'Evil Twin' Threat to Wireless Security

BarryNorton writes "The BBC are currently reporting on research from Cranfield University on the ability of unscrupulous third parties to spoof wireless networking clients into believing they are connected to a 'valid base station' and compromising their passwords for Internet banking etc. Of course the rest of the connection through the Internet, even from a trusted router, is insecure in any case and such sites should be using end-to-end security like SSL. Is there, therefore, anything (other than the cute name 'evil twin') to this story?"

Be careful

[drivinghighway61]

So, in other words, be careful when you connect to an unfamiliar access point? Shouldn't people already be doing this? This is about the same parallel as "Don't take candy from strangers."

Re:Yes

[squiggleslash]

Regular HTTPS (the usual SSL) includes a system of signed keys as part of the passing on of session keys that apply to specific host names. The signatures for those keys are signed by a small number of authorities whose credentials are usually built into the browser you're using - IE, Firefox/Mozilla, Opera, et al, come with these authority keys pre-loaded.

I don't know the exact technical details but I believe the process goes something like this:

Client: I want to make an HTTPS connection to your server www.bankofslashdot.org. Get the ball rolling by sending me your public key.
Server: Here it is. [String of several hundred binary digits follow]
Client: (Examines key) Ok, it's signed by Verisign, and it applies to www.bankofslashdot.org, the site I'm trying to connect to. Sounds good to me. Can you give me a session key I can use to encrypt information I send you?
Server: Here's the session key you're going to use, signed by my private key, which you can verify using the public key I just gave you
Client: (Encrypted) looks good, here's the session key you can use to send me information.

....

(In general RSA encryption is used. RSA is dual purpose, it can be used to sign information and to encrypt it. RSA keys have a public element and a private element. The public element can be used to encrypt information and verify signatures, but cannot be used to derive the private key. How does it work? Products of two very big prime numbers, don't ask me more than that 'cos I seriously don't know.)

A "man in the middle" would have a little bit of difficulty, as there's no way they could sign the session key they send to the client because that session key can only be signed if you have access to the private key, which they don't have.

If the key is invalid, or there isn't one signed by an authority to begin with (they're not compulsory), then browsers usually warn users.

The best I can think of is that you try to redirect a user to the wrong site. For example, the "Log in" button on http://www.bankofslashdot.org could redirect to https://www.blankofslashdot.org, though doing so would potentially expose the attacker as you have to prove you're real and you're the owner of the domain to most authorities to get a certificate for your key.

Anyone spotting obvious errors or wanting to fill in gaps in my explanation is most welcome to do so.