Passwords in the air: Harvesting wi-fi credentials from smartcfg provisioning

Changyu Li; Hui Liu; Quanpu Cai; Yuanyuan Zhang; Yu Yu; Juanru Li; Dawu Gu

doi:10.1145/3212480.3212496

Passwords in the air: Harvesting wi-fi credentials from smartcfg provisioning

Changyu Li, Hui Liu, Quanpu Cai, Yuanyuan Zhang, Yu Yu, Juanru Li, Dawu Gu

Shanghai Jiao Tong University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

16 Scopus citations

Abstract

Smart devices without an interactive UI (e.g., a smart bulb) typically rely on specific provisioning schemes to connect to wireless networks. Among all the provisioning schemes, SmartCfg is a popular technology to configure the connection between smart devices and wireless routers. Although the SmartCfg technology facilitates the Wi-Fi configuration, existing solutions seldom take into serious consideration the protection of credentials and therefore introduce security threats against Wi-Fi credentials. This paper conducts a security analysis against eight SmartCfg based Wi-Fi provisioning solutions designed by different wireless module manufacturers. Our analysis demonstrates that six manufacturers provide flawed SmartCfg implementations that directly lead to the exposure of Wi-Fi credentials: attackers could exploit these flaws to obtain important credentials without any substantial efforts on brute-force password cracking. Furthermore, we keep track of the smart devices that adopt such Wi-Fi provisioning solutions to investigate the influence of the security flaws on real world products. Through reversely analyzing the corresponding apps of those smart devices we conclude that the flawed SmartCfg implementations constitute a wide potential impact on the security of smart home ecosystems.

Original language	English
Title of host publication	WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Publisher	Association for Computing Machinery, Inc
Pages	1-11
Number of pages	11
ISBN (Electronic)	9781450357319
DOIs	https://doi.org/10.1145/3212480.3212496
State	Published - 18 Jun 2018
Externally published	Yes
Event	11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2018 - Stockholm, Sweden Duration: 18 Jun 2018 → 20 Jun 2018

Publication series

Name	WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks

Conference

Conference	11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2018
Country/Territory	Sweden
City	Stockholm
Period	18/06/18 → 20/06/18

Keywords

Smart devices
Wi-Fi provisioning

Access to Document

10.1145/3212480.3212496

Cite this

Li, C., Liu, H., Cai, Q., Zhang, Y., Yu, Y., Li, J., & Gu, D. (2018). Passwords in the air: Harvesting wi-fi credentials from smartcfg provisioning. In WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks (pp. 1-11). (WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks). Association for Computing Machinery, Inc. https://doi.org/10.1145/3212480.3212496

Li, Changyu ; Liu, Hui ; Cai, Quanpu et al. / Passwords in the air : Harvesting wi-fi credentials from smartcfg provisioning. WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks. Association for Computing Machinery, Inc, 2018. pp. 1-11 (WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks).

@inproceedings{d3b95cb364b74bbea821f4a73df60340,

title = "Passwords in the air: Harvesting wi-fi credentials from smartcfg provisioning",

abstract = "Smart devices without an interactive UI (e.g., a smart bulb) typically rely on specific provisioning schemes to connect to wireless networks. Among all the provisioning schemes, SmartCfg is a popular technology to configure the connection between smart devices and wireless routers. Although the SmartCfg technology facilitates the Wi-Fi configuration, existing solutions seldom take into serious consideration the protection of credentials and therefore introduce security threats against Wi-Fi credentials. This paper conducts a security analysis against eight SmartCfg based Wi-Fi provisioning solutions designed by different wireless module manufacturers. Our analysis demonstrates that six manufacturers provide flawed SmartCfg implementations that directly lead to the exposure of Wi-Fi credentials: attackers could exploit these flaws to obtain important credentials without any substantial efforts on brute-force password cracking. Furthermore, we keep track of the smart devices that adopt such Wi-Fi provisioning solutions to investigate the influence of the security flaws on real world products. Through reversely analyzing the corresponding apps of those smart devices we conclude that the flawed SmartCfg implementations constitute a wide potential impact on the security of smart home ecosystems.",

keywords = "Smart devices, Wi-Fi provisioning",

author = "Changyu Li and Hui Liu and Quanpu Cai and Yuanyuan Zhang and Yu Yu and Juanru Li and Dawu Gu",

