当前位置: X-MOL 学术Secur. Commun. Netw. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
On WPA2-Enterprise Privacy in High Education and Science
Security and Communication Networks Pub Date : 2020-09-07 , DOI: 10.1155/2020/3731529
T. Perković 1 , A. Dagelić 1 , M. Bugarić 1 , M. Čagalj 1
Affiliation  

A plethora of organizations, companies, and foremost universities and educational institutions are using WPA2-Enterprise protocol to allow their end-users to connect to provided Wi-Fi networks. When both the provider’s and the end-user’s devices are configured properly, it is considered one of the safest Wi-Fi connection protocols with the added benefits of having a unique password for every Wi-Fi user. However, a known evil twin attack can be performed to steal users’ Wi-Fi login credentials, if the devices are not configured correctly. Considering the widespread use of Wi-Fi-enabled smartphones and rising concerns regarding users’ privacy, we focus on the privacy aspects of WPA2-Enterprise vulnerabilities mainly on the widespread Eduroam network. We show that device deanonymization is a concerning liability of many Eduroam networks. More than 87% of 1650 devices collected during a two-month test on our university are vulnerable to MAC address deanonymization attack. Furthermore, by analyzing the Eduroam Configuration Assistant Tool of 1066 different institutions around the world, 67% of exported Eduroam profiles having the Wi-Fi device reveal the user’s identity in the clear, thus linking the users with the device’s MAC address. Indeed, the analysis of the configuration profiles has been confirmed by performing the deanonymization attack on a large-scale international music festival in our country, where 70% of the devices have been vulnerable. Additionally, we showcase the psychological aspects of secure Eduroam users, where some are willing to modify secure configuration profiles to gain aspects to certain blocked features. As a result, the attacker is granted with user credentials and IMSI number and provided with access to all Eduroam-related services.

中文翻译:

高等教育和科学中的WPA2-企业隐私

众多组织,公司以及最主要的大学和教育机构都在使用WPA2-Enterprise协议,以允许其最终用户连接到提供的Wi-Fi网络。如果正确配置了提供商和最终用户的设备,则它被认为是最安全的Wi-Fi连接协议之一,并且具有为每个Wi-Fi用户提供唯一密码的附加好处。但是,如果未正确配置设备,则可以执行已知的邪恶双胞胎攻击来窃取用户的Wi-Fi登录凭据。考虑到支持Wi-Fi的智能手机的广泛使用以及对用户隐私的日益关注,我们将WPA2-Enterprise漏洞的隐私方面集中在广泛的Eduroam网络上。我们表明,设备去匿名化是许多Eduroam网络的一项有关责任。在我们大学进行的为期两个月的测试中收集的1650台设备中,超过87%的设备容易受到MAC地址去匿名攻击。此外,通过分析全球1066个不同机构的Eduroam配置助手工具,导出的具有Wi-Fi设备的Eduroam配置文件中有67%清楚地显示了用户的身份,从而将用户与设备的MAC地址链接在一起。实际上,通过对我国70%的设备易受攻击的大型国际音乐节进行去匿名攻击,已确认了对配置文件的分析。此外,我们展示了安全的Eduroam用户的心理方面,其中一些人愿意修改安全的配置文件以获取某些被阻止功能的方面。结果是,
更新日期:2020-09-08
down
wechat
bug