‘Wanda’ device improves security
Computer science doctoral student Tim Pierson’s new device may seem to many like a magic wand. Better known as “Wanda,” the programmed wand allows users to securely connect wireless devices to a Wi-Fi network with a tap, removing a number of security risks in the process.
In the abstract of his recently published paper “Wanda: Securely Introducing Mobile Devices,” Pierson identified three main goals of the device: to configure devices to local Wi-Fi networks, to partner different devices together such as a glucose monitor and insulin pump and to ensure these devices are connected to the relevant personal or organizational account intended by the user. Wanda is currently a working prototype that has met each of these goals.
The invention can securely send information such as the password of a Wi-Fi router to other devices wirelessly, securely adding them to the shared network.
To connect a device to the network with Wanda, a user simply points the two-antenna wand at the device. Pierson said this idea came from his desire to help patients in small health networks such as a home or doctor’s office without an IT team.
Doctors and patients are often unable to use the latest technology because they are not technologically savvy, he said, which the device will help address.
Wanda also boosts security by deterring wireless eavesdropping by relying on properties of how radio waves propagate through space.
One antenna is at the tip of the wand and a second is seven centimeters farther down. At distances of around seven centimeters, a receiving device can sense the difference in signal strength when the wand transmits a Wi-Fi packet using the first antenna as opposed to when it sends a packet using the second antenna.
Would-be hackers trying to listen in from more than 30 centimeters away would not be able to determine which antenna sent the packet, as the signals arrive at their antenna with the same strength. This means hackers would not be able to access any information, including passwords. The key to Wanda is proximity — the two antennas on the wand used to transmit packets of information are close together, and the receiving device itself is located close to the wand.
Wanda secures the transfer of information — the user does not need to know the password when tapping a device to connect it. Networks can then use complex, hard-to-remember passwords, ones that are much harder for hackers to crack than a word or phrase. Wanda also reduces human error since users do not need to write anything down and risk losing the slip of paper.
Pierson also envisions more possibilities for Wanda beyond healthcare. Wanda would be to able incorporate multiple household devices regardless of the different manufacturers of each home’s smart devices. The need for dozens of smart device set-up apps or interfaces could be eliminated by Wanda. As an intermediary, Wanda is capable of conveying any information put into it. Pierson said that the method of transmitting information in Wanda has many possibilities, as it is the first prototype where the technology has been implemented. Wanda is currently under patent review.
Wanda is a part of the Trustworthy Health and Wellness project, a $10 million National Science Foundation initiative that focuses on studying security and privacy issues within health and wellness involving mobile and cloud technology.
Computer science professor David Kotz, who is the principal investigator for THaW, said that the group studies the intersection of security and privacy within health and wellness.
“Part of that is understanding the current state of affairs, in particular what are the risks that might be related to security and privacy,” Kotz said. “[We’re] inventing new solutions that have fewer security privacy risks, or at least strong security but are more efficient, easier to use, or cheaper.”
The grant included professors from four other universities originally, and recently added one more, Kotz said.
At Dartmouth, the THaW project provides a source of funding and training for three other doctoral candidates and three undergraduates.
David Rozenfeld ’17 wrote in an email that working on the Wanda project gave him exposure to possible paths he could pursue post graduation. Rozenfeld was responsible for obtaining medical devices that were bluetooth enabled, but not Wi-Fi enabled.
Kotz said that there are many projects THaW is currently funding at Dartmouth. One of these seeks to help log out people on hospital computers automatically, as opposed to the current situation where computers are left logged in and susceptible to other unauthorized individuals. This process is also under patent review.
Kotz said that he will be reapplying for the grant in two years, as long as the recent halfway review does not terminate the project earlier.