Abstract
Numerous secure device pairing (SDP) protocols have been proposed to establish a secure communication between unidentified IoT devices that have no preshared security parameters due to the scalability requirements imposed by the ubiquitous nature of the IoT devices. In order to provide the most user‐friendly IoT services, the usability assessment has become the main requirement. Thus, the complete security analysis has been replaced by a sketch of a proof to partially validate the robustness of the proposal. The few existing formal or computational security verifications on the SDP schemes have been conducted based on the assessment of a wide variety of uniquely defined security properties. Therefore, the security comparison between these protocols is not feasible and there is a lack of a unified security analysis framework to assess these pairing techniques. In this paper, we survey a selection of secure device pairing proposals that have been formally or computationally verified. We present a systematic description of the protocol assumptions, the adopted verification model, and an assessment of the verification results. In addition, we normalize the used taxonomy in order to enhance the understanding of these security validations. Furthermore, we refine the adversary capabilities on the out‐of‐band channel by redefining the replay capability and by introducing a new notion of delay that is dependent on the protocol structure that is more adequate for the ad hoc pairing context. Also, we propose a classification of a number of out‐of‐band channels based on their security properties and under our refined adversary model. Our work motivates the future SDP protocol designer to conduct a formal or a computational security assessment to allow the comparability between these pairing techniques. Furthermore, it provides a realistic abstraction of the adversary capabilities on the out‐of‐band channel which improves the modeling of their security characteristics in the protocol verification tools.
Highlights
With the growing demand for IoT objects for both the personal and the industrial contexts, the use of a decentralized device-to-device (D2D) communication system has become a necessity for numerous applications in the context of Internet of Things (IoT)
We have addressed the secure device pairing problem from the security perspective by providing a refined adversary model on the out-of-band channel that is suitable to the ad hoc pairing context
We proposed a new out-of-band classification by evaluating a number of security guarantees such as the confidentiality, the data freshness, the integrity, the data authenticity, the liveness, and the channel availability
Summary
With the growing demand for IoT objects for both the personal and the industrial contexts, the use of a decentralized device-to-device (D2D) communication system has become a necessity for numerous applications in the context of Internet of Things (IoT). This work is aimed at introducing and motivating the use of the formal and the computational security analysis in the process of validating the robustness of the secure device pairing schemes It serves as a road map for properly designing an SDP protocol that achieves the desired security goals and that can be applicable to realistic scenarios by providing the adequate criteria for choosing the appropriate outof-band channel. (i) We conduct a comprehensive study on the existing formal and computational security proofs that evaluate a selection of secure device pairing schemes relying on an out-of-band channel (ii) We enhance the threat model, adopted by numerous SDP proposals to describe the attacker action on the OoB channel, by eliminating the replay assumption and by introducing a new realistic approach to the delay attack based on the structure of the protocol.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
