Generally, if you can eavesdrop you can also mount active attacks. But this scheme only defends against passive eavesdropping.So, here's my idea for an active attack:
- Survey they surrounding environment for a convinient carrier source, such as a local AM radio station
- If necessary, inject a similar signal into the cable using a passive coupling (crosstalk)
- Insert a pair of directional couplers to cross correlate the source signal and the resultant mismatch returns from each end of the line to measure the resistances.
I'm intrigued by the efforts of Dr Kish, and I wonder how they'll hold up to this, and other attacks... let the vetting begin!
1 comment:
Mike, these are the practical issues. The system would be protected against this type of attack by the filters at the sender and receiver ends. These filters provide the bandwidth-cut described by Eq (9) in the paper and also they prohibit the switching transients to reach the line. You can imagine there LC circuitries which eat up any high-frequency component, either from your attack or from the system itself. Best wishes, good thinking, Laszlo (Kish)
Post a Comment