[messaging] Audible public-key fingerprints

Dominik Schuermann dominik at dominikschuermann.de
Tue Aug 19 23:58:45 PDT 2014


On 08/20/2014 06:09 AM, Arne Renkema-Padmos wrote:
> As an alternative to audible communication you could also try
> ultrasound, but I'm not sure how well that works quality wise.
> Regarding end-user agency in determining when their device broadcasts
> their signal: if you don't want broadcasting to happen all the time
> (very understandable), then you probably want some kind of explicit
> action from the user (tap button, gesture, wiggle phone in a certain
> way, etc), or some implicit action (e.g. wearables that detect the
> performing of a handshake: http://zenodo.org/record/11163).

in this discussion we need to differentiate between different
audio-based exchange techniques: audible, non-audible, and communication
techniques that use audio in addition to a wifi/bluetooth channel.

How do they perform under a MitM attack?:

audible: The idea is that Alice hears with her own ears that someone
overlays Bob's emitted sound with something different, i.e., Eve is near
the phones and sends her own fingerprint via audible audio. This audio
is then saved by Alice under the name of Bob, but it was Eve's
fingerprint instead of Bob's. Alice notices this attack and repeats the
transmission -> protected if used right!

non-audible: Alice can not detect if she is under attack. The
fingerprint exchange is emitted in e.g. ultrasound. One advantage in
comparison to wifi/bluetooth is the limited physical context. If the
doors and windows of a room are closed it is difficult to do this attack.

techniques using audio for securing existing channels: depends on the
technique. You referred to Lound-and-Clear and another paper, which
depend on a second channel like wifi/bluetooth. In my opinion,
Loud-and-Clear protects against MitM because it is a hearable
authentication like the others and incorporating DH/RSA exchange to make
MitM much more difficult. If you just want the property of limited
physical audio propagation, I would like to present our work on this:

(shameful advertisement following...)
We use ambient audio to create a bitsequence which is identical enough
on two devices. Based on this sequence we can start a confidential and
authenticated communication. This method transmits no sounds on its own
and just exploits existing ambient audio. We propose to use it in closed
meeting rooms automatically because it is unobtrusive and requires no
user interaction.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140820/ea604823/attachment.sig>

More information about the Messaging mailing list