DOCSLIB.ORG

A Practical Investigation of Identity Theft Vulnerabilities in Eduroam

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Practical Investigation of Identity Theft Vulnerabilities in Eduroam A Practical Investigation of Identity Theft Vulnerabilities in Eduroam Sebastian Brenza Andre Pawlowski Christina Pöpper Horst-Görtz Institute for Horst-Görtz Institute for Horst-Görtz Institute for IT-Security IT-Security IT-Security Ruhr-University Bochum Ruhr-University Bochum Ruhr-University Bochum Bochum, Germany Bochum, Germany Bochum, Germany [email protected] [email protected] [email protected] ABSTRACT service at research and educational institutes, Internet ac- Eduroam offers secure access to the Internet at participat- cess at participating institutes has been greatly simplified: ing institutions, using authentication via IEEE 802.1X and Eduroam enables users to roam between participating insti- secure forwarding of authentication data to the authentica- tutions and authenticate with the login data of their home tion server of the user's institution. Due to erroneous con- institutes which is securely forwarded for verification via a figuration manuals and a lack of knowledge on the user side, network of authentication servers to the home institution. though, a big share of client devices lack the required root With their increased popularity in the last couple of years, CA certificate to authenticate the Eduroam network, yet still many networked mobile devices have been configured for being able to access the network. Moreover, deficient soft- Eduroam usage by their users, including laptops, tablets, ware implementations on client devices prevent users from and smartphones. One central point to the security of the the secure execution of the authentication process. Eduroam usage is the proper setup of a root CA certificate In this paper, we present an attack that exploits this fact to verify the authenticity of the network. However, secure and uses the default behavior of wireless devices in order authentication is not given, if deficient software implemen- to capture authentication data. This MITM attack is per- tations do not check the validity of the offered certificate formed in real-time. It is achieved using a modified ver- correctly or client devices are wrongly configured with miss- sion of hostapd, which exploits a compatibility setting of ing CA certificates. If the offered certificate is not checked the widely used supplicant software wpa supplicant. It en- correctly, client devices cannot verify the authenticity of the ables an attacker to authenticate users in EAP-TTLS/PAP network, which opens the door for connecting to rogue access and in EAP-TTLS/MS-CHAPv2 without the necessity of points, also called Evil Twins [12], and man-in-the-middle cracking the user password hash on the fly and thus without (MITM) attacks. This is an issue that also seems to be inducing suspicious delays. In a practical study with sev- known in corporate networks [33]. eral hundred users we could show that more than half of the Institutions participating in Eduroam are supposed to pro- tested devices were vulnerable to the attack. Based on the vide sufficient configuration instructions for their end users results of the study, we propose countermeasures to prevent to allow for the authentic identification of access points at the attack and minimize the amount of vulnerable devices. all times. Unfortunately, at a number of institutions par- ticipating in Eduroam, the configuration manuals for users are incomplete or have been so in the past. For example, at Keywords our university the configuration manuals for Android, Mac Network Security; WPA-Enterprise; Eduroam Authentica- OS and iOS devices were missing the instructions for setting tion; EAP; MS-CHAPv2 up the CA certificate. Fixing this simple problem of incom- plete configuration manuals does not prevent the problem from prevailing in reality even months later, as we show by 1. INTRODUCTION a practical study involving several hundred participants. Access to scientific and educational resources is important In this paper, we outline a number of problems regarding in research and education. With the start of the Eduroam the authentication structure and processes of the Eduroam network. Although the Extensible Authentication Protocol (EAP) authentication methods used in Eduroam and En- Permission to make digital or hard copies of all or part of this work for per- terprise networks, in particular EAP-TTLS and PEAP, are sonal or classroom use is granted without fee provided that copies are not well-defined and have been thoroughly examined for flaws made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components by security experts, imprecisions in the implementations of this work owned by others than the author(s) must be honored. Abstract- may lead to severe security vulnerabilities. We present a ing with credit is permitted. To copy otherwise, or republish, to post on novel stealthy attack targeting client devices. The attack is servers or to redistribute to lists, requires prior specific permission and/or a based on real-world software and configuration deficiencies. fee. Request permissions from [email protected]. In more details, we use a modified version of the software WiSec'15, June 22 – 26, 2015, New York, NY, USA access point hostapd [20] that exploits the network's trust Copyright is held by the owner/author(s). Publication rights licensed to ACM. ACM 978-1-4503-3623-9/15/06 ...