Key agreement over a radio link
We present a simple, and yet powerful, technique for key establishment over a radio link in peer-to-peer networks. Our approach is based on the Diffie-Hellman key agreement protocol. This protocol is known to be vulnerable to the ``man-in-the-middle" attack if two users involved in the protocol share no authenticated information about each other (e.g., public keys) prior to the protocol execution. In this work, we show how the natural ability of users to authenticate each other by visual and verbal contact can provide a context for secure verification of the integrity of the Diffie-Hellman parameters (e.g., Diffie-Hellman public keys). Having established such a context (e.g., by being in the vicinity of each other), even if they share no authenticated information in advance, the users can run the Diffie-Hellman protocol in a secure way: at the end of the protocol, the users will be able to check whether the Diffie-Hellman public keys they exchanged were tampered with by an attacker. We have devoted much attention to the user-friendliness of our solution: (i) all messages in our protocol are exchanged exclusively over a radio link (neither physical contact nor an infrared link is required between the devices); (ii) the users do not have to enter any passwords. All the users have to do is to compare a short string of usual words displayed on each of their devices. We quantify the trade-off between the size of this string and the level of the provided security. We have implemented our technique in Java. Our system is independent of the underlying operating system and can be run on a variety of personal mobile devices, including those with very limited computing power.