[OpenWireless Tech] Some thougts

Wed Jul 27 16:31:33 PDT 2011

Off topic, it looks like I'm the first to send a non-test mail to this list.

On topic: I'll post some of my previous comments here.

What we're starting from is this post on EFF:
http://www.eff.org/deeplinks/2011/04/open-wireless-movement

FYI, Bruce Schneier (security expert) says he has his network open to help
others. Lets help him keep it open AND secure.
http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html
Also, he supports you here.
http://www.schneier.com/blog/archives/2011/04/security_risks_7.html

So... my previous comments that I sent in when EFF posted that article;

As EFF said, we have to use asymmetric encryption.
How to authenticate the networks and avoid MITM is a difficult one since
it's almost impossible to tell a stranger that is honest from one that is
not (more so when dealing with electronics instead of humans).

I have some suggestions. One is a central database (or several). Like
current wifi maps, with public keys added. Another is or WoT. A more simple
one to get right, IMHO/AFAIK, is this one:

Qr codes or RFID/ NFC tags! They would include the network name/SSID, public
key and MAC (unless we'll skip that because we have unique keys already).
Router owners would place them where they can't be altered easily (like
inside of windows). Then it would be easier to link the network to a
trustable entity.

Then, essentially, you'd just scan a code or swipe the phone against a tag
to establish a secure connection. (Open question: Can RFID signals be
"overridden" by stronger antennas?)
The next time you don't even have to do that.

Also, when a company own several routers they could have a master key that
all their router's keys are signed with (remember key revocation!). Then you
need only ONE scan per chain, not one per individual
Starbucks/McDonald's/[other] store.

At minimum every router should have a static keypair.
Clients could choose if they want to have one static keypair for every
network, random keys every time, or to have some static keys linked to
chosen networks (such as a dedicated keypair for your own home network to
authenticate to it).
(Static keys for clients could have some privacy risks if they would be
broadcasted before the client know that the router they are connecting to is
the real one, so I think that random keys should be used when connecting to
networks before the client authenticates itself. (Although people DO already
mostly use the preset MAC on their wifi cards.) The authentification model
of TCPcrypt happens to be similiar.)
---
That's what I've already sent to EFF previously, edited a bit.

Am I going in the right direction? Do you want to do something different? Is
this Bluetooth like WiFi Direct thing something that is relevant to us?
Should we go ahead and start adding protocols for notifying users about
bandwidth quotas and local services and stuff? Etc...

- Sent from my phone
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/tech/attachments/20110728/6a357405/attachment.html>