New research shows that it’s possible to steal data undetected from terahertz wireless links, even though those links involve beam transmissions from the transmitter to the receiver.
The research indicates terahertz data links, which may play a role in ultra-high-speed wireless data networks of the future, aren’t as immune to eavesdropping as many researchers have assumed. The researchers found that it is possible for a clever eavesdropper to intercept a signal from a terahertz transmitter without the intrusion being detected at the receiver.
“The conventional wisdom in the terahertz community has been that it’s virtually impossible to spy on a terahertz data link without the attack being noticed,” says study coauthor Daniel Mittleman, a professor in Brown University’s School of Engineering. “But we show that undetected eavesdropping in the terahertz realm is easier than most people had assumed and that we need to be thinking about security issues as we think about designing network architectures.”
Narrow beams = more security?
Because of its higher frequency, terahertz radiation can carry up to 100 times more data than the microwaves used in wireless communication today, which makes terahertz an attractive option for use in future wireless networks.
Along with enhanced bandwidth, scientists generally assumed that the way in which high-frequency waves propagate would naturally enhance security. Unlike microwaves, which propagate in wide-angle broadcasts, terahertz waves travel in narrow, very directional beams.
“In microwave communications, an eavesdropper can put an antenna just about anywhere in the broadcast cone and pick up the signal without interfering with the intended receiver,” Mittleman says.
“Assuming that the attacker can decode that signal, they can then eavesdrop without being detected. But in terahertz networks, the narrow beams would mean that an eavesdropper would have to place the antenna between the transmitter and receiver,” he says.
“The thought was that there would be no way to do that without blocking some or all of the signal, which would make an eavesdropping attempt easily detectable by the intended receiver.”
So, the researchers set out to test that notion.
3 ways to attack
The researchers set up a direct line-of-site terahertz data link between a transmitter and receiver, and experimented with devices capable of intercepting signal. They were able to show several strategies that could steal signals without being detected—even when the data-carrying beam is very directional, with a cone angle of less than 2 degrees (in contrast to microwave transmission, where the angle is often as large as 120 degrees).
One set of strategies involves placing objects at the very edge of a beam that are capable of scattering a tiny portion of the beam. In order for a data link to be reliable, the diameter of the beam must be slightly larger than the aperture of the receiver. That leaves a sliver of signal for an attacker to work with without casting a detectable shadow on the receiver.
The researchers showed that a flat piece of metal could redirect a portion of the beam to a secondary receiver an attacker could operate. The researchers acquired a usable signal at the second receiver with no significant loss of power at the primary receiver.
The team showed an even more flexible approach (from the attacker’s perspective) by using a metal cylinder in the beam instead of a flat plate.
“Cylinders have the advantage that they scatter light in all directions, giving an attacker more options in setting up a receiver,” says coauthor Josep Jornet, an assistant professor of electrical engineering at the University at Buffalo. “And given the physics of terahertz wave propagation, even a very small cylinder can significantly scatter the signal without blocking the line-of-sight path.”
The researchers went on to demonstrate another type of attack involving a lossless beam splitter that would also be difficult, if not impossible, to detect. The beam splitter placed in front of a transmitter would enable an attacker to steal just enough to be useful, yet not so much that it would set off alarm bells among network administrators.
‘Far from foolproof’
The bottom line, the researchers say, is that while there are inherent security enhancements associated with terahertz data links in comparison with lower frequencies, these security improvements are still far from foolproof.
“Securing wireless transmission from eavesdroppers has been a challenge since the days of Marconi,” says coauthor Edward Knightly, professor of electrical and computer engineering at Rice University. “While terahertz bands take a huge leap in this direction, we unfortunately found that a determined adversary can still be effective in intercepting the signal.”
The research appears in the journal Nature.
The National Science Foundation, the Army Research Office, the Air Force Office of Scientific Research, and the W. M. Keck Foundation partly funded the research.
Source: Brown University