UAB - The University of Alabama at Birmingham


1. Pairing Protocols

    a. Based on Computational Security

  • S. Laur, N. Asokan, and K. Nyberg. Efficient mutual data authentication based on short authenticated strings. In Cryptology and Network Security (CANS), 2006. [paper]

  • S. Pasini and S. Vaudenay. SAS-Based Authenticated Key Agreement. In Theory and Practice of Public-Key Cryptography (PKC), 2006. [paper] [slides]

  • S. Vaudenay. Secure communications over insecure channels based on short authenticated strings. InInternational Cryptology Conference (CRYPTO), 2005. [paper]

  • D. Balfanz, D. Smetters, P. Stewart, and H. C. Wong. Talking to strangers: Authentication in ad-hoc wireless networks. In Network and Distributed System Security Symposium (NDSS), 2002. [paper] [slides]

    b. Based on Information Theoretic Security

  • M. Naor, G. Segev, A. Smith. Tight Bounds for Unconditional Authentication Protocols in the Manual Channel and Shared Key Models. In IEEE Transactions on Information Theory, Volume 54, Issue 6, June 2008. [paper]

2. Pairing Methods

  • C. Soriente, G. Tsudik, and E. Uzun. HAPADEP: Human-Assisted Pure Audio (Secure) Device Pairing, InInternational Conference on Information Security (ISC), 2008. [paper]

  • V. Roth, W. Polak, E. Rieffel, and T. Turner. Simple and effective defenses against evil twin access points. In ACM Conference on Wireless Network Security (WiSec), short paper, 2008. [paper]

  • C. Soriente, G. Tsudik, and E. Uzun. BEDA: Button-Enabled Device Association. In International Workshop on Security for Spontaneous Interaction (IWSSI), 2007. [paper]

  • R. Mayrhofer and M. Welch. A human-verifiable authentication protocol using visible laser light. InInternational Conference on Availability, Reliability and Security (ARES), pages 1143-1148, 2007.[paper]

  • R. Mayrhofer and H. Gellersen. Shake well before use: Authentication based on accelerometer data. InPervasive Computing (PERVASIVE), 2007. [paper]

  • M. T. Goodrich, M. Sirivianos, J. Solis, G. Tsudik, and E. Uzun. Loud and Clear: Human-Verifiable Authentication Based on Audio. In International Conference on Distributed Computing Systems (ICDCS), 2006. [paper]

  • J. M. McCune, A. Perrig, and M. K. Reiter. Seeing-is-believing: Using camera phones for human-verifiable authentication. In IEEE Symposium on Security and Privacy, 2005. [paper]

  • A. Perrig and D. Song. Hash visualization: a new technique to improve real-world security. In Cryptographic Techniques and E-Commerce (CrypTEC), 1999. [paper]

  • F. Stajano and R. J. Anderson. The resurrecting duckling: Security issues for ad-hoc wireless networks. InSecurity Protocols Workshop, 1999. [paper]

3. Comparative Usability Studies of Pairing Methods

  • A. Kobsa, R. Sonawalla, G. Tsudik, E. Uzun, Y. Wang. Serial Hook-Ups: A Comparative Usability Study of Secure Device Pairing Methods. In Symposium on Usable Privacy and Security (SOUPS),  2009. [paper]

  • R. Kainda, I. Flechais, and A. W. Roscoe. Usability and security of out-of-band channels in secure device pairing protocols. In Symposium On Usable Privacy and Security (SOUPS), 2009. [paper]

  • J. Suomalainen, J. Valkonen, and N. Asokan. Security associations in personal networks: A comparative analysis. In European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS), 2007.[paper]

  • E. Uzun, K. Karvonen, and N. Asokan. Usability analysis of secure pairing methods. In Usable Security (USEC), 2007. [paper]