Identifying a possible "wormhole" threat to wireless networks, Rice computer science professor David B. Johnson, along with Yih-Chun Hu and Adrian Perrig, presented a paper at INFOCOM 2003, the 22nd Annual Joint Conference of the IEEE Computer and Communications Societies, in San Francisco in April. The team, which is gaining media attention for their research, also has devised a remedy.
Hu and Perrig began their wireless security work with Johnson while graduate students at Carnegie Mellon University. Hu now conducts postdoctoral research at Rice with Johnson. Perrig is an assistant professor at CMU.
New Scientist (05/20/03); Will Knight
A "wormhole attack" in which an intruder hijacks wireless data packets moving across one section of the network and re-implants them at another physical network node, could be used to shut down an "ad-hoc" wireless network or thwart a wireless authentication system, even if it is encrypted. "The wormhole puts the attacker in a very powerful position relative to other nodes in the network," the researchers explain. "Possible ways for the attacker to then exploit the wormhole include discarding rather than forwarding all data packets, thereby creating a permanent Denial of Service ... or selectively discarding or modifying certain data packets."
The researchers' proposed solution is to tag each data packet with "packet leashes" that allow each network node to ascertain the packet's point of origin. Packet leashes could consist of GPS data or a timestamp derived from a synchronized network clock. Counterpane founder Bruce Schneier argues that deploying such safeguards would be very expensive, and suggests an alternative solution in which network nodes exchange bits very quickly and the actual distance between nodes is gauged using the speed of light.
June 13, 2003