2006-12-18

Securely Establishing Wireless Connections

Current wireless mechanisms are very insecure. They either offer no security or securing them properly requires so much effort as to rarely be done properly. I propose a mechanism that would solve this.

In the most basic form, a person would touch two devices together (on specified contact points), and simultaneously press each of their connect buttons. Once done the devices could be separated, and would communicate securely as if there was a physical wire running between them.

Moving the devices in order to make a connection may be impractical, especially for larger devices such as a television. To connect them you would want to use an intermediary device, called a “wand”, with which you would first establish connections to both desired devices, then use these connections to instruct them to connect directly to each other. However, since this implies each device may have more than one connection, it requires a further mechanism to prevent a visitor from establishing connections and then surreptitious controlling or snooping on your devices.

The security of the basic form is done by exchanging public keys in a rapid burst, fast enough and carefully timed so as to ensure both ends are in very close proximity to each other (preferably a few centimeters, if not closer). A randomly generated number would be integrated into this key exchange protocol to prevent attackers from trying to send preemptive messages before they detect the communication.

This would not protect against tampering with the devices, including putting a false front on one of them.

No comments: