[OpenWireless Tech] Open Wireless encryption

Björn Smedman bs at anyfi.net
Mon Aug 12 12:10:11 PDT 2013 

Sorry I'm so late to this discussion, but it is a very interesting one
and "better late than never" I hope. :)

On Jan 4, 2013 06:20 AM, "Andy Green (林安廸)" <andy at warmcat.com> wrote:
> On 04/01/13 19:39, the mail apparently from dfine at sonic.net included:
>> Let's acknowledge that clients always need to trust the AP unless there
>> is a third party trust anchor. Because any attacker can act as an AP,

> Right.

> > trusting the AP is not a good approach. Examples of trust anchors would
> > be a VPN beyond the AP or an SSL Certificate Authority for services the
> > client uses.

Another way to move the trust anchor out of the AP is to just not
terminate the IEEE 802.11 protocol there, instead forwarding the raw
encrypted 802.11 frames over IP across the WAN to a trusted location.
The 802.11 security will then protect the connection end-to-end - sort
of like a VPN but with all the advantages of link level security.

A carefully designed system based on this principle takes the AP clean
out of the security equation; since the AP doesn't have access to the
encryption keys or authentication credentials (which are not needed to
simply forward raw 802.11 frames over IP) there is no way even for the
AP operator to access the clear text data.

> Unless you need anonymous verification, there are credible advantages to
> to doing your own personal CA en masse, ie, in your home router and
> nothing else has any idea of your keys.

Exactly, and the above approach lends itself beautifully to that
architecture: Every user runs a "special purpose IEEE 802.11 stack" in
their home router, designed to process 802.11 frames coming in over IP
and authenticate them with their choice of standard Wi-Fi security
mechanism. The 4-way key derivation handshake runs all the way from
the mobile device to the user's home router, so mutual authentication
is ensured (because nobody other than the user has access to
authentication credentials) and encryption keys are derived only in
the home router and in the mobile device.

This "WPA over the wire" approach is a technically ambitious. But
we've already gone through the trouble of implementing it (see
http://anyfi.net) and would love to share with the community. Also the
modern Linux Wi-Fi stack (mac80211) lends itself quite nicely to it;
you can do it from user space with existing interfaces.

Björn

More information about the Tech mailing list