Title :
Authenticating Public Wireless Networks with Physical Evidence
Author :
Kindberg, Tim ; Mitchell, James ; Grimmett, Jim ; Bevan, Chris ; O´Neill, Eamonn
Author_Institution :
Hewlett-Packard Labs., Bristol, UK
Abstract :
Users of public Wi-Fi networks risk being tricked into connecting to `evil twin´ access points set up by attackers to launch man-in-the-middle attacks. We present a system which employs post hoc validation of an anonymous Diffie-Hellman key exchange undertaken as part of an 802.1X/EAP-TTLS network association process. Our system utilises an additional secure auxilliary channel to run a modified version of the interlock protocol based on physical evidence in the network location. By using keying information generated during the network joining process, we allow spontaneous network users to detect man-in-the-middle attacks as well as avoiding the need for pre-shared keys. We report on implementations of our system which utilise physical evidence of authenticity in the alternative forms of public displays and 2D barcodes embedded in the environment and read by mobile phones.
Keywords :
cryptographic protocols; mobile radio; telecommunication security; wireless LAN; wireless channels; 802.1X network association process; EAP-TTLS network association process; anonymous Diffie-Hellman key exchange; evil twin access points; interlock protocol; man-in-the-middle attack; mobile phone; network location; post hoc validation; public Wi-Fi network; public wireless network authenticity; secure auxilliary channel; Authentication; Communication system security; Cryptography; Joining processes; Mobile computing; Portals; Protection; Uniform resource locators; Wireless LAN; Wireless networks; Wireless LAN; authentication; security;
Conference_Titel :
Wireless and Mobile Computing, Networking and Communications, 2009. WIMOB 2009. IEEE International Conference on
Conference_Location :
Marrakech
Print_ISBN :
978-0-7695-3841-9
DOI :
10.1109/WiMob.2009.73
