Slashdot Mirror
New Software Secures Data when Owners Walk Away
Makarand writes "Leave an operating laptop unattended on your desk and your sensitive data
is accessible to anyone who gets hold of it. To limit this risk many users
configure their systems to fall into a "sleep" mode after a period of inactivity
and ask for a password before the system can be awakened. This constant re-authentication
proves to be a headache for many users. Now a Professor and his
graduate student at at the University of Michigan have come up with a system
called
Zero-Interaction Authentication (ZIA),
described in this article in The Age,
to protect data on mobile devices.
The system works by starting to encrypt data
the moment the owner walks away from the system. The owners wear a token with
a encrypted wireless link with the laptop. If the token moves out of range the ZIA
re-encrypts all data within 5 seconds.
If the cryptographic token moves within range the system decrypts the information for the
owner.
The token, which could take many forms, is currently a wristwatch with a processor
running Linux designed by IBM."
with the laptop via wireless 802.11b technology featuring the uncrackable WEP technology.
The 21st-century catches up with laziness at last.
would it not be more sensible to make the token a passive device, like one with an RFID
I'm not an expert in encryption, but I have had serveral security related dongles and all of them were a pain in the arse.
it would seem that there are technologies (I've read about) that can return specific information passively when hit with specific radio frequencies. Wouldn't these be more easily used than a powered device like a watch?
Anyone else know more about these technologies?
Software walks away after owner has been secured!
This sounds like a really great idea. What program does the encryption, how fast is it, and what all does it encrypt? Just documents, or the whole system?
Specifically, someone with such a token getting clubbed on the head and stuffed in the office supplies closet, and his token stolen.
what if someone steals the device? The system could add a password, but if someone steals the watch and the laptop makes no difference. Sounds like it just saves lazy people from typing in their login.
this was posted nearly a year ago. interesting, but old news.
But what happens when the neighborhood/college/company bully steals your watch?
If you celebrate Xmas, befriend me (538
Now all I need to do to access some sensitive information is to beat up some pasty-faced grad students!
Sounds like the smartcards to me where you stick it in the slot & it knows your password, domain, etc. Console is locked unless you have the card.
Two roads diverged in a wood, and I - I took the one the bus load of girls just went down.
That you wear on your finger? :^)
Gimme your watch, punk!
Great! Now I'll have a growth on my arm from my ZIA wristwatch to go along with my brain tumor from my cell phone!
To make a pun demonstrates the highest understanding of a language
What about using some kind of biometric data, like key cadence, or a profile of typical mouse movement characteristics (like icon overshoot?) to do it? That way its totally seamless, although one could still do some damage as it would take a few input events to establish the identity.
Sure, its not foolproof, but who wants to wear an identifying token?
http://www.masturbateforpeace.com/
Even if ZIA encryption method ends up being broken by/a hacker(s), you still get some cool jewelry to show off to your friends.
To crack into your system, a thug need only crack your skull, take the watch, and then log on.
For those of us who don't want the Acrobat plugin crashing our browser: Google's handy PDF->HTML cache.
Karma: Excellent (fuck, even in the future moderation doesn't work!)
What happens if you take your watch off and leave it next to the computer? It never encrypts!
Worse yet---what happens if your watch gets stolen? Now you can't get at your data! Better make sure you get the Casio watch option instead of the Breitling. No one would want to steal a Casio POS, so you should be safe.
Yeah, right.
DriveCrypt has options for quick-kill and hotkey unmounting of encrypted volumes, and since this looks like it does the same thing, only better, maybe they could look into making it erase or publish the contents of the encrypted volume after receiving a distress call from the user's pacemaker?
Now _there_ is a deadman switch!
I have a v8 engine block set to fall on my hard disk if I'm away for more than five minutes (3 minute walk to fridge(coke!) and back)!!!
Your security is nothing compared to that!!!!!
You can't judge a book by the way it wears its hair.
My watch battery is dyin$^%*&^@#$SD$#@#XVSDF$%@MDFSCVNL%$#^$*@#)(*&!$@
----End of line.
Soon to be a chip implanted in your hand.
Don't forget the barcode on the forehead!
I'd much rather computers go wearable than implantable...
... when a smartcard-based solution would've probably made it as well for a fraction of the price?
I keep all mission-critical and government-classified information on portable USB Flash DRAM-based storage devices. They're incredibly portable and can be brought to the gym, in the car, to work, back home, swimming, hiking, biking, etc.
To be perfectly honest, I just can't bring myself to respect anyone who would leave a $4,000 laptop with supposedly top-secret information on it sitting out on a cafeteria table or something while they go sit in the bathroom and read the paper.
Just stick with portable USB drives. They're cheap, efficient, fast, and more secure than any fly-by-night research project out there right now.
If you celebrate Xmas, befriend me (538
hmmm....we have a watch, it obviously has some sort of wi-fi networking if it can keep in touch with the computer. How long until someone is assasinated by launching a DoS attack against his watch? It may not kill, but at least cripple as the watch burns its way through the flesh as the poor NIC on it is overloaded.....
