Thursday, February 19, 2009
12:00 pm - 1:00 pm
PLACE: Wean Hall 8220
Improving the Privacy of Wireless Protocols
What do your wireless devices reveal about you? Do you think that WEP or WPA keeps you safe? Did you know that eavesdroppers may still figure out where you live and other places that you've visited? How can you protect your privacy in an increasingly wireless world? Wireless capabilities are rapidly spreading beyond laptop computers to everyday consumer devices ranging from cell-phones and personal health monitors to game controllers and digital cameras. This evolving wireless ecosystem is increasingly pervasive and personal in its usage, and it heightens privacy risks that are already significant compared to wired networks. Unfortunately, our understanding of the privacy risks associated with low-level wireless protocols is limited. In this talk, I show that, with nothing more than commodity hardware, eavesdroppers can track and profile devices that use existing protocols such as 802.11 and Bluetooth. Devices can be tracked even when the best known defenses are employed, such as temporary device addresses and link layer encryption. This is because protocol control information, which remains exposed, can implicitly identify devices even if they do not transmit any explicit identifiers. To improve privacy, I demonstrate how to build efficient wireless protocols that do not reveal any identifying information.
Jeffrey Pang will obtain his Ph.D. in Computer Science from Carnegie Mellon University in Spring 2009 and obtained his B.A. in Computer Science from U.C. Berkeley. His research includes work on wireless privacy, peer-to-peer games, and Internet measurement. More generally, he is interested in building systems for ubiquitous computing and federated Internet environments.
SDI / LCS Seminar Questions?
Karen Lindenfelser, 86716, or visit www.pdl.cmu.edu/SDI/