Current mechanisms for authenticating communication between devices that share no prior context are inconvenient for ordinary users, without the assistance of a trusted authority. We present and analyze Seeing-Is- Believing, a system that utilizes 2D barcodes and cameraphones to implement a visual channel for authentication and demonstrative identication of devices. We apply this visual channel to several problems in computer security, including authenticated key exchange between devices that share no prior context, establishment of a trusted path for conguration of a TCG-compliant computing platform, and secure device conguration in the context of a smart home.
This research was supported in part by National Science Foundation grant number CNS-0433540, U.S. Army Research Ofce contract number DAAD19-02-1-0389, and by gifts from Bosch and Intel. The views and conclusions contained here are those of the authors and should not be interpreted as necessarily representing the ofcial policies or endorsements, either express or implied, of ARO, Bosch, Carnegie Mellon University, Intel, NSF, or the U.S. Government or any of its agencies. devices. Section 5 explains how to use SiB to achieve demonstrative identication of, and secure connection to, a particular wireless device, with establishment of a 1The Trusted Computing Group (TCG) is an organization that promotes open standards to strengthen computing platforms against software-based attacks [2, 3].
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.