Opportunistic Wireless Encryption

Opportunistic wireless encryption uses a secret key to encrypt Internet sessions hosted on open Wi-Fi networks. Public Wi-Fi networks with no required password or authentication process are convenient, especially for users who are on the go or need to quickly access their bank account or work email. But they’re also extremely susceptible to hacking, particularly man-in-the-middle attacks, where a third-party attacker intercepts the four-way handshake process and pretends to be the main parties. Opportunistic wireless encryption (OWE) removes much of attackers’ opportunity to intercept the handshake process and gain access to a user’s Internet activity.

Instead of using a public pre-shared key (PSK), in which the handshake process can easily be hacked, OWE uses a Diffie-Hellman encryption key exchange, creating a unique key for the two parties. After the key exchange is successful, the networks perform a four-way handshake before finalizing and enabling an encrypted connection.

OWE weaknesses

Unfortunately, although OWE makes it more difficult for malicious parties to perform man-in-the-middle attacks, it’s still susceptible to compromise. OWE doesn’t authenticate either user or network, unlike many encryption protocols. This means that an attacker can masquerade as a network by falsifying the wireless access point (WAP) and renaming it with the name of a nearby Wi-Fi network. Users believe they are using a legitimate network and log into that network, potentially using passwords or other sensitive information. Their online actions can then be intercepted by the attacker. This kind of hack is known as an evil twin attack.

Webopedia Staff
Webopedia Staff
Since 1995, more than 100 tech experts and researchers have kept Webopedia’s definitions, articles, and study guides up to date. For more information on current editorial staff, please visit our About page.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Virtual Private Network (VPN)

A virtual private network (VPN) encrypts a device's Internet access through a secure server. It is most frequently used for remote employees accessing a...

Gantt Chart

A Gantt chart is a type of bar chart that illustrates a project schedule and shows the dependency between tasks and the current schedule...

Input Sanitization

Input sanitization is a cybersecurity measure of checking, cleaning, and filtering data inputs from users, APIs, and web services of any unwanted characters and...

IT Asset Management Software

IT asset management software (ITAM software) is an application for organizing, recording, and tracking all of an organization s hardware and software assets throughout...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...