Actually, I thought a bit more about it, and it seems there is a trivial potential attack when an adversary opens two calls - one to each user - and deepfakes each user’s feed to the other.
If all authentication keys (QR codes, TOTP codes, even PKI) are exchanged in the communication channel and do not authenticate the communication channel feed itself, the attacker can simply forward them between the two victims, maintaining a perfect “bridge” with no obvious sign of tampering. Once the authentication phase is complete, they can terminate the redundant call and continue conversation with the target having passed the authentication.
It seems to me that the only way against it is to authenticate messages (text or feed) themselves, and for that we go back to regular MACs that are already used today.
I think that the scenario you describe requires one of two conditions:
1. The attacker knows the time and medium through which the two persons call each other, and have control over the medium, being able to inject themselves;
2. The attacker coerces one of the two persons to perform authentication.
You have a much bigger problem if any of the above is true.
artemgr|1 year ago
If all authentication keys (QR codes, TOTP codes, even PKI) are exchanged in the communication channel and do not authenticate the communication channel feed itself, the attacker can simply forward them between the two victims, maintaining a perfect “bridge” with no obvious sign of tampering. Once the authentication phase is complete, they can terminate the redundant call and continue conversation with the target having passed the authentication.
It seems to me that the only way against it is to authenticate messages (text or feed) themselves, and for that we go back to regular MACs that are already used today.
k_sze|1 year ago