Security vs Ease Of Use

Despite all this progress in technology and paying so much attention to ease of use, there are always difficult choices. Such prime example is the process called device provisioning. Say we have a new smart lamp that we want to bring into the smart home network and associate with switches and occupancy sensors.

For the devices (switches / censors / lamps) to communicate securely, they must know a shared secret, which usually is a key they use to encrypt and decrypt wireless messages. So how do we get the key to the device in a first place, before it has any key? Chicken and egg problem? Not really, it has been solved by Whitfield Diffie and Martin Hellman 40 years ago. The solution is called Diffie-Hellman Key Exchange and allows two parties agree on a shared secret while talking over an insecure channel. There is a great presentation explaining the problem (and solution) on YouTube: https://youtu.be/YEBfamv-_do.

There is however one type of attack the D-H is susceptible to. The active man-in-the-middle (MITM) attack.

Imagine I bought a smart door lock to secure my apartment against my evil neighbor. Unfortunately he spotted me carrying the door lock and has set up an infrastructure to hijack my security keys. I use my smartphone to give the keys to the door lock. To prevent them being sniffed the smart phone application uses D-H, so nobody can hear the key even if they listen. Unfortunately the app is not aware it is giving the keys to the neighbor...

This is because when initiating the D-H exchange over a wireless protocol, I could not verify I was talking to a fake key sniffing door lock instead of the real one. So I gave the keys to the rouge lock (set up by my evil neighbor).

There is one method to protect against the MITM. Authentication. Making sure I am talking to the thing I think I am talking to. There has to be a second secret on my door lock, that my neighbor does not know. Such as a PIN code or a sequence of characters. There is an algorithm called J-PAKE gaining popularity in the IoT world. Unfortunately it complicates the ease of use. Manufacturers have to start burning unique codes into their devices and users have to start punching them in. Longer term NFC seems to be the way to go (having to physically touch a phone to the device), but as of today this is a no-go, because iPhones do not have NFC (actually they do, but Apple does not allow using NFC in Apps).

So would you accept the risk of an extremely short window for a MITM attack for not having to deal with the codes? Personally I think I would, but there are many who probably wouldn't.