This is yet another device created by geeks for geeks. These researchers probably think this is a good idea, but do they really think it is a good idea for most people? How much market analysis was done? How much usability testing? Well, at least they are targeting corporations and large organizations. There might be some money in it down the road.
How to Download YouTube Videos
looks like a risk of interception.
So all the guy/gal in the next cubicle has to do is monitor the IR transmission/receiver and copy your key... or am I missing something?
Can you occassionally change your key?
I don't like this idea, being that these 'products' give your employer a more solid ground to say "It must have been you that deleted the files and crashed the server with the worm you released after we gave you a bad QA assesment." Afterall, it had to be you... your the only one with "The Crypto Key".
How would you prove it otherwise that it wasn't you?
I like my passwords, the ease of changing them increases my frequency of doing so. And for those that change their pwd's to easily remembered terms due to your lack of brain power - Well then you deserve what you get. If you can't remember a password, and have the ability to remember that password as it changes every few days or weeks - then you shouldn't be sitting at a computer to begin with. I constantly change my passwords and use a different password for nearly 30+ things... all password are no less then 11 or 12 highly mixed random characters. And while I am no idiot, I am far from having a photographic memory. So as the old dieters solgan goes... "If I can do it, so can you"
Never try to beat a professional at his own game!
Security for the people too lazy to practice good security habits. Yay. Although I suppose this will make life easier for certain sysadmins...
At any rate, my question is "When will this be used to make smart guns?"
Isn't this just a fancier type of dongle?
More and more laptops/palmtops incorporating a camera as part of the design, so why not use facial recognition to lock the pc.
Short of growing a beard before you get back to the laptop it'd be a cheap workable solution.
Then you don't have to remember/wear some crazy ass security dongle.
When you stand up, hit ctrl+alt+del. When you sit down, type in your password. I had to do it at one company, and now it's just habit. Not exactly a tough thing to do. I think that these guys are trying to solve a non-problem.
...you lose your token?!?
With a combination of a prickly bios password and some sort of hardware lockout?
I had a crackhead friend bring me one of these recently asking if I could make it work. I spent about 10 minutes reading posts about the hardware lockout and figured out it wouldn't happen without him calling dell. It was of questionable origin and he did not want to do that.
He then insisted on leaving it at my house for two fucking weeks insisting that i'm a computer genius and I could figure it out, despite the documention I had read.
Two weeks later he came back accusing me of being too lazy to have a look at it. Isn't that just the way it goes when you're the computer fixit guy?
My watch crashed and I've been on hold for IBM all afternoon
The original is here. At least they waited some weeks before reposting it.
What does it actually encrypt? All sensitive data? I doubt it could do that in 5-6 seconds. Also, how do you decrypt the data if you lose your key? Or what if you fire the employee and don't get the key back? How will you get the data, then? Is there a back door for sysadmins?
Sex - Find It
A token can be easily misplaced, duplicated, or bypassed. A password is NOT a big deal to enter when you sit at your desk. If they're too lazy/clueless to enter a password, they shouldn't be responsible for any secret information.
Use a program like Scramdisk or the commercial version Drivecrypt. Keep all of your critical files on the encrypted partition. When you leave your desk, activate the screenserver with a keystroke.
Unless someone knows your password, you're safe. If they reboot, the encrypted disk is inaccessible.
What's the big deal?
I don't see this as being very practical.
How fast will this encrypt/decrypt data? I probably have well over a gig's worth of 'sensitive' documents and data on my laptop, stored in various directories (and unfortunately the approved OS at work is winblows). Encrypting will not take mere seconds.
More often than not, when I'm not at my desk I'm a few cubicles away working with other co-workers. Sometimes I'm not away from my desk for more than 10-15 seconds. Right now if I suspect I'll be gone from my desk for a while, and it's not in plain view, I'll turn on my screensaver (password locked) with a touch of 2 keys. This system sounds like it will arbitrarilly start encrypting my data as soon as I'm outside a specified range. If I'm away for just 15-20 seconds, this seems very impractical. Not to mention other things, like forgetting the transmitter at home (how many of us have forgotten our work passes at home once or twice?), having the battery die, etc.... On such occasions you'd be totally locked out from accessing your own data.
No thanks, this seems way too impractical for my taste. Move along, there's nothing to see here.
It's better to burn out than to fade away
On the other hand, if it was integrated into something like a PDA, it might work better. My Palm Vx (grayscale) has a pretty damn long battery life; however I rarely use it for as long as I use a PC. Also, the fact that I turn it off when I'm done (or it shuts itself off) surely prolongs the battery life. And my Palm isn't transmitting any signals to my PC, either...
... and I think last time one comment summed it up:
What makes you think users who write passwords on post-it-notes stuck to the monitors aren't going to blue-tack the dongle to the laptop for "ease of (ab)use?"
