Supporting tangible multi-factor key exchange in households
share
A common approach to securing end-to-end connectivity between devices on the Internet is to utilise a cloud-based intermediary. With this reliance upon a third-party comes a set of security and privacy concerns that are difficult to mitigate. A promising new protocol, Wireguard, dispenses with the middleman to provide secure peer-to-peer communication. However, support for initial key exchange falls outside Wireguard's scope, making it potentially vulnerable to insecure out-of-band key exchange. The design of secure and usable key exchange methods is challenging, not least in domestic spaces, as they're often characterised by technically naive users in multi-occupancy environments, making them susceptible to insider and passer-by attacks (i.e.: theft, observation attacks, relay and impersonation attacks). We describe and present the results from a design ideation study that probes the use of tangible, multi-factor approaches for securing key exchange in domestic spaces. The study suggests that a home's semi-fixed features (e.g.: lamps, shelves, chairs) can be instrumented to support a promising three-factor authentication approach ('what you have, what you know and where you are') to enable key exchange solutions that are i. more secure than commonly used naive approaches and ii. desirable for end users.
READ FULL TEXT