Coincidentally, a week later, at the 20th Usenix Security Symposium, MIT researchers presented the first security scheme that can automatically create connections between wireless devices and still defend against MITM attacks. Previously, thwarting the attacks required password protection or some additional communication mechanism, such as an infrared transmitter.
Showcasing novel ways to breach security is something of a tradition at Def Con. In previous years, MITM attacks had been launched against attendees' Wi-Fi devices; indeed, the MIT researchers demonstrated the effectiveness of their new scheme on a Wi-Fi network. But in principle, MITM attacks can target any type of wireless connection, not only between devices (phones or laptops) and base stations (cell towers or Wi-Fi routers), but also between a phone and a wireless headset, a medical implant and a wrist-mounted monitor, or a computer and a wireless speaker system.
Key change
Ordinarily, when two wireless devices establish a secure connection, they swap cryptographic keys -- the unique codes they use to encrypt their transmissions. In an MITM attack, the attacker tries to broadcast his own key at the exact moment that the key swap takes place. If he's successful, one or both of the devices will mistake him for the other, and he will be able to intercept their transmissions.
Password protection can thwart MITM attacks, assuming the attacker doesn't know the password. But that's not always a safe assumption. At a hotel or airport that offers Wi-Fi, for instance, all authorized users are generally given the same password, which means that any one of them could launch an MITM attack against the others. Moreover, many casual computer users find it so complicated to set up home Wi-Fi networks that they don't bother to protect them; when they do, they often select passwords that are too simple to provide much security. That's led to the marketing of Wi-Fi transmitters with push-button configuration: To establish a secure link, you simply push a button on top of the transmitter and a corresponding button (or virtual button) on your wireless device. But such systems remain vulnerable to MITM attacks.
"None of these solutions are quite satisfactory," says Nickolai Zeldovich, the Douglas Ross (1954) Career Development Assistant Professor of Software Technology, who developed the new security scheme together with Dina Katabi, the Class of 1947 Career Development Associate Professor of Computer Science and Engineering, as well as postdoc Nabeel Ahmed and graduate student Shyam Gollakota, all of MIT's Department of Electrical Engineering and Computer Science. "The cool thing about this work is that it takes some insight from somewhat of a different field, from wireless communication -- actually, fairly low-level details about what can happen in terms of wireless signals -- and observes that, hey, if you assume some of these properties about wireless networks, you can actually get stronger guarantees."
More @ bit.ly/qfshwd
No comments:
Post a Comment