While I applaud these people for making steps to make it harder to casually get information off of laptop computers, it still does not stop other attacks on such a system. Flooding the laptops area with uniformly strong signal that matches the watch's key would be as difficult as acquire-and-replicate. There seems to be a smart card like system with keys, and key encrypting keys.
It's very comprehensive, and it addresses many aspects of the social and technological attacks.
In my mind, the weak link here is clearly the watch. Watch technology isn't very complicated (read: very big), and how many designs could their possibly be? If one knows where the hardware information is located, a system replacement under the face, and you've got some issues. How many people wear watches to bed at night? Or in the shower? Difficult, but possible
A quick couple of replacements, and you have a watch that has a short range transmitter also transmitting the information that you'd need to dissolve the encryption link, and maybe begin a traditional man-in-the-middle attack. Once you see what cards the watch is holding, shouldn't the rest of the exchange be trivial?
While this is a great mechanism for an encryption scheme, what attacks are there against the physical and social component? These are the items of which spy thrillers are made, and will probably (hopefully) never come into play.
All in all, an excellent read from the UMich folk, and they have my applause.
--jaybonci
Wow! Linux was designed by IBM!
Seriously, this is the most BS sounding "security solution" I've heard of in a while.
It seems like the Prof. is just trying to get some publicity so he can bring in the next grant. I'll be impressed when someone comes up with an elegant, efficient security concept, not something that needs $10k just to work.
The truth is, secure data is now being stored on PDAs and Cell Phones. IMO, these "minimal" or rather specialized devices will need to have integral data security features, but with much less overhead and dedicated hardware.
that's right. problem solved.
The IButton did this more than 3 years ago. Just touch the ring to the blue dot.
And my sunblade just needs me to swipe a card. This is a method that leaves itself open to bigger hacks than the others... listening to the wireless protocol, copying it, and logging in as someone else.
From what I understand, this new system decrypts the cache when you come within a certain distance and re-encrypts when you go past that distance, does this mean that doing the hokey pokey (you put your left foot in...) could lead to a system crash??
Not even close or interested. What WOULD interest me is a touch pad that could read my thumbprint. I walk away it would idle locked, or I could just move my mouse somewhere or hit some key combo. To[re-] authenticate just give it a finger print...
I've personally added keyboards with touch pads for general/quick mouse movements -- after being "forced" to use on a laptop. A mouse _is_ quicker and I'll grab that for heavier mousing.
A fingerprint would also allow me to give the computer 'the finger' if I felt it was needed as well...stress relief and all.
Mod your computer to require a Pass-Key to allow any input or output.
As always, the weakest link will be the user. I can just see some schmuck decide that he's tired of waiting six seconds every time he gets back from the water cooler, and so he leaves the wristwatch next to the laptop at all times.
http://www.nullsoft.com/free/safesex/
:) and for windoze only heh.
for your notes anyway
I can just see it now. Using "TOKEN SNORT" while "TOKEN DRIVING" around the office cubes to pop open your co-workers workstation and send "I'm an idiot messages" To: Staff From: co-worker..
If it's an RF solution probably not very secure. On the other hand an IR emitting badge around the neck of the user could work.
Let me use a ring, then I only lose a finger when someone wants access :~)
Guess what? I got a fever! And the only prescription.. is more cowbell!
Just never put it on a computer!
Man, some people...
"Logic merely enables one to be wrong with authority." - Dr. Who
If the password is received and is correct, the computer stays in public mode. IF the password is incorrect: either
So the laptops locks up until you start to use it and the watch recived a timed ping, or you initiate the send from the laptop.
This system provided user authentication and data security, the two main points of a secure system.
>>The owners wear a token with a encrypted wireless link with the laptop. If the token moves out of range the ZIA re-encrypts all data within 5 seconds.
Why don't 'they' just get it over with already and implant identity chips in our heads? So we don't have to worry about securing our laptops when we walk away to take a restroom break.
And our bosses won't have to worry about tracking how long we've been in the restroom... or when we enter and exit the office.... and the big siblings can track where we drive, where we fly, and where we < insert activity of choice here >.
Why the hell not?
NOT.
Huh?
Great, something else to buy. My fingers are cheaper and I'm not one of the people who has a problem logging in with a password. Why should I fork out cash for this?
Leave an operating laptop unattended on your desk and your sensitive data is accessible to anyone who gets hold of it
I was taught that once someone has physical access to a system, it's game over with regards to security.
In other words, the authentication system will only deter, not stop unauthorized access. How about just taking the laptop with you?
The distinct flushing sound one hears as he backs away from his device is the users 'sensitive' data being stored safely where no man is sure to venture.
Only the men with get this joke..
"Leave an operating laptop unattended on your desk and your sensitive data is accessible to anyone who gets hold of it.", really? shit, since when?
In Soviet Russia the token wears you.
The watch is running Linux; how many possible programs can there be? More than there are particles in the universe...
There are lots of challenge/response identification schemes that run nicely on my old 200 Mhz PII box that would be very hard to crack with current technology, so I would have faith in that part of the system.
It's psychosomatic. You need a lobotomy. I'll get a saw.
