10

When I talk on the phone or send text messages, I never need to type a userid and password.

But when I use WiFi I need to use a password.

How is the phone connection secured without a password, and why is that method not used for WiFi?

Rory Alsop
  • 61,367
  • 12
  • 115
  • 320

3 Answers3

16

WLAN/WiFi can be secure when properly configured (this certainly requires a password or key).

Cellphone connections are not really secure. They are encrypted based on a key from your SIM card. This key is also known to your mobile network operator. You do not need a password, but your communication can be intercepted and eavesdropped on by your mobile network operator and law enforcement. The A5/1 encryption used for GSM is actually completely broken.

The reason why this is not done for WiFi is because you do not want an extra SIM card and you do not want your ISP to specify your password/key for WPA2.

You always need a key, password or certificate to authenticate and key/password to encrypt your communication. This information can be stored in various places, like your SIM card or your brain.

Additional information due to comments:

There are several reasons why using SIM cards for authentication to all WiFis in general would not work.

  1. The WiFi access point would need to support EAP-TLS, EAP-AKA/SIM or similar which allows authentication with a SIM. Your device (e.g. smartphone) needs to support this authentication as well as the access point.

  2. The WiFi access point would need to contact the mobile carrier and check whether the connection should be allowed or not. This has two problems a) ISPs are not necessary the mobile carrier, b) how do you limit who has access to a WiFi. Not everyone with a SIM card should be able to access a WiFi unless authorized to do so. This means either WiFi operators hand out SIM cards for their WiFi and you end up with lots of SIM cards or they need to tell their ISP who tells all mobile carrier which SIM cards are allowed. It would need to be done manually, because you cannot foresee who might want to access your WiFi in the future. This would mean major costs in infrastructure and staff, not to mention time for connection setup.
    The other way to manage it, is to setup a RADIUS-server (see comment of billc.cn). This also requires manual registration of allowed SIM cards and a SIM card reader. You would be able to manage access locally (which is good for security), but it is not the universal access you have asked for in the comments.

  3. You would loose control over the security of your WiFi if the authentication is done by your mobile carrier or ISP. They can control who can access your WiFi and are even able to see lots of meta-data. They would know which person accesses which WiFi and also when.

    Even if I have barely scratched on the surface of problems, you see why this is not easily done. You would need new hardware for your WiFi access point, likely your device that you want to connect and the ISPs and mobile carriers would need to adjust their infrastructure too. This makes it entirely infeasible.

Today it would be possible to use a SIM and manage access locally for a WiFi, but this means the SIM is just a substitute for authentication by password and the setup isn't simplified.

Your idea would work for access points operated by your mobile carrier, but as we already have mobile internet through LTE and similar technology (which is not the same as WiFi!), it will not take a central role . Especially since the mobile carrier can charge money for mobile internet usage, which is obviously in their interest. If you have a subscription to special services, some mobile carriers and ISPs offer access to hotspots, that can be accessed through EAP-SIM (thanks billc.cn).

Community
  • 1
John
  • 997
  • 5
  • 14
  • Comments are not for extended discussion; this conversation has been [moved to chat](http://chat.stackexchange.com/rooms/36086/discussion-on-question-by-no-comprende-why-is-my-phone-connection-secure-without). – Rory Alsop Feb 22 '16 at 19:18
7

WiFi can be easily sniffed with cheap hardware + software and only properly encrypted WiFi helps against this.

But phone calls are not much better:

  • For the traditional old phone system (POTS) you need physical access to the line but once you have this (often available somewhere in the basement) sniffing is very easy too.
  • Old style analog wireless phones (i.e. wireless extension of the phone at home) can be easily sniffed with cheap equipment while the more modern DECT standard has encryption built in but this can be downgraded by rogue base stations.
  • Mobile phone communication (GSM) is encrypted by default, although not necessarily with strong encryption. For proper encryption and authentication each phone contains a smart card (SIM). But since there is no proper authentication of the base station, calls can be tracked or even hijacked with a rogue base station. This technique is used by law enforcement (Stingray). The needed equipment got cheaper with the years so what once was for government use only can now be done cheaply by criminals too.
  • Apart from that, government agencies can listen to all the landline and mobile calls when needed, because the phone switches contain a government mandated tapping interface for this purpose. And while this tapping often needs court approval (depending on where you live), there can be no technical enforcement of this and it can happen that somebody taps the call without approval.

As for messaging, it depends:

  • The old SMS is not protected in any way and can be intercepted the same way as phone calls.
  • Many of the current internet based messaging solutions (WhatsApp, iMessage...) have builtin encryption. These provide a similar builtin security as HTTPS connections. But this was not always the case and was actually mostly accelerated because of the Snowden affair. For instance WhatsApp added encryption only at the end of 2014. And you still need to have some initial authorization, i.e. username and password, or it is somehow bound to the phone (like depending on the security of a not really secure SMS).

Apart from that you would not even need a secure transport layer (i.e. encrypted WiFi) if your communication is already properly end-to-end encrypted. This includes HTTPS connections, PGP or S/MIME encrypted mails, various messaging solutions or virtual private networks (VPN). So if you use only these (very unlikely) then you could actually mostly ignore WiFi security (meta data could still be sniffed, but no content).

Pabru
  • 119
  • 3
Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
  • If Phone and Text is not secure, why hasn't there been an uproar about it by now? From what I can tell, the iPhone is pretty secure if the FBI can't get in to it. Should I buy one of those? –  Feb 20 '16 at 22:41
  • 1
    @nocomprende: You are mixing app phone communication (i.e. talking) with the phone device (storing information on it). An iPhone does not protect your phone communication any more than other mobile phones and the FBI has no problem with listening to phone calls but with accessing the information stored on the device. And as for the uproar: I don't know what you read or what you expect as "uproar" but most of these issues are widely known but most users don't expect that somebody will listen to their talks same as they don't expect that they will open their snail mail. And thus they don't care. – Steffen Ullrich Feb 21 '16 at 07:17
  • Assuming that most users' expectations have something to do with reality, **why is it unlikely that phone calls will be listened to and snail mail opened but** the idea of computer interaction being intercepted seems much more likely? *Is it more likely or not?* Is it simply easier? What if computers could intercept and understand our voice calls also? Would we have a problem then? I am not worried about the FBI or telecom operators: I am worried about criminals. If I have to protect myself from the people holding civilization together, then I have a much bigger problem. Get it straight. –  Feb 22 '16 at 12:24
  • @nocomprende: it is easier to attack you while you are using a public hotspot than to tap your phone. And it is usually more useful to take over some banking account or similar than to just listen to a phone call. Thus the risk of getting attack this way is higher which does not mean that the risk of intercepting the phone call does not exist. – Steffen Ullrich Feb 22 '16 at 13:35
0

WiFi Security

WiFi networks can be secured using proper algorithm and secure password. For that I point you to these tips.
In short:

  • Use WPA-2
  • Disable WPS
  • Use Complex Password
  • Change password of administration panel of your modem/access point

GSM Security

GSM uses encryption to make its data transmission secure, be it SMS or a Phone Call but this is nowhere near perfect. There are some flaws (see cryptanalysis part) in the encryption algorithm used and MITM using a rogue BTS antenna is also possible.

The way authentication happens in GSM without entering a password is as follows:

There's an IMSI Number along with a Key stored in your sim card, written by your MNO or sometimes called the carrier.
Your sim card has the IMSI and the key, the carrier also has this information, now your sim card can simply be authenticated and network access along with encryption and identity verification happens.

Passwordless Authentication

In the WiFi Scenario there's no single Carrier that gives you wireless service and there's no sim card with a key and id that's also known to the wireless service provider so the same scheme can't be implemented there.

Using your sim card, you can only access the network provided by your carrier, and not others (Let's forget about roaming to keep it simple). In the WiFi scenario, I have my own wifi which only works with my devices and not with my neighbors, I also have my tablets(W/O Simcards) and my laptop and also my PS4 and lots of other devices, Wifi Connectivity is one of the 1000 features these devices provide. Your suggested scheme requires a specific module being added to all these devices, and then I will have to go ahead and register these devices in my network somehow, this doesn't extend well. Wifi devices are made to be able to easily join different WiFi networks whereas GSM devices (Sim cards) are designed to join a single network and stick with that.

Silverfox
  • 3,369
  • 2
  • 19
  • 39
  • Maybe we could create a single Authenticator and put a key in the computer? Secure is secure. Who signed us up for all this hassle and confusion with WiFi? –  Feb 20 '16 at 16:35
  • My phone works with all carriers, as far as I know. A call has never been refused. –  Feb 20 '16 at 16:41
  • @nocomprende Your phone enters roaming when using another carriers network, and this can be done because your carrier was willing to cooperate with the other carrier. – Silverfox Feb 20 '16 at 16:43
  • 2
    How are Phone Calls and Text Messages Secure? GSM encryption uses old and (purposely) weak encryption that can be cracked for USD 30 nowadays. See also: [Are phone calls on a GSM network encrypted?](http://security.stackexchange.com/questions/35376/are-phone-calls-on-a-gsm-network-encrypted). Yeah, it's better than "clear in the aether" [AMPS](https://en.wikipedia.org/wiki/Advanced_Mobile_Phone_System) of 80s/90s, but still.. – David Tonhofer Feb 20 '16 at 16:48
  • @DavidTonhofer First of all the context is authentication and in that sense GSM networks are doing well. So KASUMI/GSM weaknesses is not the main topic here. Also edited my answer to reflect this. – Silverfox Feb 20 '16 at 17:04
  • @nocomprende If you want a single authenticator for wifi with a key stored in your computer, sign up for a VPN service and make sure to always use it when you connect to a wifi network. That will basically give you what you're asking for. – Mike Scott Feb 20 '16 at 17:15
  • @MikeScott so then I could just use the WiFi without typing in anything? Sounds like the solution that we need. If I still have to type something in, then it does not address my question. –  Feb 20 '16 at 22:37
  • I have several phones at my home (each person has one) and I didn't have to do anything. They can all connect to each other, and they are all reasonably secure, or I would have heard about it by now. I don't need to run a network, I just need secure connections. I don't really care how it is done or who does it. –  Feb 20 '16 at 22:40
  • 3
    @nocomprende "They are all reasonably secure, or I would have heard about it by now." That is a marvelously wrong assumption. You should really do some research into security history if you think there's any validity to that idea. – Chris Hayes Feb 20 '16 at 22:49
  • @ChrisHayes so, why is no one complaining? There is no site here dedicated to securing phone conversations. Why the lack of outrage? If we get upset about one thing but not a similar case in another area (one with a longer history and much wider usage) what's up with that? –  Feb 20 '16 at 22:51
  • @nocomprende Like every other field ever created, security is subject to economics. Sometimes, good enough is good enough. The average person doesn't worry about their phone system because they have no reason to believe they're a target, and phone companies don't worry about overhauling security because it would be hugely expensive. The NSA debacle in the US is starting to show people they *do* have something to worry about. I'm not sure how the fact that Stack Exchange doesn't have a dedicated "phone security" site is leading you to these conclusions. – Chris Hayes Feb 20 '16 at 22:58
  • @ChrisHayes should the average person worry about computer security then if they don't think they would be a target? Who are all the people here that they think it is an issue? If someone breaks in to my bank's security *I* have a problem even if my devices are secure. But nobody has recorded all of my phone conversations. (Right?) And computers cannot - yet - decode everything I say listening for personal information and emptying my bank account 2 seconds later. When they can, maybe people will worry about it. –  Feb 20 '16 at 23:03
  • 1
    @nocomprende the average person isn't complaining because the average person understands little or nothing about encryption and still doesn't understand why "Pa$$w0rd" is a terrible password. – Rob Moir Feb 21 '16 at 14:17