Use Your Body, Not WiFi, to Transmit Secure Passwords
Jennifer Langston, 6 Jan 17
       

(Credit: Getty Images)

Sending a password or secret code over airborne radio waves like WiFi or Bluetooth means anyone can eavesdrop, including hackers.

Researchers have devised a way to send secure passwords through the human body—using benign, low-frequency transmissions generated by fingerprint sensors and touchpads on consumer devices.


“I can touch the doorknob and touch the fingerprint sensor on my phone and transmit my secret credentials through my body to open the door.”


“Fingerprint sensors have so far been used as an input device. What is cool is that we’ve shown for the first time that fingerprint sensors can be re-purposed to send out information that is confined to the body,” says Shyam Gollakota, assistant professor of computer science and engineering at the University of Washington.

These “on-body” transmissions offer a more secure way to transmit authenticating information between devices that touch parts of your body—such as a smart door lock or wearable medical device—and a phone or device that confirms your identity by asking you to type in a password.

Gollakota describe the work in a paper presented at the 2016 Association for Computing Machinery’s International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp 2016) in Germany.

(Credit: Vikram Iyer/University of Washington)

“Let’s say I want to open a door using an electronic smart lock,” says Merhdad Hessar, an electrical engineering doctoral student and co-lead author of the paper. “I can touch the doorknob and touch the fingerprint sensor on my phone and transmit my secret credentials through my body to open the door, without leaking that personal information over the air.”

Works with iPhone and other devices

The research team tested the technique on iPhone and other fingerprint sensors, as well as Lenovo laptop trackpads and the Adafruit capacitive touchpad. In tests with 10 different subjects, they were able to generate usable on-body transmissions on people of different heights, weights and body types. The system also worked when subjects were in motion—including while they walked and moved their arms.

“We showed that it works in different postures like standing, sitting, and sleeping,” says co-lead author Vikram Iyer, an electrical engineering doctoral student. “We can also get a strong signal throughout your body. The receivers can be anywhere—on your leg, chest, hands—and still work.”

The team analyzed smartphone sensors to understand which of them generates low-frequency transmissions below 30 megahertz that travel well through the human body but don’t propagate over the air.

They found fingerprint sensors and touchpads generate signals in the 2 to 10 megahertz range and employ capacitive coupling to sense where your finger is in space, and to identify the ridges and valleys that form unique fingerprint patterns.

Normally, sensors use these signals to receive input about your finger. But the engineers devised a way to use these signals as output that corresponds to data contained in a password or access code. When entered on a smartphone, data that authenticates your identity can travel securely through your body to a receiver embedded in a device that needs to confirm who you are.

Their process employs a sequence of finger scans to encode and transmit data. Performing a finger scan correlates to a 1-bit of digital data and not performing the scan correlates to a 0-bit.

The technology could also be useful for secure key transmissions to medical devices such as glucose monitors or insulin pumps, which seek to confirm someone’s identity before sending or sharing data.

The team achieved bit rates of 50 bits per second on laptop touchpads and 25 bits per second with fingerprint sensors—fast enough to send a simple password or numerical code through the body and to a receiver within seconds.

Sign in to view full article

       
Norway’s Oil Fund Is A Tarnished Gold Standard For Sustainable Investment
The largest sovereign wealth fund in the world, Norway’s US$930 billion Government Pension Fund Global, is seen as the epitome ...
Beate Sjåfjell
Thu, 4 May 17
Our Experiments Taught Us Why People Troll
“Fail at life. Go bomb yourself.”
Justin Cheng, Michael Bernstein, Cristian Danescu-Niculescu-Mizil
Mon, 6 Mar 17
My Smartphone, Myself: Digital Separation Anxiety in The Postmodern World
Has this ever happened to you: you accidentally leave your cell phone at home, and it feels like your soul ...
Abraham Martínez González
Wed, 18 Jan 17
Here’s How We Can Protect Ourselves From The Hidden Algorithms That Influence Our Lives
In political terms, 2016 has been a year of uncertainty. Yet, it has also seen the rising dominance of algorithms, ...
Alan Reid
Sun, 26 Feb 17
You Too Could Be Multilingual – It’s Just About Unlocking The Skills Inside
Think back to when you first started learning a foreign language. For many readers it was probably French, German or ...
Christopher Timothy McGuirk
Thu, 6 Apr 17
At Epoch Times, We Care :o)
Advertise with Us
Hachi.Tech
Sports Elements
Read about Forced Organ Harvesting
BUCHERER