Enhanced Open – Part 1

Tags

,

In this post we will look at WiFi Alliance (WFA) new certification called “Enhanced Open” for Wireless networks. WFA introduced it in June 2018 (Read public announcement from here) & meant to provide traffic encryption for open networks (eg public event, airport free WiFi)

This certification is based on OWEOpportunistic Wireless Encryption (IETF RFC 8110). It is also required to use PMF – Protected Management Frames, that provide additional security.

However this does not provide any security for authentication where user still connect to a wireless network without any password (same like traditional Open Auth SSID). If your device support “Enhanced Open” it will encrypt data traffic after initial association.

As all devices do not support “Enhanced open” capability today, there is a mode know as “transition mode” is also introduced. We will look at “Enhanced Open – Transition mode” deployment in another post.

Here is the basic frame exchange in a “Enhanced Open” Wireless association.

“Enhance Open” Frame Exchange

Here is a packet capture of a SSID configured for “Enhanced Open”. I used Google Pixel 3 as STA which supports OWE. It was captured using Cisco AP in sniffer mode, so you have to follow this post, if you cannot see frames as wireless frames when you open it. If you use a wireshark display filter to remove control frames & see only frame involve client MAC address, you will see frame exchange that matches previous diagram.

wlan.addr == ee:3d:8b:b9:6b:42 && not wlan.fc.type==1

OWE Discovery
An Access Point (AP) advertise support for OWE using AKM suite selector for OWE under RSNE. Below shows a RSNE in a beacon frame of a SSID configured with OWE. You will see AKM suite type value 18 (00-0F-AC:18) indicate OWE support.

OWE Support Advertised via RSNE

If you look at RSN capabilities field, you will see AP is advertising both Management Frame Protection (MFP) capabilities & MFP required bit set to 1. You will see same on Association Request frame (#88) when it send by client.

OWE Association
A client wishing to do OWE must indicate OWE AKM in the RSNE portion of Association Request frame and include Diffie Helman (DH) parameter element. In the given capture (you can download it from here) you will see those information elements in Association Request frame (#88) which includes RSNE & OWE-DH parameter information elements .

You can see DH Parameter Elements has following format where Element ID of 255 with Extension value 32.

For an implementation to be compliant, it has to support DH-Group 19, which is a 256 bit Elliptic Curve (ECP). You can see that DH Group number is being used in given packet capture. If AP does not support DH Group indicated in Association Request, AP respond with a status code 77 indicating unsupported group.

You can find all different type of DH Groups assigned by IANA from this link.

An AP agreeing to do OWE must include OWE AKM in RSNE of Association Response frame. If “PMK Caching” is not performed it must include DH parameter element as well. Here is frame#90 detail.

OWE Post Association
Once client complete association both Client & AP exchange their DH key within those Association Request & Response frames. With that STA & AP can derive PMK (Pairwise Master Key) using its private key, peer’s public key information & DH group.

The PMKID is generated by hashing the two DH public keys & truncating to 128 bits. Hashing algorithm can be “HMAC-SHA-256“, “HMAC-SHA-384” or “HMAC-SHA-521

Upon completion of 802.11 association, AP initiate formal 4 -way handshake to derive encryption keys(KEK– Key Encryption Key, KCK – Key Confirmation Key & MIC – Message Integrity Code). Below shows M1 (frame #92) details.

OWE PMK Caching
PMK Caching is supported on “Enhanced Open” enabled SSID where a STA and AP can cache PMK for a period of time. Once client associate to an OWE SSID for the first time, PMKID value has to be calculated.

When STA subsequently connect to same AP, it can include the PMKID in association request frame.If AP has cached PMK identified by that PMKID, it include that PMKID in its Association Response frame. In this case there won’t be DH parameter element included in that Association Response frame.

From configuration point of view , You can enable “Enhanced Open” by simply selecting it under WLAN -> Security -> Layer 2 tab as shown below (with Cisco AireOS 8.10.x running WLC)

References
1. WPA3, OWE and DPP | Hemant Chaskar | WLPC Phoenix 2019
2. WPA3 & Enhanced Open White Paper – Aruba Networks
3. WPA3 support for AireOS 8.10/ IOS-XE 16.12 
4. https://wificoops.com/2019/08/05/wi-fi-security-enhancements-part-2-enhanced-open-owe/

Related Posts
1. End of Cisco AireOS ?
2. Enhanced Open – Transition Mode