How to hide Network Name (SSID) when running WICED as SoftAP?

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
ShawnA_01
Employee
Employee
10 questions asked 5 comments on KBA First comment on KBA

There are several code snippets within the SDK to demo the soft-access point feature (e.g. aptsa, udp_receive, udp_transmit).  One crude form of WiFi network security (security through obscurity) is called "network cloaking".  When cloaked, the 32-byte SSID information is not broadcast by the SoftAP in its beacon frames.

Question:  What code changes do I make to hide the Service Set IDentification (SSID) information and thus become cloaked?

Solution:   Modify the IOVAR called "closednet" as follows:

data = (uint32_t*) wiced_get_iovar_buffer( &buffer, (uint16_t) 4, "closednet" );

data[0] = (uint32_t) 1;

retval = wiced_send_iovar( SDPCM_SET, buffer, 0, SDPCM_AP_INTERFACE );

You can execute this after the soft AP is brought up or you can modify wiced_wifi_start_ap() to do it before the AP is brought up.

You cannot execute this before the start of wiced_wifi_start_ap() as the AP interface has not yet been created.

Note: Network cloaking by hiding the SSID is a fairly weak form of security because the SSID still gets sent in plain-text form by the station (STA) during an association request.  It is trivial to reveal it with a packet sniffer operating in promiscuous mode.

0 Likes
1 Solution
ShawnA_01
Employee
Employee
10 questions asked 5 comments on KBA First comment on KBA

This forum posting was informational in nature as it had the question and the answer included in the original posting.  I am adding a 'dummy' reply to it so that we can mark it as answered in the database.

View solution in original post

2 Replies
ShawnA_01
Employee
Employee
10 questions asked 5 comments on KBA First comment on KBA

This forum posting was informational in nature as it had the question and the answer included in the original posting.  I am adding a 'dummy' reply to it so that we can mark it as answered in the database.

Anonymous
Not applicable

There is also a compile time option that disables SSID broadcasting for the soft AP by globally defining WICED_DISABLE_SSID_BROADCAST in your project makefile or wiced_defaults.h