UNIVERSITY OF HERTFORDSHIRE
             COMPUTER SCIENCE RESEARCH COLLOQUIUM

                            presents

                     "Relay-Proof Channels"

                    Prof. Bruce Christianson
       (Algorithms Research Group, School of Computer Science,
                    University of Hertfordshire)

                  5 November 2014 (Wednesday)
                          1 pm - 2 pm

                  Hatfield, College Lane Campus
                       Seminar Room D102

                  Everyone is Welcome to Attend

                  Refreshments will be available

Abstract:

Alice is a hand-held device, such as a PDA. Bob is a device providing
a service, such as an ATM, an automatic door, or an anti-aircraft gun
pointing at the gyrocopter in which Alice is travelling. Bob and Alice
have never directly met before, but share a cryptographic key as a result
of secure handoffs. Alice has used this key to request a service from Bob
(dispense cash, open door, don't shoot.) Before complying, Bob needs to
be sure that it really is Alice that he can see right in front of him,
and not Mort.

Mort and her accomplice Cove are planning a wormhole attack. They wait
until Alice is in a situation where she expects to be challenged by Bob,
and then Mort pretends to Bob that she is Alice, while Cove pretends to
Alice that he is Bob.
Mort and Cove relay the appropriate challenges and responses to one
another over a channel hidden from Alice and Bob, in order to allow the
dual masquerade to succeed, following which Alice waits impatiently in
front of a different ATM, or the wrong door, or another gun...

How can such an attack be prevented? Suppose that we could enclose Bob
inside a Platonic Faraday cage, which blocks all information-bearing
signals, not just the RF ones. At the end of the protocol run, Bob could
be confident that Alice was also inside the PF cage. Provided the PF
cage was of the right (small) size and shape to satisfy the appropriate
proximity requirement, Bob could be sure he was looking at Alice.

One way of providing such a Platonic Faraday cage is to use the laws
of physics: for example distance-bounding protocols use the fact that
the speed of light is finite. In this seminar, we argue that the laws
of information theory can be used instead. The key insight is that it
doesn't matter if the PF cage leaks some information - even Plato allowed
for some information leakage - provided the amount of information that
Mort and Cove need to exchange is greater.


---------------------------------------------------
Hertfordshire Computer Science Research Colloquium
http://cs-colloq.stca.herts.ac.uk