Next-gen wireless networks could be designed with built-in defenses against ‘metasurface-in-the-middle’ attack — ScienceDaily

Crafty hackers can make a tool to eavesdrop on some 6G wireless signals in as little as five minutes using office paper, an inkjet printer, a metallic foil transfer and a laminator.

The wireless security hack was discovered by engineering researchers from Rice University and Brown University, who will present their findings and demonstrate the attack this week in San Antonio at ACM WiSec 2022, the Association for Computing Machinery’s annual conference on security and privacy in wireless and mobile networks.

“Awareness of a future threat is the first step to counter that threat,” said study co-author Edward Knightly, Rice’s Sheafor-Lindsay Professor of Electrical and Computer Engineering. “The frequencies that are vulnerable to this attack aren’t in use yet, but they are coming and we need to be prepared.”

In the study, Knightly, Brown University engineering Professor Daniel Mittleman and colleagues showed an attacker could easily make a sheet of office paper covered with 2D foil symbols — a metasurface — and use it to redirect part of a 150 gigahertz “pencil beam” transmission between two users.

They dubbed the attack “Metasurface-in-the-Middle” as a nod to both the hacker’s tool and the way it is wielded. Metasurfaces are thin sheets of material with patterned designs that manipulate light or electromagnetic waves. “Man-in-the-middle” is a computer security industry classification for attacks in which an adversary secretly inserts themself between two parties.

The 150 gigahertz frequency is higher than is used in today’s 5G cellular or Wi-Fi networks. But Knightly said wireless carriers are looking to roll out 150 gigahertz and similar frequencies known as terahertz waves or millimeter waves over the next decade.

“Next-generation wireless will use high frequencies and pencil beams to support wide-band applications like virtual reality and autonomous vehicles,” said Knightly, who will present the research with co-author Zhambyl Shaikhanov, a graduate student in his lab.

In the study, the researchers use the names Alice and Bob to refer to the two people whose communications are hacked. The eavesdropper is called Eve.

To mount the attack, Eve first…