Naslov
How secure is eduroam?

Autori
Rudeš, Hrvoje ; Perković, Toni

Vrsta, podvrsta i kategorija rada
Sažeci sa skupova, pp prezentacija, stručni

Skup
FSec 2017

Mjesto i datum
Varaždin, Hrvatska, 07.09.2017. - 08.09.2017

Vrsta sudjelovanja
Predavanje

Vrsta recenzije
Međunarodna recenzija

Ključne riječi
eduroam, WiFi security, privacy

Sažetak
In this talk we give a detailed desription of security flaws when using the SSL/TLS security protocol in wireless access networks, with special emphasis on the SSL/TLS problem in WPA2 Entrprise networks. Specifically, in the WPA2 Enterprise Network, such as the exmaple of eduroam network, users fail to configure network settings in a client application, where esentially the client does not verify the SSL/TLS certificate. As a result, the attacker with the fake access point can easily reveal user's credentials. Within this talk, tests have been made to confirm the configuration configuration of client applications when connecting to eduroam WiFi network. Namely, out of a total of 800 users, as many 400 have not correctly configured a client application, which as a result can have far greater implications than just stealing a username and password when attempting to join eduroam.

Izvorni jezik
Engleski

Znanstvena područja
Elektrotehnika, Računarstvo, Informacijske i komunikacijske znanosti

POVEZANOST RADA