Credential theft is one of the more persistent and troubling threats in security, and researchers have been trying to come up with answers to it for decades. A team at the University of Washington has developed a system that can prevent attackers from intercepting passwords and keys sent over the air by sending them through users’ bodies instead.
The human body is a good transmission mechanism for certain kinds of waves, and the UW researchers were looking for a way to take advantage of that fact to communicate authentication information from a user’s phone directly to a target device, such as a door knob or medical device. In order to make that idea a reality, they needed to develop a system that could be in direct contact with the user’s body, and could produce electromagnetic signals below 10 MHz. And to make the system usable for a mass audience, the team needed widely available hardware that could generate and transmit the signals.
So the researchers settled on the fingerprint sensor on iPhones and the touchpad on Lenovo laptops, as well as a fingerprint scanner and a touchpad from Adafruit. The concept is deceptively simple: generate an electromagnetic signal from the fingerprint sensor or touchpad and transmit that through the user’s body to the target device. The signal can carry a typical password or even an encryption key, the researchers said.
“We show for the first time that commodity devices can be used to generate wireless data transmissions that are confined to the human body. Specifically, we show that commodity input devices such as fingerprint sensors and touchpads can be used to transmit information to only wireless receivers that are in contact with the body,” the researchers, Mehrdad Hessar, Vikram Iyer, and Shyamnath Gollakota, of UW said in their paper, “Enabling On-Body Transmissions With Commodity Devices”.
“Specifically, a communication primitive that transmits information directly through the body would create links immune to eavesdropping or man in the middle attacks. For example, by simply touching a doorknob, a user could transmit secret credentials from their smartphone through their body to open the door, without leaking secret information over the air. It can also be used to create secret keys that are necessary for establishing secure wireless connections for wearable devices.”
One of the key applications for this system is for authenticating to medical devices worn on patients’ bodies. Devices such as wearable glucose monitors typically use wireless protocols such as Bluetooth to communicate, and those signals can be intercepted by attackers without much effort. The on-body transmission system can send credentials or encryption keys through the user’s body rather than over the air, making them less accessible to attackers.
“We can also get a strong signal throughout your body. The receivers can be anywhere — on your leg, chest, hands — and still work.”
“We can envision that a user would touch their fingerprint sensor, which would in turn transmit a secret key to medical devices on the body. Once the secret key is transmitted, an encrypted pairing process can be used to establish a traditional wireless communication link, allowing the wearable device to communicate with smartphones or other devices,” the UW paper says.
The system developed by the UW team would be implemented through a mobile app ideally, Iyer said.
“The way you would implement this would be by just running an app on your phone. For example, the app could perform fingerprint scans repeatedly to send a key. The prototype we show in our paper uses a USB fingerprint sensor we have easy software control over, if Apple’s API allowed an app to start individual fingerprint scans rather than running their full user authentication we could do the same thing on an iPhone,” Iyer said via email.
Right now, fingerprint sensors and touchpad are used as input devices, but the UW system uses them to generate output instead. In order to transmit the signals through the user’s body, the researchers needed to find a way to modulate them. Radio waves are modulated, but the signals the fingerprint sensors and touchpad produce are not, so the researchers modulated them by starting and stopping the devices.
“Specifically, we represent a one bit by the presence of the EM signals and a zero bit by their absence. By continuously modulating these signals, we can transmit sequences of bits on the human body,” the UW team said.
The researchers were able to generate transmission rates of up to 50 bits per second through the on-body system, and said they could send a 256-bit encryption key in about 15 seconds. The team said that there was plenty of room for speed improvements with tweaks to the API that the iPhone fingerprint sensor uses for communication and other hardware upgrades. The team also looked at how a user’s posture or body type affected the transmissions and didn’t find large variations.
“We showed that it works in different postures like standing, sitting and sleeping,” said Iyer, a UW electrical engineering doctoral student. “We can also get a strong signal throughout your body. The receivers can be anywhere — on your leg, chest, hands — and still work.”