka Evil Twin) attacks. A number of methods have been proposed to mitigate these attacks, each requiring user assistance in authenticating information exchanged over the wireless channel via some human-perceptible auxiliary channels, e.g., visual, acoustic or tactile. In this paper, we present results of the first comprehensive and comparative study of eleven notable secure device pairing methods. Usability measures include: task performance times, ratings on System Usability Scale (SUS), task completion rates, and perceived security. Study subjects were controlled for age, gender and prior experience with device pairing. We present overall results and identify problematic methods for certain classes of users as well as methods best-suited for various device configurations.
AB - Secure Device Pairing is the bootstrapping of secure communication between two previously unassociated devices over a wireless channel. The human-imperceptible nature of wireless communication, lack of any prior security context, and absence of a common trust infrastructure open the door for Man-in-the-Middle (aka Evil Twin) attacks. A number of methods have been proposed to mitigate these attacks, each requiring user assistance in authenticating information exchanged over the wireless channel via some human-perceptible auxiliary channels, e.g., visual, acoustic or tactile. In this paper, we present results of the first comprehensive and comparative study of eleven notable secure device pairing methods. Usability measures include: task performance times, ratings on System Usability Scale (SUS), task completion rates, and perceived security. Study subjects were controlled for age, gender and prior experience with device pairing. We present overall results and identify problematic methods for certain classes of users as well as methods best-suited for various device configurations.
UR - http://www.scopus.com/inward/record.url?scp=70350738597&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=70350738597&partnerID=8YFLogxK
U2 - 10.1145/1572532.1572546
DO - 10.1145/1572532.1572546
M3 - Conference contribution
AN - SCOPUS:70350738597
SN - 9781605587363
T3 - SOUPS 2009 - Proceedings of the 5th Symposium On Usable Privacy and Security
BT - SOUPS 2009 - Proceedings of the 5th Symposium On Usable Privacy and Security
Y2 - 15 July 2009 through 17 July 2009
ER -