$15.00 structure and enables an attacker to authenticate users on DOI: http://dx.doi.org/10.1145/2766498.2766512 the fly without owning the required username and password . data. This makes it possible to capture authentication data RADIUS international level RADIUS Hierarchy using an evil-twin access point and to gain control over the network traffic of the victim. We investigate the applicability of the attack in a real- national level RADIUS RADIUS world setting and we identify, classify, and evaluate possible countermeasure { both on the side of the client devices as Client Access Visited networks Home Point RADIUS RADIUS on the side of the infrastructure and service provider. 1 identity 2 server In summary, this paper makes the following contributions: 3 certificate secure tunnel 4 authentication data 1. We present a novel attack on a widely used EAP- TTLS/MS-CHAPv2 implementation that allows to by- 5 pass the inner MS-CHAPv2 authentication on devices accept / reject with deficient certificate validation. Figure 1: Authentication Process in Eduroam 2. We investigate the vulnerability of different Android- and Mac OS/iOS-based devices and tablets to this at- tack and show that they are all vulnerable (in some either authenticated towards the user or both are mutually cases depending on their configuration and user inter- authenticated; in phase 2 the user subsequently authenti- action). cates towards the AS. The authentication is executed as fol- lows (as shown in Figure 1): 3. We report results on a practical study of this vulnera- bility with about 350 users and more than 500 devices. Phase 1 (Outer Authentication): Of these tested devices, a share of 52 % turned out to be vulnerable to our attack. 1. When a user requests network access, the user's iden- tity is queried by the AP. The user identity is provided 4. We propose multiple client- and infrastructure-side to the AP in the format: [email protected], countermeasures and evaluate their effectiveness where tld is the top-level domain. against the presented attack. To minimize the share of wrongly configured devices, we show an automated 2. The AP forwards the user identity to the home AS way to check device configurations that can be de- of the network, which checks its responsibility for the ployed by institutions offering Eduroam services. user's institution and top-level domain. In case the user requested access to a foreign network, the iden- The rest of this paper is structured as follows: First, the tity is proxied to the next RADIUS AS on national or technical background for the attack is presented in Section 2. international level|based on the user's identity|until Prerequisites and the attacker model are introduced in Sec- the user's home AS is found. tion 3. In Section 4, the approach and characteristics of the attack are described, followed by details on the practical 3. The user's home AS checks if the identity is valid, study in Section 5. Countermeasures are discussed in depth starts tunnel establishment, and answers with its server in Section 6. Finally, related work is presented in Section 7 certificate. The user then validates the server certifi- and we conclude the paper in Section 8. cate and a secure tunnel is established between the user and the AS. 2. PRELIMINARIES Phase 2 (Inner Authentication): This section presents the technical background necessary for the attack described later in this paper. It introduces 4. After the secure tunnel establishment, inner authenti- authentication in Eduroam and IEEE 802.1X along with the cation is executed inside the tunnel between client and targeted tunneled authentication protocols as well as PAP AS, using credentials of the user's home institution. and the MS-CHAPv2 authentication protocol. 5. The user's home AS validates the login data and passes 2.1 Authentication in Eduroam the result to the AP, which subsequently grants or re- Authentication in Eduroam is carried out following the fuses network access. IEEE 802.1X standard for port-based network access con- trol [17]. The system roles Supplicant, Authenticator, and Due to privacy reasons it is encouraged to provide an anony- Authentication Server (AS) correspond in Eduroam to the mous outer identity in phase 1 and the actual/private iden- user's client device, the access point (AP), and the RADIUS tity inside the tunnel in phase 2 [30]. authentication server of the user's home institution [30]. In order to enable users to gain network access using the 2.2 802.1X Protocols same login data and network configuration at each partic- During the authentication process in IEEE 802.1X, au- ipating institution, a hierarchical layer of RADIUS AS is thentication and communication between the client device| introduced.
