Paper 2009/013

Comparison-Based Key Exchange and the Security of the Numeric Comparison Mode in Bluetooth v2.1

Yehuda Lindell

Abstract

In this paper we study key exchange protocols in a model where the key exchange takes place between devices with limited displays that can be compared by a human user. If the devices display the same value then the human user is convinced that the key exchange terminated successfully and securely, and if they do not then the user knows that it came under attack. The main result of this paper is a rigorous proof that the numeric comparison mode for device pairing in Bluetooth version 2.1 is secure, under appropriate assumptions regarding the cryptographic functions used. Our proof is in the standard model and in particular does not model any of the functions as random oracles. In order to prove our main result, we present formal definitions for key exchange in this model and show our definition to be equivalent to a simpler definition. This is a useful result of independent interest that facilitates an easier security analysis of protocols in this model.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. An extended abstract will appear in CT-RSA 2009; this is the full version.
Keywords
key exchangenumeric comparisonBluetooth
Contact author(s)
lindell @ cs biu ac il
History
2009-01-12: received
Short URL
https://ia.cr/2009/013
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/013,
      author = {Yehuda Lindell},
      title = {Comparison-Based Key Exchange and the Security of the Numeric Comparison Mode in Bluetooth v2.1},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/013},
      year = {2009},
      url = {https://eprint.iacr.org/2009/013}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.