The Taub Faculty of Computer Science Events and Talks
Ashraf Yassin (M.Sc. Thesis Seminar)
Sunday, 14.11.2021, 11:00
Advisor: Prof. Eli Biham and Amichai Shulman
The smart home industry is increasingly growing and is expected to reach billions of homes around the world in the near future. Apple allows its users to easily and securely control their smart homes using its own proprietary protocol called HAP. Although HAP is considered secure, it attracted several attacks. A specially interesting one allows a remote attacker to steal the user’s home Wi-Fi password. Although this attack has a great impact on the home security network, its effect on the smart home infrastructure is relatively limited.
We present a new easy-to-implement attack, to which we call the “gift attack”. In the gift attack, the attacker gives a rogue device (such as a door lock or security camera) to a victim that unsuspiciously the victim connects to his smart home. Although the victim is assured of the security and authenticity of the installed device, the attacker succeeds to cheat the cryptographic protection and to receive control over the device without the victim's knowledge. In the above example, the attacker can unlock the door whenever he wishes, or view or modify the camera video. Once installed, the gift attack can be extended to steal the user’s Wi-Fi password or even be used to perform other attacks on top of it, such as hijacking Siri voice commands intended to other devices (e.g., hijack the main door lock commands leaving the door open).
Our work proves that smart homes are far more insecure than they should be and that more effort should be put in to guarantee the security of smart homes before it gets to the home of every one of us.