Secure Device Pairing: A Survey

In this paper, we discuss secure device pairing mechanisms in detail. We explain man-in-the-middle attack problem in unauthenticated Diffie-Hellman key agreement protocols and show how it can be solved by using out-of-band channels in the authentication procedure. We categorize out-of-band channels into three categories of weak, public, and private channels and demonstrate their properties through some familiar scenarios. A wide range of current device pairing mechanisms are studied and their design circumstances, problems, and security issues are explained. We also study group device pairing mechanisms and discuss their application in constructing authenticated group key agreement protocols. We divide the mechanisms into two categories of protocols with and without the trusted leader and show that protocols with trusted leader are more communication and computation efficient. In our study, we considered both insider and outsider adversaries and present protocols that provide secure group device pairing for uncompromised nodes even in presence of corrupted group members.