Like putting a bell on the cat. "Pat your manager on the back" and then you can rest assured surfing freely knowing that the next time he comes within 15 feet of your desk, a browser window will open maximized pointed to http://java.sun.com.
Or tag the girlfriend and always hide the pr0n!
I wonder: could something like this be used in place of a password?
For example, I sit down at any system in my office: the watch gives the computer my password, and I am logged in to my desktop just by sitting in front of it. Get out of range, and it logs out.
Combine with a 'smart chair' (so the computer knows if someone is actually sitting in front of it) or maybe a fingerprint scanner and you're set.
>>The user can set a longer distance, for instance, for working in an airport lounge
Why would you move further away from your laptop in an airport?
Aren't you supposed to keep your stuff close so to reduce the risk of it being stolen?
Huh?
As much as I enjoy the free publicity, this has been posted on slashdot before.
To correct a serious error that appears in this article and in the nytimes article this was cribbed from: The system was NEVER run on the IBM watch. We mentioned it as a possibility and somehow it was taken as fact.
I welcome the comments on the work, however remember that the world of university research is often more forward looking than the commercial world. That is our job!
Sounds like a nice idea. However we all know that once physical security is compromise the rest is all down hill. On-top of which, a thief that is just after the machine and cares nothing about the data will still take the machine. He doesn't know that you have a proximity sensor (whether it uses encryption or not). What I would like to see is a tool and/or system that has the kind of reliability and name recognition that something like low-jack has. What I mean is something that a crook will look at and walk away because he will recognize that it will be more trouble than it is worth. Even if he is just stealing it for the hardware. Something that he knows he just can't slap in a windows boot disk and format. Because we all know that most laptop thefts are not by criminals that want data. Its the common crook that just wants a buck. Granted what would also bring down those thefts would just be the prices in laptops coming down, the prices on those haven't fallen nearly as close to the same rate as desktops.
:)
For now I will continue to dream and maybe even write a book entitled "2085" by Ali Orwell.
I'd say why not brute force the thing, but here's something easier...Make a device that constantly scans for the signal of a token (there has to be some characteristic fingerprint to the signal). When it finds one, remember the signal and indicate to the user. User then goes and mugs target, takes laptop, uses stored signal. We've shown that man-in-the-middle attacks are do-able for a system like this, so why not keep with what works? If one knows how the system works, and can get a long enough string of interactions between the token and the server, then the key is vaunerable. Maybe this means that you have to tail the guy for a while, but let's be honest - if he's using one of these systems (I don't imagine they come cheap) then there's probably somehting worth stealing on that machine, if that's what you're up to. Make a scanner that tracks the signature of packets, walk around the financial centers of the world, and then the device goes off you know which laptops to take.
On another note, this reminds me of the plan to put RFIDs in the new high-denomination Euro-notes. Something like takes all the effort of guesing who to mug: emit the signal, and anytime you get a response, you know the guys's packing a high-value Eruo-note.
Cue The Sun...
Two words, Windows Key + L. Or Ctrl+Alt+Del, space bar. I use XP, so both work to lock the system just fine for me- truth be told, I have to enter my password to regain access, but this prevents the 'waiting for the computer to fall asleep' syndrome.
off the guy with the table at the street corner downtown?
If I have been able to see further than others, it is because I bought a pair of binoculars.
Anyone who wanted your information that much should be willing to beat up up for it - I feel that this just makes it one step easier to get your information. Anyway, it's not even a new idea.
At least this type of security isn't like that on the recent Computer Associates television commercials...
I would hate to have to lose all my hair, prick my finger, and do retina scans every time I sessioned out.
"This food is problematic."
What if your watch battery dies??
It seems to me that this is a wildly more involved solution than required. If you are going to have a physical key anyway (the super decoder watch) why make it hard for yourself? Just make the code/decode key a physical contact device.
eg. smart card, actual key for actual lock, bar code, whatever. Anything that transmits and receives can be remotely snooped, even remotely tracked, plus you can steal the bloody watch anyway.
If you are going to make somebody steal something, better to make it something cheap. Credit cards and keys are cheap. Linux powered watches? Nuh uh.
Oh, your user is a doofus and will leave the key in the lock?
A) FIRE HIS INCOMPETENT ASS, because he is too stupid to be trusted with your super duper secret data.
B) He is a union thug and you can't fire him. Ok, make the key fall out after use. How hard is that? Moron employee will presumably keep it on a string beside his mittens.
Colin McGinn
http://whatisthematrix.warnerbros.com/
Why not use an encrypted filesystem and store the key in the token?
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
What the hell is up with old Klerck? I haven't seen him post since they stopped him from doing the page-widening posts.
http://www.flyn.org/#id2759285r g/HOWTO/Loopback-Encrypted-Files ystem-HOWTO.html
http://www.tldp.o
currently using pam_mountd to mount a large encrypted file on the loopback device, set up as $HOME, upon login to my laptop. Works for me.
--
Society has traditionally always tried to find scapegoats for its problems. Well, here I am.
