Re: [saag] Would love some feedback on Opportunistic Wireless Encryption

Christian Huitema <> Wed, 26 August 2015 18:52 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id A70841A1B69 for <>; Wed, 26 Aug 2015 11:52:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id GNdR_3L3Oc3a for <>; Wed, 26 Aug 2015 11:52:00 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id CC79C1B2C8A for <>; Wed, 26 Aug 2015 11:51:59 -0700 (PDT)
Received: from ( by ( with Microsoft SMTP Server (TLS) id; Wed, 26 Aug 2015 18:51:57 +0000
Received: from ([]) by ([]) with mapi id 15.01.0231.024; Wed, 26 Aug 2015 18:51:57 +0000
From: Christian Huitema <>
To: Warren Kumari <>, "" <>
Thread-Topic: [saag] Would love some feedback on Opportunistic Wireless Encryption
Thread-Index: AQHQ4CW/AZzR8B6HAU2jyV7mVrhQ2J4emrQg
Date: Wed, 26 Aug 2015 18:51:57 +0000
Message-ID: <>
References: <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-microsoft-exchange-diagnostics: 1; DM2PR0301MB0655; 5:8aU6ZiFIFhnZsQfzNWaErkIDRYNfYvVMRx+zCu8HQ2cL3I1s+NuCSFGIyntVxxuZPQ5d02wfx3U03IoeQwlsA0Mz7ZPfmoyIdsXtZC2HML/r4UwZqy9YgC1iB4IosLnWpx4ZALhkmrB4kMlfhCCodg==; 24:/kpwX0fVBfkzUF2xyjh22VnFfC90MzpHJk34qXaR9ieTUN5jOlouKz+Uw+WMpvFUHOOIQ6sIBtkNUpaiuLrKh+5y7b8blzH2/8fO3rHEfP0=; 20:Tg9yK7zI83Bvs21ZHZYTygGJLKXDoeQhawcjQDxS3vMxEICIVU7KUsVc9ftvsaGk9dNEjPyca7Uaovpwd6w97g==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR0301MB0655;
x-o365ent-eop-header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401001)(8121501046)(5005006)(3002001); SRVR:DM2PR0301MB0655; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0655;
x-forefront-prvs: 0680FADD48
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(189002)(199003)(377454003)(51444003)(24454002)(19580395003)(97736004)(86612001)(2950100001)(122556002)(10090500001)(102836002)(8990500004)(5004730100002)(2900100001)(101416001)(92566002)(54356999)(74316001)(68736005)(5005710100001)(106356001)(50986999)(40100003)(10400500002)(33656002)(77096005)(106116001)(10290500002)(5002640100001)(2656002)(76176999)(105586002)(99286002)(5007970100001)(5001920100001)(87936001)(2501003)(107886002)(19580405001)(86362001)(77156002)(5003600100002)(81156007)(5001960100002)(66066001)(62966003)(5001860100001)(4001540100001)(76576001)(5001770100001)(64706001)(189998001)(5001830100001)(551544002)(46102003); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0301MB0655;; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None ( does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Aug 2015 18:51:57.3595 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0301MB0655
Archived-At: <>
Subject: Re: [saag] Would love some feedback on Opportunistic Wireless Encryption
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 26 Aug 2015 18:52:01 -0000

On Wednesday, August 26, 2015 10:36 AM, Warren Kumari wrote:
> On Wednesday, August 26, 2015, Viktor Dukhovni <>; wrote:
>> ...  This is considerably weaker
>> than many other opportunistic security protocols.  With no protection
>> against a passive adversary who started monitoring before the victim
>> joins the network, is this still worth doing?
> I believe that it is -- I think that the cost to implement this is really really low (I added PoC 
> "support" to OpenWRT in less than an hour, and almost all of that was finding a 
> suitable access point in my basement :-)).
> I fully acknowledge that this doesn't solve all issues, and doesn't claim to - but I think that for 
> the negligible cost, the incremental security win is worth it.

You have to decide who you are optimizing for. The administrators would cannot be bothered to set a password for the Wi-Fi? If the router starts doing OWE without their knowledge, there will be a great deal of confusion when legacy UI shows the network as encrypted and users asks the bartender for the password.

So let's assume that OWE is explicitly turned on by the administrators. They take the pain to activate the option in the UI. Why is it simpler than just setting a password? The bartender will still get asked for the password by all the legacy customers, and at that point it does not make any difference whether he has to answer "use the name of the network" or "Open Sesame."

-- Christian Huitema