Load more

Recommended publications
  • Crosslink TG Software and Programming Manual
    Product revision: 1.4 2021-03-12 CrossLink TG Software and Programming Manual www.crosscontrol.com CrossLink TG Product revision: 1.4 Software and Programming Manual 2021-03-12 Contents Revision history ......................................................................................................................... 4 1. Introduction .......................................................................................................................... 5 1.1. How to access functionality .......................................................................................... 5 2. RTUControl API ..................................................................................................................... 7 2.1. Introduction ..................................................................................................................... 7 2.2. Starting and finalizing RTUControl module .................................................................. 7 2.3. RTC time ........................................................................................................................... 8 2.4. Sleep and usecsleep ...................................................................................................... 9 2.5. Power Management ...................................................................................................... 9 2.6. Hardware RTC ............................................................................................................... 12 2.7. Default Movement Sensor ..........................................................................................
    [Show full text]
  • U-Connectxpress, Open Source Software Licenses, Application Note
    u-connectXpress Open source software licenses Application note Abstract This document contains the licensing terms for third party open source software included in u-blox short range modules. UBX-15022695 - R21 C1 - Public www.u-blox.com u-connectXpress Open source software licenses - Application note Document information Title u-connectXpress Subtitle Open source software licenses Document type Application note Document number UBX-15022695 Revision and date R21 4-Feb-2021 Disclosure Restriction C1 - Public This document applies to the following products: Product name Software version ANNA-B112 All NINA-B111 All NINA-B112 All NINA-B221 All NINA-B222 All NINA-B311 All NINA-B312 All NINA-B316 All NINA-B410 All NINA-B411 All NINA-B416 All NINA-W131 All NINA-W132 All NINA-W151 All NINA-W152 All NINA-W156 3.1.0 onwards ODIN-W260 All ODIN-W262 All ODIN-W263 All u-blox or third parties may hold intellectual property rights in the products, names, logos and designs included in this document. Copying, reproduction, modification or disclosure to third parties of this document or any part thereof is only permitted with the express written permission of u-blox. The information contained herein is provided “as is” and u-blox assumes no liability for its use. No warranty, either express or implied, is given, including but not limited to, with respect to the accuracy, correctness, reliability and fitness for a particular purpose of the information. This document may be revised by u-blox at any time without notice. For the most recent documents, visit www.u-blox.com.
    [Show full text]
  • Leveraging the Kerberos Credential Caching Mechanism for Faster Re-Authentications in Wireless Access Networks
    UBICOMM 2010 : The Fourth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies EAP-Kerberos: Leveraging the Kerberos Credential Caching Mechanism for Faster Re-authentications in Wireless Access Networks Saber Zrelli Yoichi Shinoda Nobuo Okabe Center for Information Science Corporate R&D Headquarters Japan Advanced Institute of Science and Technology Yokogawa Electric Corporation Ishikawa, Japan Tokyo, Japan [email protected] saber.zrelli,[email protected] Abstract—Although the wireless technology nowadays provides support cross-domain authentication that enables an access satisfying bandwidth and higher speeds, it still lacks improve- network to authenticate a roaming client that belongs to a ments with regard to handoff performance. Existing solutions remote domain. The cross-domain authentication requires for reducing handoff delays are specific to a particular network technology or require expensive upgrades of the whole infras- message exchange between the AAA server of the visited tructure. In this paper, we investigate performance benefits of network and the AAA server of the roaming station’s home leveraging the Kerberos ticket cashing mechanism for achieving network. Because these inter-domain exchanges occur over the faster re-authentications in IEEE 802.11 wireless access networks. Internet, they are subject to degradations such as packet loss For this purpose, we designed a new EAP authentication method, and network delays which increases the overall authentication EAP-Kerberos, and evaluated re-authentication performance in different scenarios. time. When a roaming station changes of access point, the same authentication procedure takes place again, disrupting Keywords-Wireless; Authentication; Handoff; Performance the user traffic at each handoff. I.