The could make a master token for the CEO, one ring to rule them all!
"your sensitive data is accessible to anyone who gets hold of it"
Really? Whoodu thunkit!
...which files to encrypt? On the average heavily used laptop there are documents and other encryptables all over the place. How does this magic software figure out which things to encrypt? If it's done by location (e.g. everything in and under this directory), then that's not good enough.
good security should always be based on at least two of the three from the list
Something you have
Something you know
Something you are
Anything that relies on just one of these catagories is going to be significantly easier to break than one the follows the rules. Most commercial security these days is based on something you know (password) and nothing more. Good security systems require all three, biometrics, password, and a physical token. biometrics are suseptible to advanced attacks but thing like thermal imaging for skull structure combined with retinal imaging is pretty close to unbreakable. Passwords are notoriously lacking because passwords strong enough to be secure are difficult for most people to remember so they end up either weak or written down. As for token systems other than smart cards and the IBM watch I have not seen many implementations out there.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
And a thousand floggings for anyone too lasy to enter a basic passphrase. The hassle of having to enter one often is the best way to make your average moron remember their passphrase.
Maybe so, but how bad you want to keep confidential information secure is proportional to how much money it's going to cost to do so. Most businesses can't even afford(or don't have the need) to upgrade from Windows 98, let alone something like this.
Any potential buyers might want to focus on spending that money where it matters and run your business more effectively.
and michael
http://www.ensuretech.com/products/technology/tech nology.html demonstrated something that looks identical at least 4 years ago at the first Bluetooth conference. It was not research even then.
Several weeks ago the U of Michigan professor doing the ZIA project came to UCLA to talk to us. check out his website here: http://mobility.eecs.umich.edu/
It was a pretty interesting presentation, and he even showed us a demo. They have been testing this at the Umich hospital. The doctors love it because it protects users' medical history (keep in mind there is a $250K penalty for misuse of those medical records.
Either can't be much of an encryption (xor! xor!), or else it's only doing like the boot block on the disk. Like to see them encrypt my lame 10gig drive in my 700mhz laptop in 5 seconds.
Umm, seems common sense to me.
I don't think it encrypts, but IIRC, there are hospitals that use bluetooth for automatic login/logoff when a doctor approaches a terminal, so this is nothing new or revolutionary. It is one of the things bluetooth was originally designed to accomplish.
It's much, much, much harder to get/crack my 15-character quasi-random password by any available means than to just steal a silly token I'm wearing.
OOh, man, gotta love mnemonics. Then you can have insanely long passwords that are impossible to crack by brute force or any intelligent means unless you can try a few petakeys per sec.
Repeal the DMCA!
I guess the hackers of the future will be both hackers and pocket thiefs. The man in the corner selling clocks get a new buisiness.
"you want an www.ibm.com/we/own/joo or a www.bank.com/all/your/base/is/in/my/pocket?"
HTTP/1.1 400
You can roll encryption up in a joint and smoke it!
If you're talking about WindowsXP/2000, you can lockout automatically on a 60 second screensaver or whatever. You can also enable lockout on resume from a suspend. And finally if you just NTFS and a strong name/password, then EFS to encrypt your My Documents (or whever your secret recipes live), someone could physically take the drive out, put it in another machine, and not do much with it. Im sure there are *NIX versions of all of these things too, which, when employed together, can be setup once, and pretty much forgotten about by the end user's standpoint.
I'm Rick James with mod points biatch!
How lazy can u be... I type my password without thinking now.
It was discovered soon after the press release that the "zero interaction authentication" system was vulnerable to a transmission replay attack. This attack may prove fatal to the design; in any case, it should take a few years to get the kinks worked out, so don't expect it on your desktop any time soon.
I hereby place the above post in the public domain.
I hope it's better than the encryption chip built into my new Thinkpad -- which only works in Windows 9.x, which is not only a joke when it comes to security but isn't even available from IBM (Windows XP Home and Pro only). Follow through seems to be lacking in general when it comes to encryption and security.
Really, this is nothing new. People have been using physical tokens for authentication for years (although usually for the added security value). In this case the token is being used to increase convenience, not security direclty (although the end goal being to improve security indirectly), which is what makes it different.
Of course, if you are the kind of person who'd leave your watch next to your laptop when you go to the bathroom, I'd recommend against using this. ;)
Put gun to user's head. Walk him towards the console. Steal everything.
Or better yet just shoot him and steal his watch.
Really stupid idea.
A possible solution is to generate a second low powered signal from the laptop; this signal would be generated from nothing more than some strongly encrypted hash, and most certainly be an AM signal. The nice thing about strong encryption is that it should be pretty much indistinguishable from random noise, so the this signal would be indistinguishable from background noise.
Then you have the frequency the signal is broadcasted on randomly shuffled based on the current time. The laptop and the token are time-synced (not a problem, most decent cryptographic tokens are time-synced anyway), so the token is always listening on the correct frequency.
