12 Citations (Scopus)
271 Downloads (Pure)


Secure bootstrapping is the process by which a device gets the necessary configuration information and security credentials to become operational. In many pervasive computing and Internet-of-Things scenarios, it is often not possible to rely on the existence of a trusted third party or other network infrastructure for bootstrapping. Therefore, several device bootstrapping protocols rely on an out-of-band (OOB) channel for initial device authentication and configuration. We begin this paper by understanding the need for OOB channels and performing a literature survey of existing standards and devices that rely on OOB channels. We then look at one candidate bootstrapping protocol: Nimble out-of-band authentication for EAP (EAP-NOOB). We provide a brief overview of the EAP-NOOB protocol and describe its unique OOB channel requirements. Thereafter, we implement three OOB channels for EAP-NOOB using near-field communication, quick response codes, and sound. Using our implementation, we evaluate the usability, security, benefits, and limitations of each of the OOB channels.
Original languageEnglish
Article number18
JournalSN Computer Science
Issue number1
Publication statusPublished - Jan 2020
MoE publication typeA1 Journal article-refereed


Dive into the research topics of 'Evaluation of Out-of-Band Channels for IoT Security'. Together they form a unique fingerprint.

Cite this