Ruckus Wireless designs an open Wi-Fi hotspot with a secure connection

Wi-Fi is everywhere and more often than not it’s free for the taking. Pretty much everyone but airlines and fancy hotels are opening their networks to all comers. The only problem is that open networks are, well, wide open. They’re unencrypted and insecure, exposing users to a world of electronic eavesdroppers and attacks.

Hotspot maker Ruckus Wireless(s rkus), however, has developed a kind of ad-hoc security system for open hotspots, which it plans to release next week with the next version of its access point management software. Called Open Secure Hotspot, the technology automatically generates encryption keys for any user who logs into an open Ruckus hotspot, granting them a secure connection within moments, Ruckus VP of marketing David Callisch told GigaOM.

Ruckus started out as a supplier of IPTV wireless streaming nodes and enterprise wireless LANs, over which security measures were much easier to enforce. But as Ruckus’s public access network business grew it found itself supplying more Wi-Fi gear that enterprises and service providers simply wanted open to the public, Callisch said. Those customers didn’t want their open networks turning into playgrounds for Firesheep, man-in-the-middle attackers and other internet nasties, Callisch said, so they pressed Ruckus to develop a secure form of open Wi-Fi.

Ruckus DPSK Open Secure Hotspot

The rather confusing diagram above details how the security software works, but here’s what it boils down to: Anytime an unknown user connects to an upgraded Ruckus hotspot he or she will receive the option of establishing a secure connection to the network. If the user opts in, Ruckus’s network gateway will generate what Ruckus is calling a dynamic pre-shared key, randomly generated for each device. Users can either input the key by launching an executable file sent by the gateway, or they can manually enter the key into their Wi-Fi settings.

It may not seem like the most elegant way of getting online in a hotel lobby or public square, but Callisch but it’s still a relatively simple process, and it beats the alternative – surfing the internet over a naked connection or installing virtual private network (VPN) software on the fly.