openSec

openSec allows businesses to create secure public networks, without the need for users to remember login credentials.

Comment

Inspiration

My objective when brainstorming was to find an idea that had the potential to solve a widespread security issue in technology. I had initially tried to create solutions that would be implemented by the end user. Eventually, I realized that improving the overall security of the networks on which user devices operate could be just as, if not more effective.

What it does

Through the combination of a software and hardware element, openSec allows all local network traffic being sent over WiFi to be encrypted. This nullifies a wide variety of attacks hackers may try to use to access user data. Some well known attacks that are stopped within the local network by openSec are man-in-the-middle and eavesdropping.

How I built it

OpenSec has two components: hardware and software.

The hardware package is a small device that acts as a VPN server. It connects to the existing local network for easy installation.

Each client device will install a lightweight proprietary VPN client app. For users, it is as simple as scanning a QR code, and their device will be connected. The app is small enough that it will install in a matter of seconds.

Challenges I ran into

This project started with the basic idea of: "Hmm... why isn't public/private key encryption be used beetween routers and devices for secure communication. I thought I might be on to something when I realized that the existing network protocols do not support this kind of interaction between routers and clients. I continued trying to find ways to encrypt traffic within a local network in a secure manner. Eventually, I discovered that I could use VPN protocols to accomplish this goal.
My attempts to figure out a user-friendly way of connecting to this secure service also took a while. I had initially hoped that QR codes would be able to call methods from Android and iOS APIs, allowing for the easy (and instant) setup of a VPN client through their respecitive systems. Unfortunately, this method did not seem possible. After a bit more research, I decided that the next best thing would be to have a QR code point to an app that would handle the VPN service.

Accomplishments that I'm proud of

  • In theory, this product works, has a profit model (selling phyisical devices), and solves a glaring issue with tech security. OpenSec could conceivably be put to market today and would infinitely improve the security of public WiFi networks.

What I learned

  • A lot about network protocols, specifically relating to VPNs and secure exchange of information
  • Examples of how attackers may attempt to break into a network

What's next for openSec

  • As I mentioned before, this product could be viable in a market today. An age of "secure internet cafes" could be around the corner.
Share this project:

Updates