Illustration showing a phone with a lock superimposed in front of it.
Illustration: iStockphoto

An illustration of a mobile phone with a lock in front of it. Illustration: iStockphoto

Do you know which of your passwords hackers have stolen? If you don’t, it’s never too late to check. In any case, you probably remember the times you’ve lost your phone much more clearly than all the times you’ve been hacked.

That’s the reasoning behind the security argument that Rivetz CEO Steven Sprague presented today at MWC Barcelona (formerly called Mobile World Congress): we should trust people to keep track of their devices, but not their passwords.

Hardware-makers have for years built so-called Trusted Execution Environments (TEEs), which are walled-off parts of processors designed to prevent everyday applications or programs from accessing our most sensitive information. Intel offers one called SGX and ARM has one called Trustzone. "This is useful functionality to have,” says Roland van Rijswijk-Deij of the University of Twente in The Netherlands. “In theory, the TEE can protect against applications on the ‘normal’ OS gaining access to credentials.”

To replace traditional passwords, Sprague’s startup puts one of a user’s private keys into the TEE and another onto a user’s SIM card. That means that any message encrypted with both keys must have come from a sender in possession of the working device and an active account with their mobile network operator.

That makes the message very reliable—a bank can be more confident that message came from its client and not from a hacker, for example. And, those messages can be stored in a blockchain that verifies that the messages were created in that hardware safe space, and that nothing has happened to the message since its creation.

That reliability makes the service attractive to partners such as Civic, which is using Rivetz to allow customers to choose which parts of their identity, such as their age, they’d like to reveal to online businesses, without needing to give away more information than necessary.

Involving the SIM card makes it possible for your operator to offer another handy service: If you lose your device, you can contact your carrier, verify your identity to them through other trusted devices, and remotely block the missing device. Unlike when you report a credit card as stolen, if you later recover the device, you can reactivate it from one of those other trusted devices.

“We are a collection of devices, not any one of them,” Sprague said during his presentation.

But Rivetz, like any feature involving TEEs, only works on certain devices. For now, Rivetz offers its software, which sits sandwiched between hardware and apps written by third parties via a software development kit, only on certain versions of the Android operating system. That means if you don’t have a compatible device on you, you cannot log into a Rivetz-secured application from a different device, such as a work computer or a friend’s phone.

It’s also not easy for normal users to verify whether a given TEE is actually safe, van Rijswijk-Deij says: "The TEE might be a perfectly secure design, but this is difficult for users to establish. Effectively, you're going to have to trust [the manufacturer’s] claim that it is secure, which can be fair: trust has to start somewhere.”

Sprague says those are worthwhile tradeoffs and that banks and others should have made them long ago, instead of focusing on systems involving usernames and passwords so that anybody could log in from any device. “It’s not about the identity of humans,” he told IEEE Spectrum, “it’s about the identity of things.”

The Conversation (0)

Metamaterials Could Solve One of 6G’s Big Problems

There’s plenty of bandwidth available if we use reconfigurable intelligent surfaces

12 min read
An illustration depicting cellphone users at street level in a city, with wireless signals reaching them via reflecting surfaces.

Ground level in a typical urban canyon, shielded by tall buildings, will be inaccessible to some 6G frequencies. Deft placement of reconfigurable intelligent surfaces [yellow] will enable the signals to pervade these areas.

Chris Philpot

For all the tumultuous revolution in wireless technology over the past several decades, there have been a couple of constants. One is the overcrowding of radio bands, and the other is the move to escape that congestion by exploiting higher and higher frequencies. And today, as engineers roll out 5G and plan for 6G wireless, they find themselves at a crossroads: After years of designing superefficient transmitters and receivers, and of compensating for the signal losses at the end points of a radio channel, they’re beginning to realize that they are approaching the practical limits of transmitter and receiver efficiency. From now on, to get high performance as we go to higher frequencies, we will need to engineer the wireless channel itself. But how can we possibly engineer and control a wireless environment, which is determined by a host of factors, many of them random and therefore unpredictable?

Perhaps the most promising solution, right now, is to use reconfigurable intelligent surfaces. These are planar structures typically ranging in size from about 100 square centimeters to about 5 square meters or more, depending on the frequency and other factors. These surfaces use advanced substances called metamaterials to reflect and refract electromagnetic waves. Thin two-dimensional metamaterials, known as metasurfaces, can be designed to sense the local electromagnetic environment and tune the wave’s key properties, such as its amplitude, phase, and polarization, as the wave is reflected or refracted by the surface. So as the waves fall on such a surface, it can alter the incident waves’ direction so as to strengthen the channel. In fact, these metasurfaces can be programmed to make these changes dynamically, reconfiguring the signal in real time in response to changes in the wireless channel. Think of reconfigurable intelligent surfaces as the next evolution of the repeater concept.

Keep Reading ↓Show less
{"imageShortcodeIds":[]}