General discussions concerning capability systems ()

Karp, Alan H | 23 Feb 2012 20:22

A new approach to wireless security

I just attended a talk titled "Cutting Across Layers: A New Approach to Wireless Interference and
Security" by Shyamnath Gollakota of MIT that shows how to use wireless interference to both improve
throughput and security.  On the security front, he showed two examples.  First, he showed how to protect
data sent from an unmodified medical implant from eavesdroppers.  The idea is for the patient to wear a
reader that can send the data to the doctor over 3G.  The reader transmits a random signal, which the reader
can subtract out but the eavesdropper cannot.  Second, he showed how to use interference to detect a
man-in-the-middle attack during device pairing.  The approach is too complicated (and I don't
understand it well enough) for me to describe here.

The last item may be useful on wired networks.  I've long said that you don't need any crypto to know who you're
talking to as long as you know who is at the end of a particular wire.  MarkM correctly pointed out that is true
only if you have guards making sure the wire isn't tapped.  It appears that the pairing protocol described
in the talk can allow a key exchange that can detect tampering, doing away with the need for the guards as
long as you can tolerate denial of service attacks.

________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp

headers

Mark Miller | 23 Feb 2012 21:40

Re: A new approach to wireless security

On Thu, Feb 23, 2012 at 11:22 AM, Karp, Alan H <alan.karp <at> hp.com> wrote:

I just attended a talk titled "Cutting Across Layers: A New Approach to Wireless Interference and Security" by Shyamnath Gollakota of MIT that shows how to use wireless interference to both improve throughput and security. On the security front, he showed two examples. First, he showed how to protect data sent from an unmodified medical implant from eavesdroppers. The idea is for the patient to wear a reader that can send the data to the doctor over 3G. The reader transmits a random signal, which the reader can subtract out but the eavesdropper cannot. Second, he showed how to use interference to detect a man-in-the-middle attack during device pairing. The approach is too complicated (and I don't understand it well enough) for me to describe here.

The last item may be useful on wired networks. I've long said that you don't need any crypto to know who you're talking to as long as you know who is at the end of a particular wire. MarkM correctly pointed out that is true only if you have guards making sure the wire isn't tapped. It appears that the pairing protocol described in the talk can allow a key exchange that can detect tampering, doing away with the need for the guards as long as you can tolerate denial of service attacks.

This seems unlikely to me. Is there a link where we can read more?

________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp

_______________________________________________
cap-talk mailing list
cap-talk-r2jiIPW7MOYEUp5O9OQuKg@public.gmane.org
http://www.eros-os.org/mailman/listinfo/cap-talk

--
Text by me above is hereby placed in the public domain

Cheers,
--MarkM

_______________________________________________
cap-talk mailing list
cap-talk@...
http://www.eros-os.org/mailman/listinfo/cap-talk

headers

Karp, Alan H | 23 Feb 2012 23:42

Re: A new approach to wireless security

MarkM asked if there was a link for reading more. He’s in a better position to google for it than I am.

________________________

Alan Karp

Principal Scientist

Virus Safe Computing Initiative

Hewlett-Packard Laboratories

1501 Page Mill Road

Palo Alto, CA 94304

(650) 857-3967, fax (650) 857-7029

http://www.hpl.hp.com/personal/Alan_Karp

_______________________________________________
cap-talk mailing list
cap-talk@...
http://www.eros-os.org/mailman/listinfo/cap-talk

headers

Mark Miller | 24 Feb 2012 00:03

Re: A new approach to wireless security

The top hit was <http://comments.gmane.org/gmane.comp.capabilities.general/13648> ;).

Is <http://people.csail.mit.edu/gshyam/Papers/IMDShield.pdf> it?