At this point you have the correct waveform, although its amplitude will depend on your distance from the device. Every tenth of a second, or something, normalise the signal based on the RMS power, then compare the input signal based on what you compute it should be (you know the secret, so you can also compute the hash).
To fool this system you have to replicate the exact signal as it bounces around frequencies. Since it's bouncing around frequencies you can't just repeat the signal you're recieving on a specific frequency, since that won't matter. Further, for each part of the signal you repeat, you'll be off in intensity by a certain amount based on the frequency you're tuning into relative to the frequency its actually being transmitted at, and unless you can exactly predict the pattern you your error will vary. You can't track the frequency since you'd need to break the encryption. Really, this is nothing more than frequency scrambling that's been used by the military to secure communication for years, used in a slightly different way.
I'm sure there are other ways to solve the problem. So yes, it could be a problem if it wasn't taken into consideration, but it is a solvable problem.
As others have already mentioned, unless the article had it all wrong, it seems that you're going about this the hard way. Why not create an encrypting FS driver along the lines of Scramdisk or DriveCrypt that always stores the disk data in encrypted form and only decrypts it upon reading? The token would then simply provide the key, and when it's not present, you simply can't decrypt the data, without requiring a lengthy de/encryption process each time you leave and return? In addition, you could make the driver smart enough to let you encrypt only certain directories, plus you could still keep the cache encryption functionality as it is now.
Upgrades would be quite troublesome with implantable computers..
Don't mean to be a grammar nazi, but... from the don't-lost-your-watch dept
Is that poor grammar, or just hedging their bets? The alternative is to misspell "lose" as "loose," which is definite grammar nazi fodder :)
It all goes downhill from first post
What happens when the decryption key device fails or is lost or stolen?
I'm a netadmin for some not-very-savvy users, and if I couldn't restore access to their data just by resetting their password then they are all in trouble.
This is an issue for a lot of encryption solutions, not just this one. Is there a master key list somewhere than can be used to recover encrypted files or volumes or at least recreate the encryption key device? How long would that take? (This opens another discussion over security of the master list and key-changing and reencryption procedures for lost and stolen tokens.)
And what if the device gets stolen? I have a security token that requires a PIN in conjunction with its security (both the PIN and device are needed for access), but in the case of this article the whole point seems to be to avoid entering a password or PIN.
I think there should be some special facial expression that users have to do as a password.
Hey it might be a silly idea but it would be damned funny to watch.
(Disclaimer: USA Fortune 500 company bias)
Every time I read about encryption and other security technologies I have to wonder how much effort it's all worth. Mainly I compare to physical security of paper, for example.
In most businesses several people have keys to everyone's office. Think IT staff, janitorial staff, security staff, higher levels of management and facility maintenance. In my experience much of the information that might be desired by compromising computer security is readily available to many in paper form on a desk or in a filing cabinet. Okay, the filing cabinet key may not be shared by many.
Briefcases and similar carry-alongs tote a lot of confidential paper.
Encryption always worries me because it seems to easy to accidentally or forgetfully cause the data to be lost forever to everyone including the data 'owner' and his/her management.
The parent post provides some good examples of how some computer security can be used against the 'protected' user.
Well, I've sort of made my point, but I'm too tired to clarify it, so I'll stop here.
I was attending the professor's presentation of his new invention. The first slide read "Mreb-Vagrenpgvba Nhguragvpngvba" until he came on stage. It was exciting, and as soon as he came down to aisle to take questions, his slides read "Gbxra-Yncgbc Vagrenpgvba" ...
New Software Secures Data when Owners Walk Away. Think about it. Isn't something missing here? When I read that title I was seriously skeptical as to the feasability of it. That was...until I read they were using a token as well. Turns out it's not a software-only solution after all. As for me, xlock has never failed me. I activate it with one click on a designated button in gkrellm, and I type my password so fast that it takes a lot shorter than waiting for the CRT to come to live again. Still, I think this solution is a Good Thing. I am going to patent putting wireless authentication technology in a mobile phone and als patent puting it in a PDA and patent putting it in a phone/PDS combo. HAHAHAH!
Please correct me if I got my facts wrong.
That's easily solved. I locked myself out of a Dell laptop I got used a while back. Called Dell the first time, and asked for all the information they could give me to contact the previous owner. Called again and gave them all that info, and they said it was good enough, so I got the unlock code.
* A frequency counter
* A scanner with discriminator output and a transmitter -or- a tranciever
* A recording device
This scheme has about the same amount of security as a proximity card.
No, Beowulf clusters can't imagine in Soviet Russia.
You could always just use a password protected screen saver.... not as hi-tech, but effectively does the same thing... well kinda.
I sure hope they test whether the reply comes within a hundredth of a microsecond or so. Otherwise, one could follow the victim to the restaurant, relay the challenges from his PC to the restaurant, and relay the responses back to the PC, which would then faithfully decrypt.
Rop
At the beginning of the process, the user enters a password on the watch. "That's to make sure an imposter isn't wearing your token," Noble says. Then, each second, the laptop broadcasts a cryptographic request that only the token can correctly answer. This procedure, an exchange of cryptographic numbers, is a standard security measure.
