WifiHax - Making Networks Excellent
  • Blog
  • Contact

Talking in the open (Wi-fi Privacy)

16/10/2018

Comments

 
WPA3 is coming fast and I'm excited to see how quickly client devices adopt the benefits of the incorporated security concepts. Using SAE instead of PSK is a fascinating change. Perfect forward secrecy is exciting, especially in when offline attacks of PSK protected data became easier using hashcat. (See https://hashcat.net/forum/thread-7717.html August 4, 2018). There are now a lot of new things to learn about.

Obviously the two key important factors with WPA3 (as they are in WPA2) are the authentication of users trying to access the network and privacy of data using encryption. We use these features to protect the system and the information between sent across it because Wi-Fi operates in the air and physical security is pretty much always an impossible factor. Along side the announcement of the upcoming availability of WPA3 was news of another capability called Opportunist Wireless Encryption (OWE). This brings a capability that allows for privacy over open wireless networks. To date all traffic transmitted to or from an open SSID is sniffable and does not require decryption. A MacBook running Wireshark is all you need to to catch the human readable wireless frames.

OWE is described in RFC 8110 which was written by Dan Harkins (Aruba) and Warren Kumari (Google).

I kept hearing about the Diffie-Hellman exchange and understood that it was the function that allowed two things (a wireless client and Access Point in this case) to communicate just enough information between each other to derive a complex key. It happens in such a way that if any other party was to intercept the communication they could not derive the key. This is cool. Diffie-Hellman is used in a lot of technology we take advantage of day to day. We take advantage of the Diffie-Hellman exchange without even realising how important it is to cryptography and privacy of our data.
Written by Matt Sutherland
Comments

    WifiHax

    We build and optimise networks. Continuous learning is our secret to being good. Along the learning journey we will share things here...

    Archives

    May 2021
    June 2020
    December 2019
    September 2019
    August 2019
    July 2019
    April 2019
    November 2018
    October 2018
    September 2018
    January 2018
    October 2017
    September 2017
    August 2017
    June 2017
    April 2017
    February 2017
    November 2016
    September 2016
    August 2016
    May 2016
    March 2016
    January 2016
    November 2015
    October 2015

    Categories

    All
    802.1X
    ACMA
    AirDrop
    API
    Apple
    ARPANSA
    Aruba
    Audit
    Bluetooth
    Capture
    CECV
    ClearPass
    Client
    Conference
    Design
    DNS
    Ekahau
    Exploit
    Frequency
    Health
    IEEE
    Internet
    IoT
    LiFi
    Packets
    Python
    Scripting
    Security
    Spectrum
    Survey
    Switch
    Tools
    Troubleshoot
    VIC
    Vulnerability
    WiFi
    Wireshark
    Zero Day

    RSS Feed

 
​Contact



© COPYRIGHT 2019. ALL RIGHTS RESERVED.

+61 3 9005 2219
proberequest@wifihax.com
  • Blog
  • Contact