Baking Security Into Open WiFi Networks

  /     /     /  
Publicated : 22/11/2024   Category : security


Baking Security Into Open WiFi Networks


New approach lets WiFi networks remain open and secure



What if you could make the coffee shop wireless LAN both open and secure? Thats just what a group of researchers hopes to do with their new open-source code available to organizations or establishments hosting their own WiFi networks.
The newly released Secure Open Wireless Access (SOWA) proof-of-concept implementation is aimed at making openly available WiFi networks safer by giving users encrypted connections to wireless networks without their risking connecting to a rogue wireless access point or their traffic getting sniffed or hijacked. Researchers from IBMs X-Force research team, as well as an independent researcher, recently joined forces to push the technology, which they first demonstrated earlier this month at Black Hat USA in Las Vegas.
At the heart of SOWA are digital certificates associated with the WLANs SSID, which ensure that the user is actually connecting to, say, Panera Breads or Starbucks trusted WiFi network. This would shield users from sidejacking or other attacks that hijack their HTML session cookies or sniff their traffic. That threat of malicious WiFi activity was intensified last fall with
the release of the notorious Firefox extension called Firesheep
, which made sidejacking merely a matter of point-and-click and easy enough for an everyday user -- not just a hacker.
Insecure wireless is a constant reality. When you are using open wireless networks, your traffic is unencrypted and subject to be monitored, says Tom Cross, threat intelligence manager at IBM X-Force and lead researcher for SOWA. Firesheep was a pretty dramatic demonstration of when youre using an unencrypted network that youre subject to having your credentials stolen.
I think theres more of this kind of sniffing going on than we realize, he says. When someone is attacking an insecure wireless network, there is no real way to detect that its happening ... This has significant impact on security and personal privacy ... We want to build open wireless networks that are encrypted and that anyone can access.
The reality today is that the only secure WLANs are closed ones that require credentials and other access controls, which isnt conducive to coffee shops or other public spaces. So the researchers decided to take an approach similar to HTTP-S, but using SSIDs to identify the WLAN provider rather than domain names.
Cross and fellow researchers Takehiro Takahashi and Christopher Byrd initially focused on a Linux version of the secure WiFi solution, but they are looking at how to do the same with Windows and Mac OS X.
Sidejacking expert Robert Graham, CEO of Errata Security, says the SOWA approach would block the passive interception of traffic, and could also eliminate rogue access points. If done correctly, it would also stop active interception, such as rogue APs, he says.
Graham says implementing it would basically only entail a minor tweak to existing code.
Companies can support it without breaking their existing products, Graham says. Microsoft or Apple can also drop a competing solution into their own products that works much the same way.
IBMs Cross says it would help if the technology were built into the operating system. The SOWA PoC basically includes a slightly tweaked FreeRadius authentication server function and a client supplicant, or lightweight code, thats based on WPA. Cross says FreeRadius would have to be configured to use the digital certificate for EAP/TLS, and the domain name in the cert would look something like sown.ibm.com.
The SOW client tool negotiates the encryption. As long as the WiFi networks certificate checks out, the client gets connected to the network, Cross says. From the client standpoint, its easy to use, he says.
Interestingly, the IBM researchers and Byrd, manager of security and privacy for Brown Smith Wallace, independently and coincidentally came up with their secure open wireless research. I had been working for years on finding a solution for [securing] hotspot wireless, Byrd says. He found he could use existing 802.11 wireless standards and basically make a tiny tweak to the source code of the open-source wireless authentication server Hostapd -- and voila, he had the beginnings of a secure open WiFi network.
The researchers decided to pool their research to help further their work and encourage its implementation.
The bottom line is that Im frustrated with insecure wireless networks. I think this is the right solution. Were trying to figure out the best way to make this available to the largest number of people the fastest, IBMs Cross says.
But the realizing promise of open, secure WiFi wont happen overnight. The initial PoC covers only Linux-based systems, and widespread adoption would require support for Windows as well as Mac OS X. It has the same hurdle you have with any kind of widely deployed software. For mass effect, it means getting many computers updated [with the code], Byrd says.
The PoC is available for download
here
, and a copy of the researchers recent presentation is available
here
(PDF) for download.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security

▸ Fully committed to the future world of technology. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Baking Security Into Open WiFi Networks