[cap-talk] A new approach to wireless security
Karp, Alan H
alan.karp at hp.com
Thu Feb 23 11:22:42 PST 2012
I just attended a talk titled "Cutting Across Layers: A New Approach to Wireless Interference and Security" by Shyamnath Gollakota of MIT that shows how to use wireless interference to both improve throughput and security. On the security front, he showed two examples. First, he showed how to protect data sent from an unmodified medical implant from eavesdroppers. The idea is for the patient to wear a reader that can send the data to the doctor over 3G. The reader transmits a random signal, which the reader can subtract out but the eavesdropper cannot. Second, he showed how to use interference to detect a man-in-the-middle attack during device pairing. The approach is too complicated (and I don't understand it well enough) for me to describe here.
The last item may be useful on wired networks. I've long said that you don't need any crypto to know who you're talking to as long as you know who is at the end of a particular wire. MarkM correctly pointed out that is true only if you have guards making sure the wire isn't tapped. It appears that the pairing protocol described in the talk can allow a key exchange that can detect tampering, doing away with the need for the guards as long as you can tolerate denial of service attacks.
Virus Safe Computing Initiative
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
More information about the cap-talk