LAS VEGAS–Researchers from IBM’s ISS X-Force plan to unveil a new system for running an open wireless network in a secure mode at the Black Hat conference here this week. The system mimics the way that Web sites browsers use digital certificates to establish a trusted connection with one another.
X-Force researchers have been working on the system for a while now and the company plans to demonstrate the technology on Thursday during the conference. One of the main problems with public wireless networks is that they’re susceptible to a number of simple attacks, including passive sniffing and man-in-the-middle. The X-Force system is designed to get around these problems by using a digital certificate to assure users that they are communicating with the wireless hotspot that they think they are.
“In our proposal, wireless networks would establish encrypted
connections with their clients by presenting a digital certificate
demonstrating that the operator of the access point is the legitimate
user of the SSID associated with that access point. You could even use
domain names as SSIDs and use off the shelf SSL certificates,” Tom Cross and Takehiro Takahashi of the X-Force wrote in a blog post in October.
“For example, IBM could set up an open wireless network with the SSID ‘ibm.com.’ When you connect, our access point would send down a digital
certificate for ‘ibm.com,’ and your wireless client would establish an
encrypted connection with us, knowing that because the name in the
certificate is the same as the SSID, the network you are connecting to
must be run by IBM.
The result would be that when you open up your wireless client you
could establish secure, encrypted connections to networks operated by
people (or companies) that you trust, knowing that those networks are
really operated by the people (or companies) that they claim they are
operated by without needing to have a password.”
Cross said in a separate post Monday that the company plans to demo the secure wireless system at Black Hat Thursday as part of the conference’s Arsenal tools demo presentations.
“It completely eliminates the risk of passive sniffers like Firesheep,
and also substantially reduces the threat of rogue access points by
providing wireless users with a cryptographically protected way to
identity the operator of the network they are connecting to,” Cross said in the post.