On Thu, Feb 23, 2012 at 11:22 AM, Karp, Alan H <alan.karp <at> hp.com> wrote:

I just attended a talk titled "Cutting Across Layers: A New Approach to Wireless Interference and Security" by Shyamnath Gollakota of MIT that shows how to use wireless interference to both improve throughput and security. On the security front, he showed two examples. First, he showed how to protect data sent from an unmodified medical implant from eavesdroppers. The idea is for the patient to wear a reader that can send the data to the doctor over 3G. The reader transmits a random signal, which the reader can subtract out but the eavesdropper cannot. Second, he showed how to use interference to detect a man-in-the-middle attack during device pairing. The approach is too complicated (and I don't understand it well enough) for me to describe here.

The last item may be useful on wired networks. I've long said that you don't need any crypto to know who you're talking to as long as you know who is at the end of a particular wire. MarkM correctly pointed out that is true only if you have guards making sure the wire isn't tapped. It appears that the pairing protocol described in the talk can allow a key exchange that can detect tampering, doing away with the need for the guards as long as you can tolerate denial of service attacks.

________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp

_______________________________________________
cap-talk mailing list
cap-talk-r2jiIPW7MOYEUp5O9OQuKg@public.gmane.org
http://www.eros-os.org/mailman/listinfo/cap-talk

--
Text by me above is hereby placed in the public domain

Cheers,
--MarkM

_______________________________________________
cap-talk mailing list
cap-talk@...
http://www.eros-os.org/mailman/listinfo/cap-talk

headers

Karp, Alan H | 24 Feb 2012 00:07

Re: A new approach to wireless security

That’s the medical device paper. The pairing paper, the one I think is relevant to the wire, is http://people.csail.mit.edu/gshyam/Papers/TEP.pdf.

________________________

Alan Karp

Principal Scientist

Virus Safe Computing Initiative

Hewlett-Packard Laboratories

1501 Page Mill Road

Palo Alto, CA 94304

(650) 857-3967, fax (650) 857-7029

http://www.hpl.hp.com/personal/Alan_Karp

From: cap-talk-bounces-r2jiIPW7MOYEUp5O9OQuKg@public.gmane.org [mailto:cap-talk-bounces-r2jiIPW7MOYEUp5O9OQuKg@public.gmane.org] On Behalf Of Mark Miller
Sent: Thursday, February 23, 2012 3:04 PM
To: General discussions concerning capability systems.
Subject: Re: [cap-talk] A new approach to wireless security

The top hit was <http://comments.gmane.org/gmane.comp.capabilities.general/13648> ;).

Is <http://people.csail.mit.edu/gshyam/Papers/IMDShield.pdf> it?

On Thu, Feb 23, 2012 at 11:22 AM, Karp, Alan H <alan.karp-VXdhtT5mjnY@public.gmane.org> wrote:

I just attended a talk titled "Cutting Across Layers: A New Approach to Wireless Interference and Security" by Shyamnath Gollakota of MIT that shows how to use wireless interference to both improve throughput and security. On the security front, he showed two examples. First, he showed how to protect data sent from an unmodified medical implant from eavesdroppers. The idea is for the patient to wear a reader that can send the data to the doctor over 3G. The reader transmits a random signal, which the reader can subtract out but the eavesdropper cannot. Second, he showed how to use interference to detect a man-in-the-middle attack during device pairing. The approach is too complicated (and I don't understand it well enough) for me to describe here.

The last item may be useful on wired networks. I've long said that you don't need any crypto to know who you're talking to as long as you know who is at the end of a particular wire. MarkM correctly pointed out that is true only if you have guards making sure the wire isn't tapped. It appears that the pairing protocol described in the talk can allow a key exchange that can detect tampering, doing away with the need for the guards as long as you can tolerate denial of service attacks.

________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp

_______________________________________________
cap-talk mailing list
cap-talk-r2jiIPW7MOYEUp5O9OQuKg@public.gmane.org
http://www.eros-os.org/mailman/listinfo/cap-talk

--
Text by me above is hereby placed in the public domain

Cheers,
--MarkM

_______________________________________________
cap-talk mailing list
cap-talk@...
http://www.eros-os.org/mailman/listinfo/cap-talk