Study exposes security vulnerabilities in terahertz data links

Research finds line-of-sight transmissions are vulnerable to undetected eavesdropping

By Kevin Stacey
Special to Rice News

A new study shows that terahertz data links, which may play a role in ultrahigh-speed wireless data networks of the future, are not as immune to eavesdropping as many researchers have assumed.

The research from Rice University, Brown University and the University at Buffalo appears this week in the journal Nature. The study shows it is possible for a clever eavesdropper to intercept a signal from a terahertz transmitter without the intrusion being detected at the receiver.

Rice University's Edward Knightly

Edward Knightly

“Securing wireless transmission from eavesdroppers has been a challenge since the days of Marconi,” said study co-author Edward Knightly, Rice’s Sheafor-Lindsay Professor and Department Chair of Electrical and Computer Engineering. “While terahertz bands take a huge leap in this direction, we unfortunately found that a determined adversary can still be effective in intercepting the signal.”

Because of its higher frequency, terahertz radiation can carry up to 100 times more data than the microwaves used in wireless communication today, which makes terahertz an attractive option for use in future wireless networks. Along with enhanced bandwidth, it has also been generally assumed that the way in which high-frequency waves propagate would naturally enhance security.

“The conventional wisdom in the terahertz community has been that it’s virtually impossible to spy on a terahertz data link without the attack being noticed,” said study co-author Daniel Mittleman, a professor in Brown’s School of Engineering. “But we show that undetected eavesdropping in the terahertz realm is easier than most people had assumed and that we need to be thinking about security issues as we think about designing network architectures.”

Unlike microwaves, which propagate in wide-angle broadcasts, terahertz waves travel in narrow, very directional beams.

“In microwave communications, an eavesdropper can put an antenna just about anywhere in the broadcast cone and pick up the signal without interfering with the intended receiver,” Mittleman said. “Assuming that the attacker can decode that signal, they can then eavesdrop without being detected. But in terahertz networks, the narrow beams would mean that an eavesdropper would have to place the antenna between the transmitter and receiver. The thought was that there would be no way to do that without blocking some or all of the signal, which would make an eavesdropping attempt easily detectable by the intended receiver.”

Mittleman and colleagues set out to test that notion. They set up a direct line-of-site terahertz data link between a transmitter and receiver, and experimented with devices capable of intercepting a signal. They were able to show several strategies that could steal signal without being detected — even when the data-carrying beam was very directional, with a cone angle of less than 2 degrees (in contrast to microwave transmission, where the angle is often as large as 120 degrees).

Yellow sunset with radio towers in silouetteOne set of strategies involved placing objects at the very edge of a beam that is capable of scattering a tiny portion of the beam. In order for a data link to be reliable, the diameter of the beam must be slightly larger than the aperture of the receiver. That leaves a sliver of signal for an attacker to work with without casting a detectable shadow on the receiver.

The researchers showed that a flat piece of metal could redirect a portion of the beam to a secondary receiver operated by an attacker. The researchers were able to acquire a usable signal at the second receiver with no significant loss of power at the primary receiver.

The team showed an even more flexible approach (from the attacker’s perspective) by using a metal cylinder in the beam instead of a flat plate.

“Cylinders have the advantage that they scatter light in all directions, giving an attacker more options in setting up a receiver,” said Josep Jornet, an assistant professor of engineering at Buffalo and a study co-author. “And given the physics of terahertz wave propagation, even a very small cylinder can significantly scatter the signal without blocking the line-of-sight path.”

The researchers went on to demonstrate another type of attack involving a lossless beam splitter that would also be difficult, if not impossible, to detect. The beam splitter placed in front of a transmitter would enable an attacker to steal just enough to be useful, yet not so much that it would set off alarm bells among network administrators.

The bottom line, the researchers say, is that while there are inherent security enhancements associated with terahertz links in comparison with lower frequencies, these security improvements are still far from foolproof.

The research was funded in part by the National Science Foundation, the Army Research Office, the Air Force Office of Scientific Research and the W.M. Keck Foundation. Additional co-authors include Jianjun Ma, Rabi Shrestha and Jacob Adelberg, all of Brown, Chia-Yi Yeh of Rice and Zahed Hossain of Buffalo.

— Kevin Stacey is the senior writer for the physical sciences at Brown University.

About Jade Boyd

Jade Boyd is science editor and associate director of news and media relations in Rice University's Office of Public Affairs.