    [Show full text]
  • SMART Water Heater
    SMART Water Heater Mauro Cordoba, EE Bryan Mitchell, EE Vipol Sophonwatthanawichit, CpE Group 36 MOTIVATION “Water heaters account for nearly 17 percent of a home’s energy use, consuming more energy than all other household appliances combined.” • To reduce energy consumption by modernizing a common appliance • To provide more control PROJECT goals • Create an Internet of Things device • Work with embedded linux devices • Try to avoid common platforms such as raspberry pi • Develop Android application • Get experience designing PCB PROJECT requirements • Comparable in size to modern water heater thermostats • Able to control a standard electric water heater element • Able to regulate temperature to +/- 1° C of desired temperature • It will run from 240V mains (120V for demo) • It will be controlled directly though a touchscreen interface or remotely via network PROJECT overview PROJECT overview Water Heater Home automation Controller system Touchscreen Android phone Database HARDWARE design HARDWARE diagram 240V AC • 120 VAC • +5 VDC • Data 240V AC to 5V DC Temperature Relay Heating element 1 Sensors Relay Heating element 2 Flow Sensor PIR sensor WIFI CFA920-TS Adapter MAIN board • 454MHz Freescale i.MX283 processor • 4.3 inch 800*480 TFT touchscreen display • 10/100 Ethernet port • USB port • 128MB DDR2 RAM • μSD reader supports up to 64GB • 24 GPIO pins CFA920-TS EXPANSION board(s) • 240v AC - 5v DC power supply • Interface with CFA920-TS • 97mm x 55mm • Sensor inputs • Relay controlled heating element outputs The first iteration of
    [Show full text]
  • SX-6K3-EVK-SD User Guide
    SX-6K3-EVK-SD User Guide Part Number 140-00207-150 Revision A Silex Technology America, Inc. CONFIDENTIAL Copyright & Trademark © 2013 Silex Technology America, Inc. All rights reserved. September, 2013 Silex Technology America SPECIFICALLY DISCLAIMS THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS OF THIS PRODUCT FOR A PARTICULAR PURPOSE. Silex shall not be liable for any errors contained in this manual or for any damages resulting from loss of use, data, profits, or any incidental or consequential damages arising from the use of SILEX products or services. The information contained in this documentation is subject to change without notice. Information and descriptions contained herein are the property of Silex. Such information and descriptions may not be copied, disseminated, or distributed without the express written consent of Silex. This publication is subject to change without notice. The software embedded in this SX-6K3-EVK includes the Linux operating system. Linux and certain other software programs used in the SX-6K3-EVK are licensed under GNU GPL compatible Free Software Licenses. In compliance with these licenses, you can obtain the relevant source code at no charge by contacting Silex at [email protected]. Silex Technology America, Inc. www.silexamerica.com SX-6K3-EVK-SD User Guide 2 Silex Technology America, Inc. CONFIDENTIAL Table of Contents Copyright & Trademark .................................................................................................................................................
    [Show full text]
  • Vorlage Für Dokumente Bei AI
    OSS Disclosure Document Date: 27-Apr-2018 CM-AI/PJ-CC OSS Licenses used in Suzuki Project Page 1 Table of content 1 Overview ..................................................................................................................... 11 2 OSS Licenses used in the project ................................................................................... 11 3 Package details for OSS Licenses usage ........................................................................ 12 3.1 7 Zip - LZMA SDK ............................................................................................................. 12 3.2 ACL 2.2.51 ...................................................................................................................... 12 3.3 Alsa Libraries 1.0.27.2 ................................................................................................... 12 3.4 AES - Advanced Encryption Standard 1.0 ......................................................................... 12 3.5 Alsa Plugins 1.0.26 ........................................................................................................ 13 3.6 Alsa Utils 1.0.27.2 ......................................................................................................... 13 3.7 APMD 3.2.2 ................................................................................................................... 13 3.8 Atomic_ops .................................................................................................................... 13 3.9 Attr 2.4.46 ...................................................................................................................
    [Show full text]
  • Third Party Software Used in WUSB6100M Version Setup V1.0.0.8 Driver V11.1.0.X
    Third Party Software Used In WUSB6100M Version Setup_v1.0.0.8_Driver_v11.1.0.X April 6, 2018 This document contains the licenses and notices for open source software used in WUSB6100M Setup_v1.0.0.8_Driver_v11.1.0.X. With respect to the free/open source software listed in this document, if you have any questions or wish to receive a copy of the source code to which you are entitled under the applicable free/open source license(s) (such as the GNU Lesser/General Public License) , please contact us at GPL code request. This document may also contain required licenses and notices for third party commercial software used in this product. Contents 1- WLAN Host Driver version v11.1.0.X This Notice.txt file contains certain notices of software components included with the software that Qualcomm Atheros, Inc. (Qualcomm Atheros) is required to provide you. Except where prohibited by the open source license, the content of this notices file is only provided to satisfy Qualcomm Atheros's attribution and notice requirement; your use of these software components together with the Qualcomm Atheros software (Qualcomm Atheros software hereinafter referred to as Software) is subject to the terms of your agreement from Qualcomm Atheros. Compliance with all copyright laws and software license agreements included in the notice section of this file are the responsibility of the user. Except as may be granted by separate express written agreement, this file provides no license to any patents, trademarks, copyrights, or other intellectual property of Qualcomm Incorporated or any of its subsidiaries. Copyright (c) 2016 Qualcomm Atheros, Inc.
