Simple and Effective Defense Against Evil Twin Access Points

Abstract

Wireless networking is becoming widespread in many public places
such as cafes. Unsuspecting users may become victims of attacks
based on “evil twin” access points. These rogue access points are
operated by criminals in an attempt to launch
man-in-the-middle attacks. We present a simple protection
mechanism against binding to an evil twin. The mechanism leverages
short authentication string protocols for the exchange of
cryptographic keys. The short string verification is performed by
encoding the short strings as a sequence of colors, rendered
sequentially by the user’s device and by the designated access point
of the cafe. The access point must have a light capable of
showing two colors and must be mounted prominently in a position
where users can have confidence in its authenticity. We conducted a
usability study with patrons in several cafes and participants
found our protection mechanism very usable.