Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security in Wireless Networks

Posted by CmdrTaco on from the stuff-to-read dept.

Asmodeus writes "Those boys at Cambridge have done it again. The Resurrecting Duckling (where do they get these names ?) is a description of the security problems in ad-hoc wireless networks with some nifty solutions to the problems." Its a really interesting techie bit actually. Talks about problems with low power, wireless boxes. Its strange to think that in wireless world, for example a denial of service attack could be anything designed to drain your battery.

5 of 58 comments (clear)

  1. Just like my garage door by Christopher+Bibbs · · Score: 3

    Maybe I'm missing something, but the idea of imprinting sounds a lot like what my garage door opener does now.

    I've got one of those rolling code models from Sears where you have to hold the opener to the remote while pushing a button on each. The door can then be opened by the remote which itself can be programmed to handle three different openers. (Maybe you have more garages than I do. *shrug*). Seems to me that it fits the model discussed here a bit.

    Can someone let me know if I've got this or not?

  2. Another great job ... by bain · · Score: 3
    As a Person working for and ISP in South Africa where there is a telecom monolopoly and lines take about 6 months to a year to install ( yes .. thats right ) we have to use wireless often to overide problems from our local telecom... security has never been much of an issues. This is an eye opener.


    thanks to all involved ..


    Bain

    --
    Sanity is a majority vote.
  3. Re:The opposition... by fornix · · Score: 3
    And right now, there's a group of rednecks in Alabama with a dozen bearcat scanners trying to intercept wireless communications.

    Actually, there is a group in Alabama who have developed time modulated ultra wideband chips that promise extraordinary wireless bit rates and nearly perfect security. Check out Time Domain. In addition to wireless LAN, you can use the stuff for pocket sized radar (see through walls!) and GPS to within centimeters! Anyway, I think it looks cool and haven't yet seen a story about it on /. (I submitted it 10 months ago, though)

  4. Sickly ducklings: software tamper seals. by wallace_mark · · Score: 3

    I think the core assumption here is that we can trust some kernel code in the "peanut" device. I suspect that will prove to be a fairly difficult trust to establish.

    The concept of resurected Ducklings however might have broader implications. Indeed, it might serve to solve some of the problems with trusted kernel code.

    Suppose that we create "sickly ducklings" - processes that will die if interfered with. One way to look at hacking is that hacking is an attempt to obtain unexpected responses from a program based on unexpected inputs, and to take advantage of those responses. A fragile duckling, confronted with unexpected input would die - or perhaps enter a more sickly state.
    [Reference to the "DOOM kill process article" elsewhere on slashdot is intentional.]

    If the kernel code is fragile, then any attempt to interact with it by unauthorized entities will kill it. The program can then reinitialize itself, with a new identity. Any subsequent reference to this duckling by an authorized user will reveal the tamper.

    Obviously the code must be small, and must interact in (formally) defined ways - much like a security kernel.

    Combine this with Kerberos style tickets, or better yet Yaksha, and I think this might form the basis of software tamperproof.

    [Yes, a well prepared adversary can kill a lot of ducklings to discover an "addicitve duckling medicine" that will enable him/her to cure the duckling, and manipulate the cured duckling. But I suspect the ease of discovering that medicine is related to key/secret size.

  5. Interesting! by Signal+11 · · Score: 3
    First, I commend the author(s) of this paper for making some very interesting observations and coming up with creative solutions to the problems proposed in their paper.

    There are two additional thoughts I would like to share. First - alot of this should be considered today. Examples include wake-on-LAN and power-management systems as well as laptops. For the first, assume a company has several hundred workstations that use wake-on-lan technology or other power management (maybe wake on modem activity?). Alot of power is consumed while those devices are "awake", so it would seem logical to put them to sleep when not in use (to save money on power). Somebody could simply walk up to a station and start sending out rogue "Wake p!" packets across the network, wasting large amounts of electricity and costing the company hundreds of dollars each day. This is, of course, theoretical.. but it underscores what these guys are talking about - conventional security wisdom isn't applicable in all situations.

    I like the message. It's a wake up (pardon the pun) call for security analysts - consider your requirements! Locking everything down military-style does little good if an attacker can just start turning devices off at will by draining away all their power!

    --