| |
|
This page contains all of the posts and discussion on MemeStreams referencing the following web page: Secure In-Band Wireless Pairing. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.
|
Secure In-Band Wireless Pairing
by noteworthy at 11:11 pm EDT, Sep 21, 2011 |
Shyamnath Gollakota, Nabeel Ahmed, Nickolai Zeldovich, and Dina Katabi: This paper presents the first wireless pairing protocol that works in-band, with no pre-shared keys, and protects against MITM attacks. The main innovation is a new key exchange message constructed in a manner that ensures an adversary can neither hide the fact that a message was transmitted, nor alter its payload without being detected. Thus, any attempt by an adversary to interfere with the key exchange translates into the pairing devices detecting either invalid pairing messages or an unacceptable increase in the number of such messages. We analytically prove that our design is secure against MITM attacks, and show that our protocol is practical by implementing a prototype using off-the-shelf 802.11 cards. An evaluation of our protocol on two busy wireless networks (MIT's campus network and a reproduction of the SIGCOMM 2010 network using traces) shows that it can effectively implement key exchange in a real-world environment.
Recently: Tom Cross, Manager IBM X-Force Threat Intelligence and Strategy, talks through the challenges of using open wifi and his proposal for secure open wireless networking.
Also: I sat down last night and recorded a 70 minute long presentation on Secure Open Wireless Access. You can download the recording as a 37 Meg Quicktime Movie here. Don't forget to download our code.
|
| |
RE: Secure In-Band Wireless Pairing
by Decius at 11:34 pm EDT, Sep 21, 2011 |
noteworthy wrote:
Shyamnath Gollakota, Nabeel Ahmed, Nickolai Zeldovich, and Dina Katabi: This paper presents the first wireless pairing protocol that works in-band, with no pre-shared keys, and protects against MITM attacks.
Sigh, I was trying to avoid directly juxtaposing these two. This is an example of the difference between an academic approach to a problem and a real world approach to a problem. The wireless pairing paper is an academic approach to the problem. It "protects against MITM attacks" for a constrained definition of "MITM attacks" which is not the same thing as the real world MITM problem on wifi networks. The paper assumes that the victim knows the MAC address of wireless access point he or she wants to connect to, and the only thing the attacker can do is interfere with that connection at the wireless link layer. In the real world, the attacker is not constrained in this way. The victim has no way to differentiate the attackers access point from the legitimate access point that they want to connect to if both access points have the same SSID. This protocol does not solve that problem. At no point does the paper acknowledge that the constrained, academic definition of "MITM attacks" that they are operating under is not the same thing as the real world problem, and of course, lots of people who read this paper do not understand the difference. The technology presented in this paper meets the requirements set out by the paper. Its an interesting approach. Perhaps there is some real world application for this technology. But it does not solve the problem of MITM attacks in real world wifi networking. |
|
|
|