    [Show full text]
  • List of Open Source Software Used in ESB-1090
    List of Open Source Software Used in ESB-1090 acl 2.2.52 LGPLv2.1+ & GPLv2+ Utilities for managing POSIX Access Control Lists. http://www.gnu.org/licenses/gpl-2.0.html https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html alsa-lib 1. 1. 3 LGPLv2.1 & GPLv2+ ALSA sound library. http://www.gnu.org/licenses/gpl-2.0.html https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html alsa-utils 1. 1. 0 GPLv2+ ALSA sound utilities. http://www.gnu.org/licenses/gpl-2.0.html android-tools-adbd 4.2.2+git20130218-3ubuntu13 Apache-2.0 & GPL-2.0 & BSD-2-Clause & BSD-3-Clause Different utilities from Android - based on the corresponding ubuntu package http://www.gnu.org/licenses/gpl-2.0.html http://www.apache.org/licenses/LICENSE-2.0 https://opensource.org/licenses/BSD-2-Clause https://opensource.org/licenses/BSD-3-Clause attr 2.4.47 LGPLv2.1+ & GPLv2+ Utilities for manipulating filesystem extended attributes. https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html http://www.gnu.org/licenses/gpl-2.0.html Autoconf 2.69 GPLv3+ Autoconf is an extensible package of M4 macros that produce shell http://www.gnu.org/licenses/gpl-3.0.html automake 1.15 GPLv2+ A makefile generator http://www.gnu.org/licenses/gpl-2.0.html base-files 3.0.14 GPLv2 The base-files package creates the basic system directory structure and provides a small set of key configuration files for the system. http://www.gnu.org/licenses/gpl-2.0.html base-passwd 3.5.29 GPLv2+ The master copies of the user database files (/etc/passwd and /etc/group).
    [Show full text]
  • TS-WIFIBOX Manual
    GETTING STARTED WITH TS-WIFIBOX TINY WIFI-ENABLED BOX APPLICATION KIT OVERVIEW The TS-WIFIBOX Application Kit includes a complete solution for 802.11g WiFi applications. The one-piece setup includes a TS-7400 200Mhz ARM9 SoM engine, a Hammond aluminum enclosure, two aluminum end-plates and an internal 802.11g WiFi card integrated with external antenna. In addition, Linux drivers and software packages are installed to provide an out-of-the-box WiFi solution. On the software side, the TS- WIFIBOX is powered with the Linux OS pre-installed with busybox and all the tools and drivers to make the WiFi module work out-of-the- box. Additional TS-WIFIBOX features include: ✔ Internal TS-7400 SoM engine ✔ Ultra-Fast Bootup Firmware ✔ 200 MHz ARM9 processor with MMU ✔ Internal 802.11g WiFi with external antenna ✔ Industrial quality design, Rugged aluminum enclosure, No moving parts, Industrial power connector will not loosen, Low power, low heat, long life, All components soldered-on ✔ SD Card clamped in socket ✔ 32 MB SDRAM (up to 128 MB optional) ✔ 32 MB NAND Flash ✔ 1 10/100 Ethernet port ✔ 1 USB 2.0 Compatible OHCI ports (12 Mbit/s Max) ✔ Up to 4GB flash via SD Card ✔ WiFi drivers and packages for Linux ✔ Optional On-Board Temperature Sensor ✔ Optional Battery-Backed RTC Notes The TS-WIFIBOX makes use of a TS-7400 computer module. Please, refer to the TS-7400 documentation for further information. POWER ON AND CONNECTION TO THE BOARD The TS-WIFIBOX can be powered either by a 5VDC power supply through a connector in the front panel (LEDs, Ethernet and USB connectors), or by a 8-30VDC power supply through a screw terminal connector in the rear panel (WIFI antenna).
