When devices communicate with each other wirelessly or over the air (OTA), unauthorized devices may be able to receive or intercept those OTA communications. However, to prevent unauthorized devices from being able to use any intercepted communications, the authorized devices may encrypt those communications. This encryption process may involve one or more shared secrets. A shared secret is data that is known to the authorized devices only, and not known to the unauthorized devices.
For instance, if a headset and a smart phone both support the wireless protocols known by the trademark “BLUETOOTH,” those devices may use a so-called “pairing” process to create shared secret keys, and those keys may then be used as part of the encryption process for the data that is subsequently communicated OTA between the phone and the headset. More information about Bluetooth (BT) may be found in the Bluetooth Specification Version 4.2 from Dec. 2, 2014 (the BT Spec). A related set of technologies is known by the name or trademark BLUETOOTH LOW ENERGY. Bluetooth Low Energy may also be referred to as Bluetooth LE (BLE) or Bluetooth Smart.
In one conventional implementation, the manufacturer of a headset may assign a static personal identification number (PIN) to the headset. To pair the headset with a phone, the user may be required to enter the PIN of the headset into the phone. This approach may be referred to as static-PIN-based pairing. Alternative approaches may involve different kinds of devices. In addition, alternative approaches may require the user to enter other kinds of PINs or identifiers to verify that the user wants specific devices to be paired with each other. Those approaches may require the user to enter a particular identifier during the pairing process in order to discourage or defeat so called “man in the middle” (MITM) attacks.
Other approaches may not provide any protection against MITM attacks. For instance, in the BT association model known as “Just Works,” the devices complete the pairing process without exchanging or verifying any PINs.
The present disclosure describes an approach to pairing that may discourage or defeat MITM attacks without requiring the user to enter any alphanumeric identifiers. As described in greater detail below, this approach may use a nonce that is conveyed from a first device to a second device via a human body communication conduit (e.g., via human touch) during the pairing process. This nonce may be referred to as a human body nonce. The devices may use such human body nonces to achieve mutual authentication and to establish a secure communication connection. A device or collection of devices which utilize this approach may be referred to a human body nonce system.