当前位置:
X-MOL 学术
›
Wirel. Commun. Mob. Comput.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Security Analysis of Out-of-Band Device Pairing Protocols: A Survey
Wireless Communications and Mobile Computing Pub Date : 2021-01-30 , DOI: 10.1155/2021/8887472 Sameh Khalfaoui 1, 2 , Jean Leneutre 1 , Arthur Villard 2 , Jingxuan Ma 2 , Pascal Urien 1
Wireless Communications and Mobile Computing Pub Date : 2021-01-30 , DOI: 10.1155/2021/8887472 Sameh Khalfaoui 1, 2 , Jean Leneutre 1 , Arthur Villard 2 , Jingxuan Ma 2 , Pascal Urien 1
Affiliation
Numerous secure device pairing (SDP) protocols have been proposed to establish a secure communication between unidentified IoT devices that have no preshared security parameters due to the scalability requirements imposed by the ubiquitous nature of the IoT devices. In order to provide the most user-friendly IoT services, the usability assessment has become the main requirement. Thus, the complete security analysis has been replaced by a sketch of a proof to partially validate the robustness of the proposal. The few existing formal or computational security verifications on the SDP schemes have been conducted based on the assessment of a wide variety of uniquely defined security properties. Therefore, the security comparison between these protocols is not feasible and there is a lack of a unified security analysis framework to assess these pairing techniques. In this paper, we survey a selection of secure device pairing proposals that have been formally or computationally verified. We present a systematic description of the protocol assumptions, the adopted verification model, and an assessment of the verification results. In addition, we normalize the used taxonomy in order to enhance the understanding of these security validations. Furthermore, we refine the adversary capabilities on the out-of-band channel by redefining the replay capability and by introducing a new notion of delay that is dependent on the protocol structure that is more adequate for the ad hoc pairing context. Also, we propose a classification of a number of out-of-band channels based on their security properties and under our refined adversary model. Our work motivates the future SDP protocol designer to conduct a formal or a computational security assessment to allow the comparability between these pairing techniques. Furthermore, it provides a realistic abstraction of the adversary capabilities on the out-of-band channel which improves the modeling of their security characteristics in the protocol verification tools.
中文翻译:
带外设备配对协议的安全性分析:一项调查
已经提出了许多安全设备配对(SDP)协议,以在由于IoT设备的普遍性所施加的可扩展性要求而没有预共享安全参数的未识别IoT设备之间建立安全通信。为了提供最用户友好的物联网服务,可用性评估已成为主要要求。因此,完整的安全性分析已被证明的草图取代,以部分验证提案的可靠性。基于对各种唯一定义的安全属性的评估,已经进行了一些有关SDP方案的现有形式或计算安全性验证。因此,这些协议之间的安全性比较不可行,并且缺乏用于评估这些配对技术的统一安全性分析框架。在本文中,我们调查了经过正式或计算验证的安全设备配对建议的选择。我们对协议假设,采用的验证模型以及验证结果的评估进行了系统的描述。此外,我们对使用的分类法进行了规范化,以增强对这些安全性验证的理解。此外,我们通过重新定义重播功能并通过引入新的延迟概念来完善带外通道上的攻击者能力,该延迟概念取决于协议结构,该协议更适合于即席配对上下文。也,我们建议根据其安全属性并在经过改进的对手模型下对许多带外通道进行分类。我们的工作激励着未来的SDP协议设计者进行正式或计算安全性评估,以使这些配对技术之间具有可比性。此外,它在带外通道上提供了对敌人功能的现实抽象,从而改善了协议验证工具中其安全特性的建模。
更新日期:2021-01-31
中文翻译:
带外设备配对协议的安全性分析:一项调查
已经提出了许多安全设备配对(SDP)协议,以在由于IoT设备的普遍性所施加的可扩展性要求而没有预共享安全参数的未识别IoT设备之间建立安全通信。为了提供最用户友好的物联网服务,可用性评估已成为主要要求。因此,完整的安全性分析已被证明的草图取代,以部分验证提案的可靠性。基于对各种唯一定义的安全属性的评估,已经进行了一些有关SDP方案的现有形式或计算安全性验证。因此,这些协议之间的安全性比较不可行,并且缺乏用于评估这些配对技术的统一安全性分析框架。在本文中,我们调查了经过正式或计算验证的安全设备配对建议的选择。我们对协议假设,采用的验证模型以及验证结果的评估进行了系统的描述。此外,我们对使用的分类法进行了规范化,以增强对这些安全性验证的理解。此外,我们通过重新定义重播功能并通过引入新的延迟概念来完善带外通道上的攻击者能力,该延迟概念取决于协议结构,该协议更适合于即席配对上下文。也,我们建议根据其安全属性并在经过改进的对手模型下对许多带外通道进行分类。我们的工作激励着未来的SDP协议设计者进行正式或计算安全性评估,以使这些配对技术之间具有可比性。此外,它在带外通道上提供了对敌人功能的现实抽象,从而改善了协议验证工具中其安全特性的建模。
京公网安备 11010802027423号