wifi authentication with embedded systems

[Silenus]

So this is more a question to the programmers/embedded systems people out there. Say I want to create a device which gathers data and then sends the data to the web via wifi with the household's wifi network. All well and good if you know the SSID and passcode and put it in code but how would you create a device which could be brought into anyone's wifi network at home and connect? What sort of solutions are there to create a way for the device to authenticate with the wifi network if it has no prior knowledge of the network? For arguments sake, say the device is a temperature sensor hooked up to a MCU with a wifi module.

[vargoal]

Most modern routers have a button on them that will send the devices security info to the computer/device that wants to connect. This is one avenue I would recommend, here is an overview of what WPS is.
http://kb.linksys.com/Linksys/GetArticle.aspx?docid=e48d3bae2e7442feb53b412234d3d41f_17336.xml

[vargoal]

WPS is built into Windows 7 and newer. You can also look at this link, goto connect to network and look for press button.
http://windows.microsoft.com/en-gb/windows/set-up-wireless-router#set-up-wireless-router=windows-8

[Maxlor]

Odd that I should mention the Electric Imp twice in a night... anyway, the imp uses a photo sensor and phone app. You enter the credentials in that app, then press transmit and hold the screen against the photo sensor. The app transmits the wifi credentials by flashing the phone's screen.

[vargoal]

That sounds cool, also it would be easier to program. Nice find Maxlor!

[Silenus]

Thanks guys, they do seem like pretty decent solutions. I was thinking more in terms of if a company decided to design and produce a million said devices that have to do this without the user having to have too much know-how. I imagine they would want to make it quick and easy to set up. Perhaps plugging the device via usb and having a neat application where they enter network details which are then 'coded' somehow into the device?

[vargoal]

Well if your going that route you could use visual basic to make a serial interface with your project and then send it the info to connect. Here is a link talking about arduino and visual studio serial comms. http://forum.arduino.cc/index.php?topic=40459.0

[vargoal]

Also I am curious about what your project is, any more details you can provide?

[hpux735]

Look into how withings does it. Their scales have a usb port in the battery compartment. They have a simple app on the pc and Mac that transfers the credentials.

[MadScientist]

The issues with push to connect have set back wps so I find it's not common

A lot of systems are now doing network setup by first making the device into a softAP, which has an either an internal web server or smartphone app that sends the wifi credentials across. The device then reboots onto the protected network.

It's true the credentials are exposed for a brief period., but this is not dissimilar to wps

[LukeW]

http://processors.wiki.ti.com/index.php/CC3000_Smart_Config

If you look at TI's CC3xx WiFi silicon for example, they have a protocol for this kind of setup and provisioning, using an ad-hoc network to your smartphone.

They provide reference iOS and Android apps, or you can write your own custom one.

[hamdi.tn]

if i understand right, basically you asking if an equipment can connect to a WLAN without knowing the access code ...  i find that unrealistic because it will be such a security failure, if such option exist anyone can access to any network. I didn't really work with Wifi module, but in a project i tried to learn about microchip wifi solutions so out of the box, your product need to act as an access point with an embedded server , you can connect to the thing with your labtop or phone it will show any wifi network available, you select it , configure it , and then the same wifi module will act as a client and connect to the chosen network.

[lgbeno]

I find the electric imp method to be pretty easy to use.  It does require a smart phone but most people have them at this point.  I would highly recommend giving it a try.  I wrote a blog tutorial on your wifi temp sense example https://community.electricimp.com/blog/iot-temperature-and-humidity-sensor-made-easy-with-electric-imp/

[Jeroen3]

http://processors.wiki.ti.com/index.php/CC3000_Smart_Config

If you look at TI's CC3xx WiFi silicon for example, they have a protocol for this kind of setup and provisioning, using an ad-hoc network to your smartphone.

They provide reference iOS and Android apps, or you can write your own custom one.

In short, they are using morse code with wifi package lengths. Which works great.
See how the Spark Core uses this.

[ctz]

In short, they are using morse code with wifi package lengths. Which works great.
See how the Spark Core uses this.

Hm, from what I heard of this they actually set up an ad-hoc network with ssid "fixedstring:originalssid:password" or something like that. Which obviously broadcasts your security information in plaintext for a time. Is there documentation as to what they actually do?

[Howardlong]

There is an article here about it http://www.ti.com/lit/wp/swry011/swry011.pdf

While the ideas seem good, the implementation in practice isn't very end-user friendly IMHO. For example, the sniffing only works on 2.4GHz, so your end user will need to be reasonably tech savvy to make all the options work, and realise that if they run the provisioning app over a 5GHz channel (knowingly or otherwise) it won't work.

The way I am doing it presently is to allow provisioning config from USB or as an AP (the older CC3000 didn't support AP mode).

I ported the SimpleLink API for the CC3100 to NXP LPC43xx a few months ago, that was fairly painless, but not troublefree, I spent quite a bit of time with an SPI sniffer determining where things were changing from a known working TI implementation. Much of it is undocumented (publicly) under the hood. This has frustrated development in many ways, especially when trying to get my own board working.

Recently they released source code for the mobile apps, I haven't looked at that yet.

[Jeroen3]

Hm, from what I heard of this they actually set up an ad-hoc network with ssid "fixedstring:originalssid:password" or something like that. Which obviously broadcasts your security information in plaintext for a time. Is there documentation as to what they actually do?

That won't work on an iPhone. No app can modify WiFi settings. Safety first, right?