Research Article
Auxiliary Channel Diffie-Hellman Encrypted Key-Exchange Authentication
@INPROCEEDINGS{10.4108/ICST.QSHINE2008.3893, author={Dennis K. Nilsson and Ulf E. Larson and Erland Jonsson}, title={Auxiliary Channel Diffie-Hellman Encrypted Key-Exchange Authentication}, proceedings={5th International ICST Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness}, publisher={ICST}, proceedings_a={QSHINE}, year={2010}, month={5}, keywords={Wireless personal area networks auxiliary channel authentication Bluetooth Just Works Passkey Entry}, doi={10.4108/ICST.QSHINE2008.3893} }- Dennis K. Nilsson
Ulf E. Larson
Erland Jonsson
Year: 2010
Auxiliary Channel Diffie-Hellman Encrypted Key-Exchange Authentication
QSHINE
ICST
DOI: 10.4108/ICST.QSHINE2008.3893
Abstract
In wireless personal area networks, establishing trust and authentication with previously unknown parties is both necessary and important. We propose an auxiliary channel Diffie-Hellman encrypted key-exchange authentication scheme to establish secure authentication between two previously unknown devices. The key exchange creates a high-entropy shared key from a low-entropy PIN that is transferred through an auxiliary channel. The strong shared key is then used for authentication of exchanged public keys. The scheme protects against both man-in-the-middle and passive eavesdropping attacks, including offline PIN cracking. We focus on Bluetooth version 2.1 and analyze the Simple Pairing protocols. We restrict the supported usage scenarios for the Just Works and Passkey Entry protocols and design a protocol using our proposed solution to replace both protocols. We recognize that our proposed protocol is substantially more secure than the current Just Works protocol, achieves the same security level as the Passkey Entry protocol while maintaining the usability and convenience level for the user. In addition, the proposed protocol considerably reduces the number of messages exchanged compared to the Passkey Entry protocol.