Introduction to Wireless Security

This topic is to discuss the following lesson:

Hi, I really enjoy the lessons.

I have two related questions, please.

In the lesson, you said

“The wireless client can use this to verify that it’s communicating with a legitimate AP.”

  1. So that’s mean the attacker can’t make a certificate for its rogue AP? or it’s possible but difficult to make?

  2. Who originate these certificates? is it the 802.11 standard or the Manufacture of the AP? In other words, where do these certificates come from?

I appreciate your effort.

Hello Ameen

Certificates are a widely used method for authentication in a very broad area of application. Some examples include:

A certificate, or digital certificate, or more correctly referred to as a public key certificate, is a method used to prove the ownership of a public key. A digital certificate includes information about the key, information about the identity of its owner, as well as the digital signature of the entity that has verified the certificate’s contents. This entity is known as the issuer. If the signature is valid, and the software examining the certificate trusts the issuer, then it can use that key to communicate securely with the certificate’s owner.

In this case, the wireless host examines the digital certificate of the AP, and if the signature is valid, it has been proven that the AP is indeed legitimate.

Now it is possible to issue your own certificate. This can be done as shown in the lessons I have linked above. However, the most secure way to validate digital certificates is to use a Certificate Authority (CA) as the issuer. This is an entity that issues digital certificates. The CA acts as a trusted 3rd party that is trusted by both the host and the AP.

Some examples of CAs include Amazon Web Services, Cloudflare, Google Cloud Platform, and others.

So to answer your questions directly, it is not possible for an attacker to make a “fake” certificate, especially if you use a 3rd party as the CA. The certificates can be made by you, or by the manufacturer of the AP, but such certificates can be compromised if the CA is not secure (i.e. an employee from the manufacturer leaked the certificate, or the certificate you created was somehow compromised). It is best to purchase such a service from a publicly trusted CA.

For more examples of how certificates are used, take a look at these NetworkLessons Notes:
https://notes.networklessons.com/notes/Why+do+we+trust+a+website+certificate
https://notes.networklessons.com/notes/Certificate+Authority+Structure

I hope this has been helpful!

Laz

1 Like

Thanks a lot, Mr. Lazaros.

1 Like