New Software Secures Data when Owners Walk Away 304
Makarand writes "Leave an operating laptop unattended on your desk and your sensitive data
is accessible to anyone who gets hold of it. To limit this risk many users
configure their systems to fall into a "sleep" mode after a period of inactivity
and ask for a password before the system can be awakened. This constant re-authentication
proves to be a headache for many users. Now a Professor and his
graduate student at at the University of Michigan have come up with a system
called
Zero-Interaction Authentication (ZIA),
described in this article in The Age,
to protect data on mobile devices.
The system works by starting to encrypt data
the moment the owner walks away from the system. The owners wear a token with
a encrypted wireless link with the laptop. If the token moves out of range the ZIA
re-encrypts all data within 5 seconds.
If the cryptographic token moves within range the system decrypts the information for the
owner.
The token, which could take many forms, is currently a wristwatch with a processor
running Linux designed by IBM."
Interesting article/research project (Score:5, Insightful)
Sounds like smartcards (Score:3, Insightful)
Re:Sounds like smartcards (Score:2, Insightful)
Re:Sounds like smartcards (Score:2, Insightful)
Re:Would that be the J R R Token (Score:1, Insightful)
Something like that would make more sense than having a tiny computer running in your huge-ass watch. I don't even wear a watch or ring (even when I was married) because I hate the feel. I would rather wear a ring than a giant watch though.
New technology only changes the attack mechanism (Score:3, Insightful)
It's very comprehensive, and it addresses many aspects of the social and technological attacks.
In my mind, the weak link here is clearly the watch. Watch technology isn't very complicated (read: very big), and how many designs could their possibly be? If one knows where the hardware information is located, a system replacement under the face, and you've got some issues. How many people wear watches to bed at night? Or in the shower? Difficult, but possible
A quick couple of replacements, and you have a watch that has a short range transmitter also transmitting the information that you'd need to dissolve the encryption link, and maybe begin a traditional man-in-the-middle attack. Once you see what cards the watch is holding, shouldn't the rest of the exchange be trivial?
While this is a great mechanism for an encryption scheme, what attacks are there against the physical and social component? These are the items of which spy thrillers are made, and will probably (hopefully) never come into play.
All in all, an excellent read from the UMich folk, and they have my applause.
--jaybonci
Re:wouldn't it make more sense (Score:3, Insightful)
Re:wouldn't it make more sense (Score:3, Insightful)
Which is why most users would just leave the dongle next to the PC with the sticky note that has all of their passwords on it.
User's need to be in the habit of locking the workstation when they leave it. A good IT department will audit this (at least for the users that reside in the office... that goes for plain-view passwords, etc) and penalize users who do not (give them a slow POS or something with a ton of dead pixels). Soon, it will be a subconscious task that is performed before the PC is left. Add a hard drive password (laptop only?) or a drive encryption mechanism (like Safeguard [utimaco.com] and the data is more secure than it would be with a dongle.
Re:Is it really so hard? (Score:4, Insightful)
Dongles revisited (Score:4, Insightful)
Great, something else to buy. My fingers are cheaper and I'm not one of the people who has a problem logging in with a password. Why should I fork out cash for this?
The golden rule is broken (Score:2, Insightful)
I was taught that once someone has physical access to a system, it's game over with regards to security.
In other words, the authentication system will only deter, not stop unauthorized access. How about just taking the laptop with you?
Re:wouldn't it make more sense (Score:5, Insightful)
People will carry their key with them if it's required to do everything they want to do away from their desk too.
Sounds like a nice idea. (Score:5, Insightful)
For now I will continue to dream and maybe even write a book entitled "2085" by Ali Orwell.
Still... (Score:2, Insightful)
Re:Use my technique (Score:4, Insightful)
Breaks an important rule (Score:4, Insightful)
Something you have
Something you know
Something you are
Anything that relies on just one of these catagories is going to be significantly easier to break than one the follows the rules. Most commercial security these days is based on something you know (password) and nothing more. Good security systems require all three, biometrics, password, and a physical token. biometrics are suseptible to advanced attacks but thing like thermal imaging for skull structure combined with retinal imaging is pretty close to unbreakable. Passwords are notoriously lacking because passwords strong enough to be secure are difficult for most people to remember so they end up either weak or written down. As for token systems other than smart cards and the IBM watch I have not seen many implementations out there.
Man in the middle attack (Score:5, Insightful)
A possible solution is to generate a second low powered signal from the laptop; this signal would be generated from nothing more than some strongly encrypted hash, and most certainly be an AM signal. The nice thing about strong encryption is that it should be pretty much indistinguishable from random noise, so the this signal would be indistinguishable from background noise.
Then you have the frequency the signal is broadcasted on randomly shuffled based on the current time. The laptop and the token are time-synced (not a problem, most decent cryptographic tokens are time-synced anyway), so the token is always listening on the correct frequency.
At this point you have the correct waveform, although its amplitude will depend on your distance from the device. Every tenth of a second, or something, normalise the signal based on the RMS power, then compare the input signal based on what you compute it should be (you know the secret, so you can also compute the hash).
To fool this system you have to replicate the exact signal as it bounces around frequencies. Since it's bouncing around frequencies you can't just repeat the signal you're recieving on a specific frequency, since that won't matter. Further, for each part of the signal you repeat, you'll be off in intensity by a certain amount based on the frequency you're tuning into relative to the frequency its actually being transmitted at, and unless you can exactly predict the pattern you your error will vary. You can't track the frequency since you'd need to break the encryption. Really, this is nothing more than frequency scrambling that's been used by the military to secure communication for years, used in a slightly different way.
I'm sure there are other ways to solve the problem. So yes, it could be a problem if it wasn't taken into consideration, but it is a solvable problem.
Security-wise, this is still a PASSWORD issue (Score:3, Insightful)
People will still use stupid passwords. GONG!. They'll use the same letter conventions that 99% of the population uses. I guarantee that one guy with a high-end laptop could walk through an office and guess 99% of the passwords within a few minutes. Or maybe they'll guess 1% and get the temp's password. Good enough, access to the internal network is almost always sufficient to own the rest of the network.
There is no technology that will override stupidity.