note = "Publisher Copyright: {\textcopyright} 2018 Association for Computing Machinery.; 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2018 ; Conference date: 18-06-2018 Through 20-06-2018",

year = "2018",

month = jun,

day = "18",

doi = "10.1145/3212480.3212496",

language = "英语",

series = "WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks",

publisher = "Association for Computing Machinery, Inc",

pages = "1--11",

booktitle = "WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks",

}

Li, C, Liu, H, Cai, Q, Zhang, Y, Yu, Y, Li, J & Gu, D 2018, Passwords in the air: Harvesting wi-fi credentials from smartcfg provisioning. in WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks. WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Association for Computing Machinery, Inc, pp. 1-11, 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2018, Stockholm, Sweden, 18/06/18. https://doi.org/10.1145/3212480.3212496

Passwords in the air: Harvesting wi-fi credentials from smartcfg provisioning. / Li, Changyu; Liu, Hui; Cai, Quanpu et al.
WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks. Association for Computing Machinery, Inc, 2018. p. 1-11 (WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Passwords in the air

T2 - 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2018

AU - Li, Changyu

AU - Liu, Hui

AU - Cai, Quanpu

AU - Zhang, Yuanyuan

AU - Yu, Yu

AU - Li, Juanru

AU - Gu, Dawu

PY - 2018/6/18

Y1 - 2018/6/18

N2 - Smart devices without an interactive UI (e.g., a smart bulb) typically rely on specific provisioning schemes to connect to wireless networks. Among all the provisioning schemes, SmartCfg is a popular technology to configure the connection between smart devices and wireless routers. Although the SmartCfg technology facilitates the Wi-Fi configuration, existing solutions seldom take into serious consideration the protection of credentials and therefore introduce security threats against Wi-Fi credentials. This paper conducts a security analysis against eight SmartCfg based Wi-Fi provisioning solutions designed by different wireless module manufacturers. Our analysis demonstrates that six manufacturers provide flawed SmartCfg implementations that directly lead to the exposure of Wi-Fi credentials: attackers could exploit these flaws to obtain important credentials without any substantial efforts on brute-force password cracking. Furthermore, we keep track of the smart devices that adopt such Wi-Fi provisioning solutions to investigate the influence of the security flaws on real world products. Through reversely analyzing the corresponding apps of those smart devices we conclude that the flawed SmartCfg implementations constitute a wide potential impact on the security of smart home ecosystems.

AB - Smart devices without an interactive UI (e.g., a smart bulb) typically rely on specific provisioning schemes to connect to wireless networks. Among all the provisioning schemes, SmartCfg is a popular technology to configure the connection between smart devices and wireless routers. Although the SmartCfg technology facilitates the Wi-Fi configuration, existing solutions seldom take into serious consideration the protection of credentials and therefore introduce security threats against Wi-Fi credentials. This paper conducts a security analysis against eight SmartCfg based Wi-Fi provisioning solutions designed by different wireless module manufacturers. Our analysis demonstrates that six manufacturers provide flawed SmartCfg implementations that directly lead to the exposure of Wi-Fi credentials: attackers could exploit these flaws to obtain important credentials without any substantial efforts on brute-force password cracking. Furthermore, we keep track of the smart devices that adopt such Wi-Fi provisioning solutions to investigate the influence of the security flaws on real world products. Through reversely analyzing the corresponding apps of those smart devices we conclude that the flawed SmartCfg implementations constitute a wide potential impact on the security of smart home ecosystems.

KW - Smart devices

KW - Wi-Fi provisioning

UR - https://www.scopus.com/pages/publications/85050921372

U2 - 10.1145/3212480.3212496

DO - 10.1145/3212480.3212496

M3 - 会议稿件

AN - SCOPUS:85050921372

T3 - WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks

SP - 1

EP - 11

BT - WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks

PB - Association for Computing Machinery, Inc

Y2 - 18 June 2018 through 20 June 2018

ER -

Li C, Liu H, Cai Q, Zhang Y, Yu Y, Li J et al. Passwords in the air: Harvesting wi-fi credentials from smartcfg provisioning. In WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks. Association for Computing Machinery, Inc. 2018. p. 1-11. (WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks). doi: 10.1145/3212480.3212496

Passwords in the air: Harvesting wi-fi credentials from smartcfg provisioning

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this