Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Well, if there's one piece of (somewhat) good news around this and https://www.krackattacks.com/, it's that TLS and VPNs will become even more common.

Where did WEP and WPA2 come from, anyway? What's the historical reason we aren't all using TLS to connect to our APs?



> What's the historical reason we aren't all using TLS to connect to our APs?

Because it’s insanely impractical for home use? Hey, here’s your new WiFi router. Just install this new root CA on all your devices, create a device cert for each machine and install that very as well, and don’t forget you need to re-do this every year...


Trust keys on first use. Like SSH.

https://www.tedunangst.com/flak/post/moving-to-https

"So how does one verify that the downloaded cert is the original? The same way the CAs do. Perform a DNS lookup, make a web request, trust the result. The addition of HPKP would indicate that people find the CA model untrustworthy, solving the problem with trust on first use key continuity. Why not cut out the middle man? Protesting the CAs is admittedly pretty futile, but if I can’t do it, who can?"


The router isn’t the issue here the clients are.


I'm thinking of a mechanism where the router obtains a trusted cert automatically, like Plex does (https://blog.filippo.io/how-plex-is-doing-https-for-all-its-...), and then asks users to authenticate by password over TLS before allowing access to network resources.


that only works because there's a central registar of plex users. im not sure how this can be done ad-hoc for APs. anyone can choose any ssid, so you'll need a global registar of ssids. The system will inevitably need to charge for registrations, otherwise bad actors would squat short and memorable ssids. a preshared key is much more feasible.


My guess is that for most people, provisioning a wireless network using a shared secret (or just a button press, ala the broken WPS) is easier than having to setup a CA and sign/distribute certificates. (Not defending WEP or WPA in anyway)


Ignoring the real concern about certificates, and if tls is appropriate for a packet oriented unreliable transport (maybe dtls, then?) consider what version of openssl (or an embedded tls stack) was available when your access point entered development; is that version considered secure today, does it support any ciphers that are considered good practices or even acceptable today?


The only reason TLS works is because of CAs. What could be the CAs for APs?


WPA2 Enterprise use a central RADIUS server for authentication, with separate credentials for each user, and a (separately-distributed) certificate for the server.

It's just not practical for consumer and small-business setups.


Somewhat true. Setting up a Freeradius is not hard. Problem is that you need another device that is running 24/7.


The RADIUS server can run on the router/AP without compromising practical security in most cases.


The bit that's less practical for consumer setup is more the cert distribution and setup of separate credentials for each user. (The RADIUS server could even be built into the router in a consumer product.)


That's not needed, trust on first connect.


and what do you do if the certificate mismatches? 99% chance the average person will click through the warning because they want internet now.


Correct. You can't solve every problem with technology.


Because WEP and WPA were designed to provide (just) encryption but to provide access control.

The problem with TLS is that it’s client authentication kinda sucks and isn’t easy to manage.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: