Is there any encryption of the wifi password during chromecast setup?

2

In order to setup my Chromecast I have to connect the device where the configuration application runs (e.g. my laptop or my android tablet) to the Chromecast's WiFi network. This network doesn't have any security, thus anybody has access to it (even without running the configuration application).

When entering the password of my secure WiFi the Chromecast should connect to, is this password sent completely unencrypted to Chromecast or is there some kind of encryption, e.g. SSL? I ask this question because I am afraid someone could sniff the password of my secured WiFi during Chromecast setup.

dan

Posted 2014-03-27T06:52:19.857

Reputation: 123

Answers

1

I downloaded the chromecast app on my mac to check this during the initial setup.

It does indeed communicate over unencrypted http port 8008, but it is not that bad. It looks like the encryption is used using a private/public key solution.

Here are parts of the traffic dump (some long strings are truncated):

POST /setup/connect_wifi HTTP/1.1
Host: 192.168.255.249:8008
Content-Type: application/json
Origin: https://www.google.com

{"enc_passwd":"GriLcctBGaDNe7Udohz1x7avTtn2B\...J0QsqpUuUQCKf1xTw2bbZgSOlnzmo\/SgUXkXq0cLqJ4fg7efDQcZQyA7MDqUsbt6LvXJt3htX8sZY0EVV1OPMm3GNgw==","wpa_auth":7,"wpa_cipher":4,"ssid":"mySSID","wpa_id":0,"scan_ssid":0}

GET /setup/eureka_info?options=detail HTTP/1.1
Host: 192.168.255.249:8008
Origin: https://www.google.com

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Cache-Control: no-cache
Access-Control-Allow-Origin: https://www.google.com
Content-Type: application/json
Content-Length: 1224

{"build_version":"15098","connected":false,"detail":{"icon_list":[{"depth":32,"height":55,"mimetype":"image/png","url":"http://192.168.255.249:8008/setup/icon.png","width":98}],"locale":{"display_string":"English (United States)"},"manufacturer":"Google Inc.","model_name":"Eureka Dongle"},"has_update":false,"hdmi_control":true,"hotspot_bssid":"FA:8F:CA:xx:xx:xx","locale":"en-US","location":{"country_code":"NO","latitude":255.0,"longitude":255.0},"mac_address":"6C:AD:F8:xx:xx:xx","name":"Chromecast0000","noise_level":-90,"opt_in":{"crash":true,"device_id":false,"stats":true},"public_key":"MIIBCgKCAQEAuSE...7FP4C55KZcukmaVf6H/jiEYBHdAg53HnpmqSw0hRoY6GcF9uvGBVau...IDAQAB","release_track":"stable-channel","setup_state":20,"signal_level":-52,"ssdp_udn":"97d55d2...","ssid":"mySSID","uma_client_id":"AA97794C-...","uptime":1893.45,"version":4,"wpa_configured":false,"wpa_id":0,"wpa_state":4}

GET /setup/eureka_info?options=detail HTTP/1.1
Host: 192.168.255.249:8008
Origin: https://www.google.com

...

xeor

Posted 2014-03-27T06:52:19.857

Reputation: 336

Any info about the encryption method? – Mickael Marrache – 2018-04-23T20:26:26.613

I answered this 4 years ago, many chromecasts since then :) Google know what they are doing, and I havent seen any bad news about insecurity in this since. I would imaging it is safe to use, and they have done the implementation right. – xeor – 2018-04-23T20:36:43.293

I'm looking for a way to generate a /setup/connect_wifi request myself but I can't find any information about the encryption method. I only know the public key is an RSA 2048 bit key... – Mickael Marrache – 2018-04-23T20:38:52.713

There are probably a "secret" you will have a very hard time getting inside the chromecast as well. So I don't think "generating a connect_wifi request" is the way to go. Submit a new question, explaining the problem in details and what you got. Maybe there are some clever solutions, or a completely different way of solving it.. – xeor – 2018-04-24T05:29:09.810

0

You can check this yourself fairly quickly! Get Wireshark, start traffic capture and see what data is being sent between you and Chromecast. Really this should be 5 min job.

Chris

Posted 2014-03-27T06:52:19.857

Reputation: 1 766

Asked: 2014-03-27T06:52:19.857

Viewed: 1 680 times

Active: 2014-04-26T14:39:29.097