Writing

Feed Software, technology, sysadmin war stories, and more.

Tuesday, August 21, 2012

Password resets, airgapped devices, and data over video

One of the bigger stories in the world of tech earlier this month was regarding a journalist who suffered pretty badly at the hands of people who broke into his accounts. They gained access through a variety of interesting "password recovery" mechanisms and started wiping devices remotely. It was a miserable mess.

I already wrote about this in the context of "better phone authentication", but that didn't seem like enough. There's more to this problem, and setting up better phone authentication systems is only part of solving it. For one thing, what do you do when a business is too small to have phone support? They're still going to need password reset services which are secure. How do you do that?

Thinking about it some more, I realized it boiled down to needing a really good channel between arbitrary senders and your eyes only. All of this stuff where they e-mail you something is just vulnerable to far too many attacks.

So, I present my half-baked crypto idea. Like all other crypto ideas, this one is probably full of holes and needs to be taken out to sea and drowned. But, I'd rather write about it now and get it on the record rather than sit on it, just in case it happens some day. Then I can just point at this post and say "I was right!" ...

The first thing to accept is the notion of public key cryptography, where every key is actually a pair, and you keep one part secret while distributing the other half widely. You'd keep the secret one on this special vaporware device which is "airgapped" - it's not on your Ethernet, it's not on your wireless, and you don't even tether it to your computer. I'll get to how you work around this in a bit.

Your public key can remain on your regular computer, your web site, your cell phone, your business cards, and so on. You want it to get around. You'd give it to every web site where you have signed up for an account. (Note: if keeping your relationships with web sites separate is important to you, just imagine I'm talking about *several* key pairs instead of just one.)

Now, any time one of these web sites needs to get a message through to you securely, they can just encrypt it with your public key and e-mail it to you. You'll get it on your computer and won't be able to read it, since the private key only exists on the vapor device. How do you get the encrypted mail over there when it's totally offline?

Here's the key to my idea: photons. As in visible light.

You tell your mail program to start "playing" the e-mail as if it was a video. All you'd need is a sequence of images which can be decoded as data. Think of what would be possible if you flashed a series of QR codes, for instance.

Then, with this video running, just hold your airgapped device up so that it can "see" your computer's screen and let it read the stream. Once it's successfully decoded a frame, it can figure out where it goes in the sequence. Once it can figure out that it got the full message, it can tell you this on the screen (or play a sound), and then you can stop playback on the computer.

This should be obvious, but I'll mention it anyway: the computer needs to keep playing the stream back in a loop until it is stopped by the user. There is no way to request a retransmission, so the only way for this to work in the face of errors is to present multiple opportunities for reception of any given frame.

At this point, your little device now has the encrypted mail and your private key. Decrypting it and displaying it is a solved problem. Sure, it's a bit wonky, and slow, but it's rather difficult for anyone else but you to use! It also adds the "having something" requirement to the existing situations which are usually just "knowing something". I'd guess that evil people can find out the name of the town where you grew up to spoof a security question, but physically getting a hold of a device which only exists in your home involves taking it to a whole new level. It's no longer a matter of pushing bits around.

I suppose this system could also be used backwards such that you could compose a message (or reply) on the device, and it would then encode it as a series of bar codes. Then you'd hold it in front of your computer's camera, and it would do the usual decode-and-save thing before transmitting it as an opaque binary blob. This is probably what you would need to do to get your public key off the box in the first place, for what it's worth.

The whole point of the airgap here is so that nobody can get in there and extract your private key. Even if they manage to send you some malware by exploiting an overflow in the e-mail mechanism (don't laugh, it happens), the malware would still have no way to phone home. Without physical access to the device, it would be very difficult to get anything back from it.

I suspect you could implement this with a device like an iPad or iPod if you were okay with the idea of turning off their wireless capabilities and never plugging them into your computer again. It might be a good use for a device which is otherwise too old to do anything useful. All it needs is a camera which can grab images with reasonable clarity and a way to display results on the screen somehow.

Ideally, you could keep such a device in a physically secure spot like a safe deposit box in a bank vault until it's actually needed. Think about how often you lose a password and have to reset it. That's about how often you would need to go fetch it from the bank. I could live with that.

Regarding extracting data from "video" (a series of stills), well, that's old news. Just look at how the vertical blanking interval of NTSC was used to encode things like closed captioning data or XDS. That was just a tiny bit of a signal which was nominally 525 lines tall. The bit rate couldn't have been that much.

Now, imagine if you could take that same encoding scheme and then use almost all of the signal instead of just that tiny little chunk. You'd have far more effective bandwidth. Well, that's been done too. Just look at this screenshot from 2002:

Tivo data stream

(The scrolling message said something like "This pattern is part of the Tivo service broadcast", perhaps so insomniacs wouldn't think aliens were controlling their TVs.)

For anyone who stayed up really late in those days, you might have caught that on the Discovery channel. Tivo used to push feeds to their subscriber devices this way in a really interesting sort of multicast. I assume that paying for 30 minutes of overnight "infomercial" time was cheaper than having all of those devices nailed to AOL dialup pools to download the same thing.

Of course, I fully assume that Tivo has patented every possible angle on this sort of thing, since, really, that's all they seem to do these days. The only possible upside is that since it's already existed at least 10 years, it can't be long for this world.

I've written about coming up with ridiculous data transfer methods to evade patents before. Of course, sometimes those ridiculous ideas are then patented themselves. It's a race to the bottom, and everyone's along for the ride whether they like it or not.

All of this is probably overkill, but as I mentioned before, some of these posts about half-baked ideas are just to get them on the record. Let's see what the future brings.


August 22, 2012: This post has an update.