Next-generation wireless networks could be designed with built-in defenses against “metasurface in the middle” attacks

Crafty hackers can create a tool to eavesdrop on certain 6G wireless signals in as little as five minutes using office paper, an inkjet printer, foil transfer, and a laminator.

The wireless security hack was discovered by engineering researchers from Rice University and Brown University, who will present their findings and demonstrate the attack this week in San Antonio at ACM WiSec 2022, the Association for Computing Machinery annual conference on wireless and mobile security and privacy. networks.

“Awareness of a future threat is the first step in countering that threat,” said study co-author Edward Knightly, Rice’s Sheafor-Lindsay Professor of Electrical and Computer Engineering. “Frequencies vulnerable to this attack are not yet in use, but they are coming and we need to be prepared.”

In the study, Knightly, Brown University engineering professor Daniel Mittleman and colleagues showed that an attacker could easily fabricate a sheet of office paper overlaid with 2D sheet symbols – a metasurface – and the use to redirect part of a 150 gigahertz “pencil beam”. transmission between two users.

They dubbed the attack “Metasurface-in-the-Middle” as a nod to both the hacker’s tool and how it’s used. Metasurfaces are thin sheets of material with patterned patterns that manipulate light or electromagnetic waves. “Man-in-the-middle” is a computer security industry classification for attacks in which an adversary secretly inserts himself between two parties.

The 150 gigahertz frequency is higher than that used in current 5G cellular or Wi-Fi networks. But Knightly said wireless carriers are looking to deploy 150 gigahertz and similar frequencies known as terahertz or millimeter waves over the next decade.

“Next-generation wireless will use high frequencies and pencil beams to support broadband applications like virtual reality and autonomous vehicles,” said Knightly, who will present the research with co-author Zhambyl Shaikhanov. , a graduate student from his lab.

In the study, researchers use the names Alice and Bob to refer to the two people whose communications are hacked. The eavesdropper is called Eve.

To mount the attack, Eve first designs a metasurface that will diffract part of the narrow-beam signal back to its location. For the demonstration, the researchers designed a model with hundreds of rows of split rings. Each looks like the letter C, but they are not the same. The open portion of each ring varies in size and orientation.

“These apertures and orientations are very specific for the signal to be diffracted in the exact direction Eve wants,” Shaikhanov said. “After she designs the metasurface, she prints it on a regular laser printer, then she uses a hot stamping technique used in crafts. She places a sheet of metal over the printed paper, runs it through a laminator and the heat and pressure create a bond between the metal and the toner.”

Mittleman and study co-author Hichem Guerboukha, a postdoctoral researcher at Brown, showed in a 2021 study that the hot-stamping method could be used to fabricate split-ring metasurfaces with resonances up to 550 GHz.

“We developed this approach to lower the barrier for making metasurfaces, so researchers can test many different designs quickly and inexpensively,” Mittleman said. “Of course, this also lowers the barrier for eavesdroppers.”

The researchers said they hope the study dispels a common misperception in the wireless industry that higher frequencies are inherently secure.

“People have been quoted saying millimeter wave frequencies are ‘secret’ and ‘highly confidential’ and ‘provide security,'” Shaikhanov said. “The thought is, ‘If you have a super narrow beam, no one can listen to the signal because they would have to physically get between the transmitter and the receiver. What we’ve shown is that Eve doesn’t need to be invasive to mount this attack.”

Research has shown that the attack would be difficult for Alice or Bob to detect today. And while the metasurface should be placed between Alice and Bob, “it could be hidden in the environment,” Knightly said. “You could hide it with other sheets of paper, for example.”

Knightly said that now that researchers and wireless equipment manufacturers are aware of the attack, they can study it further, develop detection systems and integrate them into terahertz networks from the start.

“If we had known from day one, when the Internet first appeared, that there would be denial of service attacks and attempts to take down web servers, we would have designed it differently,” said said Knightly. “If you build first, wait for attacks, then try to fix, that’s a much more costly and onerous route than designing securely from the start.”

“Millimeter wave frequencies and metasurfaces are new technologies that can each be used to advance communication, but each time we get a new communication capability, we have to ask ourselves the question, ‘What if the adversary had of this technology? give them what they didn’t have in the past? And how can we achieve a secure network against a powerful adversary?

Fahid Hassan de Rice is co-author of the study.

This research was supported by Cisco, Intel, the National Science Foundation (1955075, 1923782, 1824529, 1801857, 1923733, 1954780) and the Army Research Laboratory (W911NF-19-2-0269).

Comments are closed.