Secure Open Wireless code now available!
Posted by Tom Cross on August 04, 2011 at 4:38 PM EDT.
We're excited to announce availability of our full research paper, presentation, and open source proof of concept implementation of Secure Open Wireless Access, which we are demoing in the arsenal at Blackhat this afternoon.
Secure Open Wireless addresses fundamental security problems with open wireless networks by allowing users to establish secure, encrypted connections to wireless networks run by operators who they know and trust, without having a previously established access credential. Users can positively identify the network operator because the SSID of the network is tied to the digital certificate used to encrypt their connection. This eliminates the risk posed by passive sniffers and significantly reduces the risk of rogue access points.
If you know your way around a linux machine you can start using secure open wireless access today. Our proof of concept implementation involves changes to FreeRadius and wpa_supplicant. You can deploy Secure Open Wireless using a standard, off the shelf access point connecting to our modified FreeRadius for EAP/TLS authentication.
You can obtain an inexpensive (sub $30 or free) SSL server certificate for a domain you control from one of several public certificate authorities that are trusted by default in the OpenSSL certificate store in linux distributions. FreeRadius would need to be configured to use that certificate for EAP/TLS. The domain name used in the certificate needs to contain the text "sown." - for example: "sown.example.com" - and your SSID needs to be set to that domain name as well.
On Linux clients you'll need to run our modified wpa_supplicant. We have also included a configuration file for wicd so that you can choose Secure Open Wireless as an encryption option for connecting to the network.
Once you've got everything setup properly, clients can connect securely to your wireless network without having an access credential. If anyone tried to trick you by running a secure network with the same SSID, connections to that network made with our modified wpa_supplicant would fail, as the attacker could (hopefully) not obtain a valid certificate associated with your domain name.
Its possible to coax MacOSX and Windows clients to connect to these networks as well, but of course these clients do not currently perform SSID checks, so they don't benefit from the protection against rogue access points that is offered by this scheme. These clients may insist on being configured with usernames, passwords, or client certificates before connecting to the network, but of course the network will not bother checking these credentials so it doesn't matter what they are.
On networks that are largely used by linux clients we think this offers real security benefits that you can take advantage of today. Of course, we've released this code under the GPLv2.
I'd like to thank my codemoers at Blackhat: Takehiro Takahashi and Christopher Byrd. Without their help all of this would not have been possible.
Takehiro is a former X-Force Researcher who worked on Secure Open Wireless with me while he was at X-Force.
Christopher independently invented the same solution for protecting wireless networks and has been working on his own to promote the concept. We're glad he decided to join forces with us at Blackhat.