Usability and Security of Out-of-Band Channels in Secure Device Pairing Protocols

Free registration required

Executive Summary

Initiating and bootstrapping secure, yet low-cost, ad-hoc transactions is an important challenge that needs to be over-come if the promise of mobile and pervasive computing is to be fulfilled. For example, mobile payment applications would benefit from the ability to pair devices securely with-out resorting to conventional mechanisms such as shared secrets, a Public Key Infrastructure (PKI), or trusted third parties. A number of methods have been proposed for doing this based on the use of a secondary Out-Of-Band (OOB) channel that either authenticates information passed over the normal communication channel or otherwise establishes an authenticated shared secret which can be used for subsequent secure communication.

  • Format: PDF
  • Size: 374.9 KB