#BlackHat Wi-Fi Gets PEAP/TLS Security from @ArubaNetworks

From the ‘Secure Wi-Fi‘ files:

LAS VEGAS. There are some people that are afraid to connect to the Wi-Fi network at the Black Hat security conference.

I’m not one of them.

This year, Aruba Networks the show’s Wi-Fi provider is stepping up the security going beyond the basic PSK (pre-shared key) approach that every other conference uses.

This year, Aruba is providers users with the ability to use PEAP and TLS options for improved Wi-Fi security. (Protected Extensible Authentication Protocol, also known as Protected EAP or simply PEAP, is a protocol that encapsulates EAP within a potentially encrypted and authenticated Transport Layer Security (TLS) tunnel – Wikipedia).

Going a step further, Aruba is provisioning a separate  SSID for iOS users on TLS providing the best possible enterprise security for a conference of this nature.

Now getting Peap or TLS running on your machine at Black Hat isn’t as easy as just logging into a traditional WPA2 Wi-Fi network. Though Aruba is trying to make it as easy as they can, though the process can involve multiple steps.

The first step is to click on the link the Black Hat captive portal that you get when you connect to the show’s Wi-Fi network.

Near the bottom of the screen (yeaah I know, who reads the info on a captive portal?) all you do is click and follow the instructions.

You need to setup credentials on the Aruba server (think of it like Radius) and download/install a pair of certs.

If you elect to use their iOS network (which is awesome so far..) this is what you’ll see:

The final result is wi-fi network security that I’ve never seen at any conference, let alone the hostile network that is Black Hat. I’ve also never seen an iOS specific Wi-Fi SSID (and hey i’m loving it) to make sure that iPad/iPhone users can have an additional degree of confidence in the security of the Black Hat Network.