Man in the Middle Attack? Not So Fast

Monday, August 22, 2011 @ 07:08 PM gHale

When it comes to wireless, a man-in-the-middle (MITM) attack is simply where the attacker interposes himself between two other wireless devices and is able to hack into a cell phone. That was the case at Def Con earlier this month where cell phones suffered an attack.

There is now a security scheme that can automatically create connections between wireless devices and still defend against MITM attacks. Fighting off the attacks required password protection or some additional communication mechanism, such as an infrared transmitter. But not anymore, said researchers at MIT.

RELATED STORIES
Encryption Standard Can be Beat
SCADA Hacking via Search Engines
Worst to First: Securing Best Practices
Web Sites to Find if You’re a Target

In reality MITM attacks can target any type of wireless connection, not only between devices (phones or laptops) and base stations (cell towers or Wi-Fi routers), but also between a phone and a wireless headset, a medical implant and a wrist-mounted monitor, or a computer and a wireless speaker system.

Ordinarily, when two wireless devices establish a secure connection, they swap cryptographic keys — the unique codes they use to encrypt their transmissions. In an MITM attack, the attacker tries to broadcast his own key at the exact moment the key swap takes place. If he’s successful, one or both of the devices will mistake him for the other, and he will be able to intercept their transmissions.

Password protection can thwart MITM attacks, assuming the attacker doesn’t know the password. But that’s not always a safe assumption.

At a hotel or airport that offers Wi-Fi, for instance, all authorized users generally get the same password, which means any one of them could launch an MITM attack against the others. Moreover, many casual computer users find it so complicated to set up home Wi-Fi networks they don’t bother to protect them; when they do, they often select passwords that are too simple to provide much security.

That has led to marketing Wi-Fi transmitters with push-button configuration: To establish a secure link, you simply push a button on top of the transmitter and a corresponding button (or virtual button) on your wireless device. But such systems remain vulnerable to MITM attacks.

“None of these solutions are quite satisfactory,” said Nickolai Zeldovich, the Douglas Ross (1954) Career Development Assistant Professor of Software Technology, who developed the new security scheme with Dina Katabi, the Class of 1947 Career Development Associate Professor of Computer Science and Engineering, as well as postdoc Nabeel Ahmed and graduate student Shyam Gollakota, all of MIT’s Department of Electrical Engineering and Computer Science.

“The cool thing about this work is that it takes some insight from somewhat of a different field, from wireless communication — actually, fairly low-level details about what can happen in terms of wireless signals — and observes that, hey, if you assume some of these properties about wireless networks, you can actually get stronger guarantees,” Zeldovich said.

In an MITM attack, the attacker needs to drown out the signal from the legitimate sender. But the researchers’ new system ensures it will detect any attempt to do so. The trick is that, after transmitting its encryption key, the legitimate sender transmits a second string of numbers related to the key by a known mathematical operation. But whereas the key converts into a wireless signal in the ordinary way — it’s encoded as changes in the amplitude of a radio wave — the second string of numbers undergo encoding as alternating bursts of radiation and silences.

If an attacker tries to substitute his key for the legitimate sender’s, he’ll have to send the corresponding sequence of bursts and silences. But that sequence will differ from the legitimate one. Through the silences of one, the receiver will hear the bursts of the other. The overlapping sequences will look to the receiver like a wholly new sequence, which won’t match up with the transmitted key, indicating an MITM attack.

Of course, the attacker could try to drown out the entirety of the legitimate transmission and then send his own key. But that would require broadcasting a signal of such long duration that it, too, would alert the receiver to an attack.