Skip to main content
SpringerLink
Log in

Low-Cost Manufacturing, Usability, and Security: An Analysis of Bluetooth Simple Pairing and Wi-Fi Protected Setup

  • Conference paper
Financial Cryptography and Data Security (FC 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4886))

Included in the following conference series:

Abstract

Bluetooth Simple Pairing and Wi-Fi Protected Setup specify mechanisms for exchanging authentication credentials in wireless networks. Both Simple Pairing and Protected Setup support multiple setup mechanisms, which increases security risks and hurts the user experience. To improve the security and usability of these specifications, we suggest defining a common baseline for hardware features and a consistent, interoperable user experience across devices.

The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-3-540-77366-5_37

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bluetooth SIG: Authorities raid Chinese factory suspected of infringing on Bluetooth SIG registered trademarks (September 2006), http://www.bluetooth.com/Bluetooth/Press/SIG/AUTHORITIES_RAID_CHINESE_FACTORY_SUSPECTED_OF_INFRINGING_ON_BLUETOOTH_SIG_REGISTERED_TRADEMARKS.htm

  2. In-Stat: Year over year Wi-Fi chipset sales. Personal Communication, Kelly Davis-Felner (October 2006)

    Google Scholar 

  3. Linsky, J., Bourk, T., Findikli, A., Hulvey, R., Ding, S., Heydon, R., Singer, S., Kingston, S., Wenham, S., Suvak, D., Edlund, M., Chen, P., Aissi, S., Hauser, P., Benaloh, J., Yuval, G., Yacobi, Y., Lafky, J., Simon, D., Roberts, D., Stanwyck, D., Lauter, K., Muchnik, G., Kerai, K., Nyberg, K., Asokan, N., Lobo, N., Ginzboorg, P., Everaere, D., Meindl, R., Bertoni, G., Reuveni, E., Shimojo, Y.: Simple Pairing Whitepaper, revision v10r00 (August 2006), http://www.bluetooth.com/NR/rdonlyres/0A0B3F36-D15F-4470-85A6-F2CCFA26F70F/0/SimplePairing_WP_V10r00.pdf

  4. Lortz, V., Roberts, D., Erdmann, B., Dawidowsky, F., Hayes, K., Yee, J.C., Ishidoshiro, T.: Wi-Fi Simple Config Specification, version 1.0a (February 2006)

    Google Scholar 

  5. Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: National Institute of Standards and Technology (NIST) Special Publication 800-57 (Draft): Recommendation for Key Management - Part 1 General (Revised) (May 2006)

    Google Scholar 

  6. Balfanz, D., Smetters, D., Stewart, P., Wong, H.C.: Talking to Strangers: Authentication in ad-hoc wireless networks. In: NDSS 2002. Proceedings of the Symposium on Network and Distributed Systems Security, San Diego, CA, Internet Society (February 2002)

    Google Scholar 

  7. McCune, J.M., Perrig, A., Reiter, M.K.: Seeing-is-believing: Using camera phones for human-verifiable authentication. In: Proceedings of the IEEE Symposium on Security and Privacy (2005)

    Google Scholar 

  8. IEEE: IEEE 802.15.1-2005 – IEEE Standard for Information Technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific Requirements. Part 15.1: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Wireless Personal Networks (WPANs(tm)) (2005)

    Google Scholar 

  9. IEEE: IEEE 802.11-1999 – IEEE Standard for Information Technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific Requirements. Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications (2003)

    Google Scholar 

  10. IEEE: IEEE 802.11-1999 – IEEE Standard for Information Technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific Requirements. Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications – Amendment 6: Medium Access Control Security Enhancements (2004)

    Google Scholar 

  11. Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., Levkowetz, H.: RFC 3748: Extensible Authentication Protocol (June 2004)

    Google Scholar 

  12. Suomalainen, J., Valkonen, J., Asokan, N.: Security associations in personal networks: A comparative analysis. Technical report, Nokia Research Center, Technical Report NRC-TR-2007-004 (2007)

    Google Scholar 

  13. Leveson, N.: System Safety Engineering: Back to the Future (2002), http://sunnyday.mit.edu/book2.pdf

  14. Nyberg, K.: Connect Now to MitM. In: Presentation at Crypto 2006 Rump Session (August 2006)

    Google Scholar 

  15. Jakobsson, M., Wetzel, S.: Security weaknesses in Bluetooth. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 176–191. Springer, Heidelberg (2001)

    Google Scholar 

  16. Whitehouse, O.: Presentation at RUXCON (2004), http://www.ruxcon.org.au/files/2004/12-ollie_whitehouse.pdf

  17. Shaked, Y., Wool, A.: Cracking the Bluetooth PIN. In: MobiSys. The Third International Conference on Mobile Systems, Applications, and Services, pp. 39–50 (June 2005)

    Google Scholar 

  18. Uzun, E., Karvonen, K., Asokan, N.: Usability analysis of secure pairing methods. In: Dietrich, S., Dhamija, R., (eds.) FC 2007 and USEC 2007. LNCS, vol. 4886, pp. 307–324. Springer, Heidelberg (2007)

    Google Scholar 

  19. Newman, R., Gavette, S., Yonge, L., Anderson, R.: Protecting domestic power-line communications. In: SOUPS. Symposium On Usable Privacy and Security (July 2006)

    Google Scholar 

  20. Stajano, F., Anderson, R.: The Resurrecting Duckling: Security issues for ad-hoc wireless networks. In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M. (eds.) Security Protocols. LNCS, vol. 1796, pp. 172–194. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  21. Balfanz, D., Durfee, G., Grinter, R.E., Smetters, D.K., Stewart, P.: Network-in-a-Box: How to set up a secure wireless network in under a minute. In: USENIX. Proceedings of the 13th USENIX Security Symposium (August 2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Carnegie Mellon University, USA

    Cynthia Kuo & Adrian Perrig

  2. Intel Corporation, USA

    Jesse Walker

Authors
  1. Cynthia Kuo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jesse Walker
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Adrian Perrig
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Software Engineering Institute, Carnegie Mellon University, 4500 Fifth Avenue, 15213, Pittsburgh, PA, USA

    Sven Dietrich

  2. CRCS DEAS, Harvard University, Maxwell Dworkin 110, 33 Oxford Street, 02138, Cambridge, MA, USA

    Rachna Dhamija

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kuo, C., Walker, J., Perrig, A. (2007). Low-Cost Manufacturing, Usability, and Security: An Analysis of Bluetooth Simple Pairing and Wi-Fi Protected Setup. In: Dietrich, S., Dhamija, R. (eds) Financial Cryptography and Data Security. FC 2007. Lecture Notes in Computer Science, vol 4886. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77366-5_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77366-5_30

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77365-8

  • Online ISBN: 978-3-540-77366-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation