]> Security Researcher part of InsiteTech.jp

relunsec@insitetech.jp

This document proposes a phishing-resistant authentication mechanism for home Wi-Fi networks using hardware security keys (e.g., YubiKey) alongside traditional passwords to mitigate Evil Twin attacks.

The Current security problem with WiFi i'm RelunSec a security researcher, my mission is to improve WIFI security We faced a lot of problems, because of those evil twin attacks against WIFI home networks, those are used to obtain victims wifi passwords, that why i'm a security researcher, i'm here to propose that

The Proposal the thing is WIFI will support phishing resistant methods like yubikey alongside passwords

Motivation i wanted to propose that to improve WIFi network security, after that proposal even attackers used evil twin and phished victim wifi passwords they need a yubikey to authenticate to the network. a yubikey cannot be phished, like with websites yubikeys cannot be pished and phishing resistant methods

Backwards compability yubikey support is an available option, will be not mandatory passwords will be the first method and then will prompt you to insert a yubikey, after inserting it the WIFI connection will successed else fails if not enabled will be the current behavior.

How users can enable it 1- Future routers will have yubikey support option, you go to the router interface and register the yubikey 2- Then you activate yubikey option 3- reboot the router 4- all devices will be disconnected, to connect enter your normal password and then insert your yubikey 5- Now you are connected safely to your wifi network, there a no worry anymore about evil twin attacks

Security Considerations This document describes a security enhancement. The use of hardware-based multi-factor authentication (MFA) significantly reduces the risk of credential theft via Evil Twin attacks. By requiring a physical presence gesture (such as a YubiKey tap), even a compromised password is insufficient for an attacker to gain access to the network.

IANA Considerations This document has no IANA actions.