Date Added: Jul 2009
In pervasive ad-hoc networks, there is a need for devices to be able to communicate securely, despite the lack of apriori shared security associations and the absence of an infrastructure such as a PKI. Previous work has shown that through the use of short verification strings exchanged over manual authentication channels, devices can establish secret session keys. The authors examine a construction of such a cryptographic digest function for deriving the verification string, and propose an improved construction, with weaker assumptions. They further provide a concrete instantiation which is efficient, based on finite fields.