Opportunistic Wireless Encryption

Opportunistic wireless encryption uses a secret key to encrypt Internet sessions hosted on open Wi-Fi networks. Public Wi-Fi networks with no required password or authentication process are convenient, especially for users who are on the go or need to quickly access their bank account or work email. But they’re also extremely susceptible to hacking, particularly man-in-the-middle attacks, where a third-party attacker intercepts the four-way handshake process and pretends to be the main parties. Opportunistic wireless encryption (OWE) removes much of attackers’ opportunity to intercept the handshake process and gain access to a user’s Internet activity.

Instead of using a public pre-shared key (PSK), in which the handshake process can easily be hacked, OWE uses a Diffie-Hellman encryption key exchange, creating a unique key for the two parties. After the key exchange is successful, the networks perform a four-way handshake before finalizing and enabling an encrypted connection.

OWE weaknesses

Unfortunately, although OWE makes it more difficult for malicious parties to perform man-in-the-middle attacks, it’s still susceptible to compromise. OWE doesn’t authenticate either user or network, unlike many encryption protocols. This means that an attacker can masquerade as a network by falsifying the wireless access point (WAP) and renaming it with the name of a nearby Wi-Fi network. Users believe they are using a legitimate network and log into that network, potentially using passwords or other sensitive information. Their online actions can then be intercepted by the attacker. This kind of hack is known as an evil twin attack.

Webopedia Staff
Webopedia Staff
Since 1995, more than 100 tech experts and researchers have kept Webopedia’s definitions, articles, and study guides up to date. For more information on current editorial staff, please visit our About page.

Related Articles

10 Quick Tips For Social Media Marketing

10 Quick Tips for Social Media Marketing Social Media Defined: Social media is a phrase used to describe a variety of Web-based platforms, applications and...

Digital Advertising

What is Digital Advertising? Digital advertising is marketing to a target audience through digital platforms, including social media, email, search engines, mobile apps, affiliate programs,...

E-Commerce

E-commerce, or electronic commerce, is online-conducted business, including marketing, sales, and fulfillment. Consumers and businesses place and track orders at least partially through the...

Virtualization Software

Virtualization software is a digital solution used to create an abstraction layer for hardware. The software creates multiple instances, or virtual machines (VMs), that...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...