Broadcom and Atheros's new easy-to-use Wi-Fi security enablers aren't as far apart as I thought: I was looking through the details this morning for SecureEasySetup and JumpStart for Wireless systems, respectively by Broadcom and Atheros, and found that while they work somewhat differently, they're closer than I thought in nature and intent.
Both systems try to remove the complexity from turning on encryption on networks. Broadcom's is more generally aimed at consumer electronics and devices with no real interface; Atheros's feels more computer- and adapter-oriented, but they make a good case about how it could be integrated into CE, as well. I spoke to Broadcom on Tuesday; Atheros this morning. Let's compare and contrast.
Initial setup. Broadcom has you push a button on the access point which causes it to create a key and store it internally, ready for the first client connection. This can be a hardware button on the device itself, or it can be a software button in a Web or client interface. Atheros has you connect to the access point via Ethernet to click a button, and create a password that's used to sign a key exchange that happens later. JumpStart also stores a WPA key.
Comparison: Neither version requires configuration of security options or key creation. Broadcom can push their button advantage, but consumers do need to run a wizard or other configuration software in any case to set up their DSL, cable modem, or LAN settings. By adding a step, Atheros increases security in the next step, but requires typing or key entry. Atheros also requires an Ethernet configuration (only for this stage) but derives additional security from this requirement. Broadcom can optionally run SES over Ethernet, but each device would have to connect via Ethernet. Both change the SSID and create a sufficiently long WPA key. Atheros's version can create an WPA2 (AES) key if that's available.
Conclusion: No advantage to either party at this stage in the process, although Atheros users might run into a problem if and only if they didn't have an Ethernet-equipped computer to handle the first step.
Note: It's clear that if ISPs worked with manufacturers, they could create a stub boot mode on gateways that would install the configuration for that client and enable the Wi-Fi security removing all LAN/WAN and security setup. This is the idea behind Microsoft's Wireless Provisioning System for hotspots.
Add a client computer. Broadcom has you push a button on the access point to put it into the right mode to communicate with a client PC Card. You can also use software on the access point to initiate this mode. On the client, users either push a button or use a client manager or menu to initiate communication. The AP and the client talk, the AP passes a key over a tunnel, and the client is ready to go. Atheros requires that you connect to the AP and have it start its communication mode. If the AP detects another JumpStart session, it backs off. Visual confirmation of the mode comes through flashing LEDs on the AP. On the client machine, you enter the same password used on the AP. This password is used to sign a Diffie-Hellman key that's used to establish a secure session over which the WPA key is sent.
Comparison: Broadcom leaves a window open here for an insertion in which a waiting client could grab a key from an AP before the intended client gets the key. There's no out-of-band confirmation that allows a rogue client to be rejected. Atheros, by using a password, increases complexity, but provides a way of securing the initiation of the SSL tunnel that's used to provide the key.
Conclusion: Broadcom lacks a Wi-Fi-based out-of-band confirmation option that would prevent malicious attacks from automated software that would attempt a denial of service on a user's network. Such software could be written because Broadcom and Atheros plan open standards. Broadcom does allow Ethernet to be used as a physically isolated and secure method of running SES, and it does notify users if a rogue client slipped in before the desired client connected. But there's no solution for a malicious DoS coupled with no Ethernet or no ease of using Ethernet. Atheros scores in edge cases with malicious DoS attacks.
Add a consumer electronic device, like a Wi-Fi DVD player: In Broadcom's case, push a button on the AP and push a button or trigger a menu on the DVD player. Atheros would require some kind of menu that would allow the entry of a key.
Comparison: Atheros seems to be at a disadvantage for entering alphanumerics on home entertainment devices without keyboards.
Conclusion: Broadcom may have a less secure method, but it does have a simpler process that will make CE adoption much smoother. On the other hand, CE devices may only have Wi-Fi and no Ethernet, which could make them more susceptible to being unable to join a network experiencing automated DoS.
In talking with Atheros this morning, they didn't convince me that JumpStart had a more secure end-to-end process. I'd already realized this and have a query out to Broadcom about the details. In home networks, it may be less critical that someone is ready to jump on, but an automated malicious attack is a real possibility for an open standard.
[Read the rest of this story...]
The reason to have out-of-band elements in a secure system is to provide verification that is outside of the medium that you admit is untrusted. If you don't pre-install public-key certificates in every device that provides that out-of-band security--such as in EAP-TLS, the first version of EAP used with 802.1X--then you have to figure out some other method. With PGP or GPG, one method is to send someone your public key via email and then call or fax them with the fingerprint that allows them to confirm that it's correct. Otherwise, someone could be a man in the middle who provides their own public keys in each direction to the two parties trying to establish a secure interchange. This is another reason for public key directories, which are assumed to have a certain level of trust without total verification of identity.
Public-key cryptography plus out-of-band confirmation is considered reliable, and is the basis of SSL and TLS that use certificate-authority-signed documents, whether the authority is Thawte or a company's own authority certificate. It's also part of the process by which Atheros secures its connection. Atheros uses a TLS style transaction in which the initial key is signed by the password that a user has entered in the access point out of band.
Atheros was pretty rambunctious about discussing Broadcom's SecureEasySetup in contrast with their own JumpStart. I spoke with Colin Macnab, Atheros's vice president of marketing and business development, and Kevin Hayes, one of the developers of this standard for Atheros who is actively involved in security at the Wi-Fi Alliance and the 802.11i Task Group at the IEEE.
For starters, Macnab though that adding a button to an AP is more of a stumbling block than Broadcom wants to maintain. He notes that getting the entire AP's cost of goods below $20 is the goal now, and that adding wire and a button could actually be a significant issue for commodity equipment. He also noted that the lack of an out-of-band element mean that Broadcom is relying entirely on timing for security. Hayes said, "What I see in Broadcom is clearly some marketing-driven solution."
But they both turned conciliatory: they like some aspects of SecureEasySetup, and Hayes said, "If we blend these technology, then the industry would take that." Macnab agreed, noting, "That's probably the correct answer. There may be some places in which people might want to do buttons." But Macnab suggested setting up a hacking contest in a real-world scenario, like an apartment building, and seeing which easy setup method "survives." Atheros intends that JumpStart be available for general industry use.
Hayes and Macnab both agreed that competition in the industry was going to help the consumer by pushing easier and easier methods out on the application level instead of deeper in the box. Hayes said, "We look at the ease of use part as a transport for security. This security is completely under the covers."
Ultimately, some combination of Atheros and Broadcom's technology through the Wi-Fi Alliance should result in a completely secure method that also has multiple ways to let consumers have security without frustration. Atheros could use Broadcom's simplicity as a first step; Broadcom could use Atheros's password as a fallback.