How secure is eduroam? (CROSBI ID 651478)
Prilog sa skupa u zborniku | sažetak izlaganja sa skupa | međunarodna recenzija
Podaci o odgovornosti
Rudeš, Hrvoje ; Perković, Toni
engleski
How secure is eduroam?
In this talk we give a detailed desription of security flaws when using the SSL/TLS security protocol in wireless access networks, with special emphasis on the SSL/TLS problem in WPA2 Entrprise networks. Specifically, in the WPA2 Enterprise Network, such as the exmaple of eduroam network, users fail to configure network settings in a client application, where esentially the client does not verify the SSL/TLS certificate. As a result, the attacker with the fake access point can easily reveal user's credentials. Within this talk, tests have been made to confirm the configuration configuration of client applications when connecting to eduroam WiFi network. Namely, out of a total of 800 users, as many 400 have not correctly configured a client application, which as a result can have far greater implications than just stealing a username and password when attempting to join eduroam.
eduroam, WiFi security, privacy
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
Podaci o prilogu
2017.
nije evidentirano
Podaci o matičnoj publikaciji
Podaci o skupu
FSec 2017
predavanje
07.09.2017-08.09.2017
Varaždin, Hrvatska