People will still use stupid passwords. GONG!. They'll use the same letter conventions that 99% of the population uses. I guarantee that one guy with a high-end laptop could walk through an office and guess 99% of the passwords within a few minutes. Or maybe they'll guess 1% and get the temp's password. Good enough, access to the internal network is almost always sufficient to own the rest of the network.
There is no technology that will override stupidity.
Somebody must hate that ekrout person to try to make him look like such an idiot.
Why not buy a mouse that recoginses your fingerprint they only cost ~£40 ($60US) or a keyboard that does the same both by Siemens (see http://www.fujitsu-siemens.com/rl/peripherals/keyb oards/kbpcid.html for the keyboard)
This is something I thought of a few months ago. I thought it might let you save electricity also if you had a presence and authentication system as it could make things go into power saving when noones present. Theres tonnes of other things that could be made easier with this presense system. =)
Pixels keep you awake!
Imagine a watch store of those ...
or:
It would probably be classified as a server park.
The fundamental problem with biometrics is that you can't change your keys. You have a set of fingerprints, retinal patterns, DNA sequences that are really pretty damn hard to change.
Biometrics can only work with strong physical security to ensure that the tests aren't being compromised (i.e., someone hacking the device).
To steal your password I have to look over your shoulder, and once done you can change it. To steal your authentication token, I have to pick your pockets, and once done you can get a new one. But I can pull your fingerprints from anything you touch, and you'll have a much, much harder time changing those.
Biometrics are often portrayed as the panacea for authentication, but of the three 'seomthing you X', it's really the weakest. Haven't we learned yet that there's no such thing as a silver bullet?
I remember reading an article about a system like this years ago - running somewhere like ARM's labs in Cambridge. They were using it for desktops rather than laptops, but that is a detail. More importantly, they had hooked a load of other systems up to the ID. It provided the security access to the building - no more fiddling for cards, the door unlocks as you approach. Rather than just blanking off the screen as you waked away from one workstation, as you moved towards another workstation, it moved your "desktop" to that station, so that your work could "follow" you round the building. And, by detecting which room you were in, the phone system could route calls to you wherever you were.
There are a lot of questions (privacy etc) about those other uses, but a system which gives you multiple returns from the single cost of wearing some kind of ID is much more likely to be adopted than a single dongle for a single job.
Consciousness is an illusion caused by an excess of self consciousness.
The ZIA paper does describe a technically nice piece of work, and its specific approach may be novel. But the omission of references to prior work related to user tracking and ubiquitous computing approaches really leaves me wondering whether the authors have done their homework and whether this is really the first time that the method has been published. I think the authors would do well to track down more HCI references on beacons, wearable tags, physical user interfaces, and tracking.
Note that, in terms of hardware, you can fairly easily implement such a system these days with a Bluetooth PDA (which you wear on your person) and a disk encryption card. The range for Bluetooth is perhaps a little far, but tinkering with the Bluetooth dongle and some conductive paint should fix that.
I can just see this becoming a trend once people realize that passive tokens are insecure in general. You'll have one watch for your laptop, another for the office building, one for the car, one for your gun, one for the community swimming pool...
I use an encrypted filesystem (BestCrypt, available from Jetico on my Linux notebook to protect sensitive data. The passphrase is queried during boot, if it is not entered, the notebook is basically a stock Linux notebook.
/tmp is on a RAM disk.
In addition I've put up restrictive packet filters (no inbound traffic) via iptables.
Now if I close the notebook, the lid switch detects this and prompts for a password next time the lid is opened. The notebook will lock up after a number of incorrect entries.
If I leave physical vicinity of the laptop I always close the lid (it has become a habit). If someone steals the notebook while I'm away, they got three tries on my password. After this they have to reboot and will find the encrypted partition unaccessible.
Works for me, and I think it's pretty secure.
I'd take off my watch (like I always do), and then walk away leaving it next to the computer. That'd defeat the purpose pretty quick!
Stalk you so the laptop decrypts when he is near you...
Can you revoke your watch from unlocking the laptop even when you still have the watch, but the laptop is already missing?
http://www.secure-it.com/products/linkit.htm
although Zia is different and more powerful in many ways from this system, the basic idea is there, (when you walk away it secures the laptop.)
In Soviet Russia, Trojan exploits YOU!
What they should do is have transparent encryption on the disk and let the user turn it off with a ctrl-alt-del-like key sequence then use a password when he gets back to turn it back on.
I bet that's out there somewhere.
It's Christmas everyday with BitTorrent.
The Turd Report guy would have won had he kept up with his turd reports instead of taking up karma whoring.
...would be for him to switch to the Democrats. Then his racism would be OK.
What about a watch that periodically samples biometric data from the skin beneath it?
There are wristwatches that sample glucose for monitoring diabetic's blood-sugar level, such as the GlucoWatch.
There are also devices for processing fluids in a microsystem, such as the MEMS's Biochip.
