Project Overview

In a world full of user-managed personal, mobile devices, security is critical.  Even more critical is ease of use.  If a security procedure is too difficult, users won't deploy it, they may configure it incorrectly, or they'll just switch it off.

Many people believe that you cannot have both security and ease of use.  This simply is not true.  The goal of the Whisper Project, organized by members of the Security Research Group in PARC's Computer Science Laboratory, is to build new technologies that allow users to easily manage their own security.  These technologies are based on the following key concepts:

One of these interaction primitives consists of using a location-limited channel (e.g. infrared, sound, physical touch, or capacitive signaling) to establish trust between devices that may not have a priori knowledge of each other.  A user simply needs to "point out" the device she wishes to communicate with, using one of these channels. Over that channel we can establish a strong trust relationship that can be used to authenticate and secure further communications between the devices. This forms a building block on top of which can be layered more complex applications. In particular, it can be used to make standard, industrial-grade security technologies easy to configure and use.

The Whisper Project has applied this approach to securing wireless networks.  PARC's wireless security technology solutions don't require the user to be a networking expert -- they are designed to be as easy to use as they are secure.  PARC's Network-in-a-Box puts today's strongest-available industrial security technology - 802.1x - into the hands of non-expert users.  Using this technology, an average user can add a computer to an 802.1x-secured wireless network in less than 60 seconds by following two simple steps.  PARC's technology can be applied to consumer use, small office/home office settings, ad-hoc networks, and can be scaled to manage enterprise-class wireless networks.