sowa-hackfest2011-111109210300-phpapp02

8/3/2019 sowa-hackfest2011-111109210300-phpapp02

1/19

Wi-Fi: Open orSecureMaking the best out of both...

Presented by Franois ProulxAt the HackFest 2011

Wednesday, 9 November, 11


2/19

Who am I ?

Franois Proulx Jack of all trade, master of none RFCs junkie

Specialized in mobile development (iOS)

Been into Wi-Fi (in)security for a while Founding member ofle Sans Fil

Started the WiFiDog captive portal

Studied 802.11 specs in more depth while working on

a Wi-Fi based location system - iFIND @ MITWednesday, 9 November, 11


3/19

The take-away message for this talk

We need to fix the insecurity of Wi-Fi hotspot We already have all the building blocks we need

Theres a simple and elegant solution andit is entirely software based

Its called Secure Open Wireless Access

We, as security pundits, need to advocate so that theindustry makes the necessary changes



4/19

But lets rewind for a moment

A brief recap of the state of 802.11 1999 - IEEE 802.11b (the one we know and love)

Open System Authentication

Shared Key Authentication (i.e. WEP) 2001 - 2005

WEP proved utterly insecure (WEP cracking as a sport)

In the meantime... Starbucks sells outrageously expensive latts+ Wi-Fi to poser kids surfing the Interwebson theirshiny MacBook Pro



5/19

The state of 802.11 continued...

At home We tell everybody to secure their home router by

using WPA2 with an unguessable passphrase

In public Wi-Fi hotspots

It is still the far west (MITM, Firesheep, SSLStrip, etc.) The majority of hotspots are Open Wi-Fi APs Weknow the dangers, so we behave accordingly

Use SSL for all sensitive traffic Or VPN out to a safer place

Meanwhile, the latt-sipping poser kids have lots offun browsing the Interwebs... at our expense ;-)



6/19

What can we do about it?

We want robust and yet usable security WPA2 + scan-click-and-connectusability

We have very strong building blocks available

802.11i brought us 802.1X over wireless (EAPoW) Most of us dont use 802.1X at home

On the enterprise side, though... EAP is a way for deploying secure and robust setups

Many EAP authentication methods exist (> 40)

LEAP, EAP-TLS, EAP-TTLS, EAP-SIM, EAP-AKA...Wednesday, 9 November, 11


7/19

How can we leverage EAPfor the good of public Wi-Fi hotspots?

Enter Secure Open Wireless Access (SOWA) A simple technique relying on WPA2 with EAP-TLS

Typically, EAP-TLS requires server and client side certs.

Efficiently distributing certificates to clientscan be a pain in the b*tt Good! Thats the part we throw aside for SOWA

Works just like the good old Web (HTTPS) You type in an address (ex. https://www.paypal.com),

establish an SSL connection (one-way auth.)

With SOWA you pick the SSID and do anon. EAP-TLS

https://www.paypal.com/https://www.paypal.com/


8/19

Briefrecapo

fEAP-

TLS

http://commons.wikimedia.org/wiki/File:EAP-TLS_handshake.png

http://commons.wikimedia.org/wiki/File:EAP-TLS_handshake.pnghttp://commons.wikimedia.org/wiki/File:EAP-TLS_handshake.png


9/19

Briefrecapo

fEAP-

TLS




10/19

Briefrecapo

fEAP-

TLS




11/19

Wait! Is that compliant with the spec?

Actually, yes it is!

RFC5216 (latest version of EAP-TLS) defines thecertificate_requestmessage as optional The auth. server (RADIUS) can skip that message

(most implementations already behave correctly)

The idea was that APs could be used anonymouslyfor emergency services

http://tools.ietf.org/html/rfc5216http://tools.ietf.org/html/draft-ietf-ecrit-unauthenticated-access-03

http://tools.ietf.org/html/rfc5216http://tools.ietf.org/html/draft-ietf-ecrit-unauthenticated-access-03http://tools.ietf.org/html/draft-ietf-ecrit-unauthenticated-access-03http://tools.ietf.org/html/rfc5216http://tools.ietf.org/html/rfc5216


12/19

What do we need to deploy it?

Note the secure.expensivecafe.com stringin both the SSID and the certifcate common name (CN)

They need to match to provide authentication

Protecting the user against rogue access pointsWednesday, 9 November, 11


13/19

But... its not that easy

1. Operating Systems patches

Network selection GUI (to allow connection without a client cert.)

Supplicant (so that is matches the SSID with the CN in the X.509 cert)2. RADIUS server patches (FreeRadius patches exist)

Allowing anonymous EAP-TLS

3. APs should use the RSN caps field (802.11 beacon)to differentiate from other EAP-TLS SSID(NOT mandatory for SOWA to work, but helps usability)



14/19

But... its not that easy

1. Operating Systems patches

Network selection GUI (to allow connection without a client cert.)

Supplicant (so that is matches the SSID with the CN in the X.509 cert)2. RADIUS server patches (FreeRadius patches exist)

Allowing anonymous EAP-TLS

3. APs should use the RSN caps field (802.11 beacon)to differentiate from other EAP-TLS SSID(NOT mandatory for SOWA to work, but helps usability)



15/19

Food for thought...

What kind of iconography should we use to differentiate Open Secure and Authenticated Secure Open



16/19

Food for thought...

What kind of iconography should we use to differentiate Open Secure and Authenticated Secure Open



17/19

Please, help us spread the word

Thanks to Chris Byrd and IBM X-Force for inventing thetechnique and presenting it at BlackHat 2011http://blogs.iss.net/archive/SownCode.html

Theres still a long way to go before SOWA can be used

by actual users, but play with it and spread the word

http://blogs.iss.net/archive/SownCode.htmlhttp://blogs.iss.net/archive/SownCode.htmlhttp://blogs.iss.net/archive/SownCode.html


18/19

Q&A+

DemoWednesday, 9 November, 11


19/19

Q&A+

Demo

sowa-hackfest2011-111109210300-phpapp02

Documents

Transcript of sowa-hackfest2011-111109210300-phpapp02