Arbiter-based Device Pairing Using Unidirectional Out-of-Band Channels

Motivation and Task Description

One of the greatest security challenge for IoT networks is secure pairing. Devices usually have no prior shared knowledge and often there is no central authoritative server that may serve for authentication protocols. Therefore, traditional pairing protocols are vulnerable to Man-in-the-Middle (MitM) attacks in an IoT scenario. Several researchers have proposed using a second so called OoB channel for authentication. For example by using a video camera and a display, devices can validate the pairing process after they paired over an insecure wireless channel. Additionally, many protocols involve human interaction, e.g. reading a Personal Identification Number (PIN) from one device and entering it into the other device .

The major downside of pairing protocols using an OoB channel is that IoT devices have to be equipped with additional technology (e.g. camera and display). This is often either expensive or in some examples with less complex devices reduces usability for inexperienced users. Thus, different methods are still being researched to reduce the complexity of equipment for OoB communication without affecting usability.

In this thesis, the Arbiter-based Pairing (ABP) protocol is presented as a possible solution to this problem. The ABP requires only one device of a network to possess sophisticated interfaces for OoB communication. Other devices of the network only need minimal OoB interfaces. To demonstrate this, an implementation and usability testing is provided as well.