    [Show full text]
  • Wl18x1mod, Wl18x5mod Wilink™ 8 Single-Band Combo Module – Wi-Fi®, Bluetooth ®, and Bluetooth Low Energy (LE)
    WL1801MOD, WL1805MOD, WL1831MOD, WL1835MOD www.ti.com WL1801MOD, WL1805MOD,SWRS152N – WL1831MOD,JUNE 2013 – REVISED WL1835MOD APRIL 2021 SWRS152N – JUNE 2013 – REVISED APRIL 2021 WL18x1MOD, WL18x5MOD WiLink™ 8 Single-Band Combo Module – Wi-Fi®, Bluetooth ®, and Bluetooth Low Energy (LE) 1 Features – Dual-mode Bluetooth and Bluetooth low energy – TI's Bluetooth and Bluetooth low energy • General certified stack – Integrates RF, power amplifiers (PAs), clock, • Key benefits RF switches, filters, passives, and power – Reduces design overhead management – Differentiated use cases by configuring – Quick hardware design with TI module WiLink™ 8 simultaneously in two roles (STA collateral and reference designs and AP) to connect directly with other Wi- – Operating temperature: –20°C to +70°C Fi devices on different RF channel (Wi-Fi – Small form factor: 13.3 × 13.4 × 2 mm networks) – 100-pin MOC package – Best-in-class Wi-Fi with high-performance – FCC, IC, ETSI/CE, and TELEC certified with audio and video streaming reference PCB, dipole, chip, and PIFA antennas applications with up to 1.4× the range versus • Wi-Fi® one antenna – WLAN baseband processor and RF transceiver – Different provisioning methods for in-home support of IEEE Std 802.11b, 802.11g, and devices connectivity to Wi-Fi in one step 802.11n – Lowest Wi-Fi power consumption in connected – 20- and 40-MHz SISO and 20-MHz 2 × 2 MIMO idle (< 800 µA) at 2.4 GHz for high throughput: 80 Mbps (TCP), – Configurable wake on WLAN filters to only 100 Mbps (UDP) wake up the system – 2.4-GHz
    [Show full text]
  • Integration of the Captive Portal Paradigm with the 802.1X Architecture
    Integration of the Captive Portal paradigm with the 802.1X architecture Nuno Marques, Andr´eZ´uquete,Jo~aoPaulo Barraca fnunommarques,andre.zuquete,[email protected] August 28, 2019 Abstract In a scenario where hotspot wireless networks are increasingly being used, and given the amount of sensitive information exchanged on Internet interactions, there is the need to implement security mechanisms that guarantee data confidentiality and integrity in such networks, as well as the authenticity of the hotspot providers. However, many hotspots today use Captive Portals, which rely on au- thentication through Web pages (thus, an application-level authentication approach) instead of a link-layer approach. The consequence of this is that there is no security in the wireless link to the hotspot (it has to be pro- vided at upper protocol layers), and is cumbersome to manage wireless access profiles (we need special applications or browsers' add-ons to do that). This work exposes the weaknesses of the Captive Portals' paradigm, which does not follow a unique nor standard approach, and describes a solution that intends to suppress them, based on the 802.1X architec- ture. This solution uses a new EAP-compliant protocol that is able to integrate an HTTP-based registration or authentication with a Captive Portal within the 802.1X authentication framework. Keywords: Wireless networks, 802.11, hotspots, Captive Portals, link- layer security, 802.1X, EAP, TLS arXiv:1908.09927v1 [cs.NI] 26 Aug 2019 1 Introduction The security of 802.11 (Wi-Fi) wireless networks is defined by several standards, such as 802.11i [28] and 802.11w [29].
    [Show full text]
  • AN1287: RS9116N Wi-Fi Roaming Application Note Version 0.4 10/21/2020
    AN1287: RS9116N Wi-Fi Roaming Application Note Version 0.4 10/21/2020 silabs.com | Building a more connected world. 1 | Page AN1287: RS9116N Wi-Fi Roaming Application Note Version 0.4 Table of Contents 1 Abstract ......................................................................................................................................................................... 3 2 Introduction .................................................................................................................................................................. 4 3 Terminology (Acronyms/Abbreviations) .................................................................................................................... 5 4 Requirements ............................................................................................................................................................... 6 5 Background Scanning ................................................................................................................................................. 7 6 Roaming ........................................................................................................................................................................ 8 7 Configuration Steps Required for Roaming ............................................................................................................... 9 7.1 Configuration Parameters in .config File ...............................................................................................................
    [Show full text]