In the near future the wristwatch could eliminate the need for visible user-token authentication, or at least reduce its frequency. This would greatly increasing both the security of the system and its ease of use.
I expect my employer will be handcuffing me to one of these any day now. I work for %&#CARRIER LOST
I can think of a couple of ways to make this type of communications more secure:
1. Equip the laptop with a 'detection' antenna, as it already has. This simply detects that the wearable part of the ZIA is in the area so that it knows to begin the challenge.
2. Use some of that encrypted data that was created when the computer locked up to feed into a random number generator.
3. Send the random number to the authenticating device.
4. Have the authenticating device digitally sign the randomly generated number (like PGP signature) and send it back to the laptop.
5. The laptop checks the signature and either authenticates or locks up untill somebody with the password comes along and physically types in said password.
Turning off the ZIA after a failed logon attempt will protect against repeat attacks, which is a huge part of any cryptanalysis I've ever seen.
...and make it so you can't access your computer unless you have 666 on your forehead or hand?
Eagles may soar, but weasles don't get sucked into jet engines...
Imagine when everyone has a bunch of RFID cards like that. Then you could uniquely identify a person by the combined signature of his cards. Now all Big Brother has to do is to put up scanners in crowded places, feeding results into the TIA database. Welcome to Minority Report.
Any sufficiently advanced libertarian utopia is indistinguishable from government.
excuse the pun. I got a ring from Apache Con that has a JVM built in. It can't do wireless though. The ring has to be touching a connector device to communicate. Wich it doesnt do. I have not figured out how to use this ring yet, and its too big. But it sounds like it could be programmed for similar purposes.
TallGreen CMS hosting
You want a toe? I can get you a toe, believe me. There are ways, Dude. You don't wanna know about it, believe me.
Yeah, but Walter...
Hell, I can get you a toe by 3 o'clock this afternoon...with nail polish.
I Wonder,... If Phreakers Can Get Car Alams Frequencies What is To Stop Them From Getting This one And Cracking The Encryption Pattern (Ok,Ok It's A Little More Complated Then That But Think About It Really...
my token's battery ran out at 2am. I guess i can only get to my stuff after the corner store opens.
A now defunct company, First Access, did "Vicinity Authentication" in 1998. The product used a proprietary RF/IR card and sensor combination. The card could be worn anywhere and the sensor would hook up to RS-232. It was cryptographically secure and worked well. Several untis were sold to German and Australian companies. Unfortunately, First Access' management didn't know what to do with themselves and the company died a slow painful death.
First of all, someone mentioned above that "we all know that most laptop thefts are not by criminals that want data". While I have not seen any statistics one way or another, I think the different components of a laptop are worth more to different people. To a basic consumer, the hardware itself is probably worth more than their vast archive of Britney Spears mp3s (you're not ashamed, are you?). However, from a corporate or government perspective, intellectual property or intelligence is worth orders of magnitude more than the actual hardware cost. The hardware value is going to decrease over time anyway, but information in the wrong hands can put a company out of business or allow other nations to build nuclear weapons that much more readily.
Secondly, it is possible to have tokens with some intelligence (unlike RFID cards) yet don't require an internal power source. There are a number of companies that have developed contactless smart cards that might prove useful for this project:
FARGO
HID Corp.
Inside Contactless
Granted, these products don't have much more range than 10cm and a smart card is not necessarily a form factor that is best for this application, but the technology does exist. It would seem the iPaq and 802.11 connection they use for their research is good enough for proof-of-concept.
Thirdly, for people who have mentioned Scramdisk and DriveCrypt, did you even read the research paper? They aren't worried so much about encrypting the whole filesystem. That's been done before (with the products mentioned, plus CFS and MS's EFS). They're more concerned about the files that may be in the disk cache. Also, it's not the encryption process that's the annoyance for the user, it's the decryption process. Sure, you can easily lock the screen with a swift keystroke. But usually you're required to type your password in every time you want to decrypt. This "token" that they refer to could be considered like an agent in the ssh world, or doing a kinit in the Kerberos world. You authenticate to the token once, then it does the strong authentication for the decryption for you for a fixed period of time.
Oh, and the lost token concern? That's what key escrow is for and could potentially be considered outside the scope of this research. If data recovery is a concern, organizations can store a backup of the key (securily of course!) that can be used to decrypt the data without requiring the token (i.e. pull the drive and read the data with speciallized software). Key escrow is common practice at many organizations. However, an escrowed encryption key should NOT be used for data signing as non-repudiation becomes much more difficult to prove. Besides, the authentication method and encryption method should be sufficiently separated so that in the event that one of the keys is compromised, the other component is not affected.
Sounds like just the thing for a professional paranoid, such as myself. Now no one will be able to view my pr0n.
This space intentionally left blank.
Feel free to contact me (flames about my english and the useless of this /dev/null, oh no, it's full...).
driver will be redirected to
-- Michael Beck, describing the PC-speaker sound device
- this post brought to you by the Automated Last Post Generator...