![]() | 1 | initial version |
Alljoyn Pairing Security - we use the ALLJOYN_ECDHE_NULL authentication mechanism to create a encrypted connection between our devices. We choose this option because we do not want the user to have to enter pincodes, or passwords. Instead we use a simple picture pairing protocol to pair devices - the user is asked to select images on both devices. However with anonymous key exchange there is a risk of a 'man in the middle' attack. Therefore we would like to be able to leverage the shared secret in order to select the picture displayed on each device. Do you think it’s acceptable to use Master / Session key like this?\
© 2014 AllSeen Alliance, Inc. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation. AllSeen and AllSeen Alliance are trademarks of the AllSeen Alliance, Inc.
Linux is a registered trademark of Linus Torvalds.
Please see our brand guidelines, trademark guidelines, terms of use and privacy policy.