Secure Association for the Internet of Things.

Existing standards (ZigBee and Bluetooth Low Energy) for networked low-power wireless devices do not support secure association (or pairing) of new devices into a network: their association process is vulnerable to man-in-the-middle attacks. This paper addresses three essential aspects in attaining secure association for such devices.First, we define a user-interface primitive, oblivious comparison, that allows users to approve authentic associations and abort compromised ones. This distills and generalizes several existing approve/abort mechanisms, and moreover we experimentally show that OC can be implemented using very little hardware: one LED and one switch.Second, we provide a new Message Recognition Protocol (MRP) that allows devices associated using oblivious comparison to exchange authenticated messages without the use of publickey cryptography (which exceeds the capabilities of many IoT devices). This protocol improves upon previously proposed MRPs in several respects.Third, we propose a robust definition of security for MRPs that is based on universal composability, and show that our MRP protocol satisfies this definition.