MAC Address Randomization TestsDate: [2014-10-22]

Authors:Name Affiliation Phone Email

Fabio Giust UC3M fgiust@it.uc3m.esCarlos Jesús Bernardos UC3M cjbc@it.uc3m.esAntonio de la Oliva UC3M aoliva@it.uc3m.esNotice:This document does not represent the agreed view of the IEEE 802 EC Privacy Recommendation SG. It represents only the views of the participants listed in the ‘Authors:’ field above. It is offered as a basis for discussion. It is not binding on the contributor, who reserve the right to add, amend or withdraw material contained herein.

Copyright policy:The contributor is familiar with the IEEE-SA Copyright Policy <http://standards.ieee.org/IPR/copyrightpolicy.html>.

Patent policy:The contributor is familiar with the IEEE-SA Patent Policy and Procedures:<http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and <http://standards.ieee.org/guides/opman/sect6.html#6.3>.

Abstract

The present document introduces the test already performed for MAC randomization and the proceedings to update the IEEE 802 Privacy ECSG Wiki

IEEE 802 Privacy Recommendation Study Group

MAC Address Randomization Tests

Wiki platformhttp://oruga.it.uc3m.es/802-privacy/index.php/Main_Page

Wiki’s Objective

• Collects the tests on MAC randomization tools– Target platform (OS, driver, …)– Type of MAC generated by the tool• Manually set• Random set• Number of changeable bits

– Notes and usage instructions

http://oruga.it.uc3m.es/802-privacy/index.php/Main_Page

Wiki usage• Wiki usage policy– Registered users only can post new content

• Non-registered users can only browse the wiki

– Registrations are moderated by the wiki’s admin• This prevents undesired changes on the pages

Wiki’s Status (i)• Results on

– GNU/Linux (Ubuntu 14.04) platform– Intel wireless card (iwlwifi/iwldvm drivers)

– Apple OSX 10.7.5– Android 4.2.2 Custom (qcom drivers)

• Tested tools– ip (from iproute2 package) (GNU/Linux)– Ifconfig (GNU/Linux)– Macchanger (GNU/Linux)– SpoofMac (Mac OS - GNU/Linux)– Network-Manager (GNU/Linux)– Pry-Fi (Android 4.2+)

Wiki’s Status (ii)

• Summary of the results– ip and ifconfig are the basic GNU/Linux tools importing

libraries for system manipulation (ioctl and netlink)– The others are built on top of ip and ifconfig– In all cases MAC address cannot be changed if the wireless

interface is “up”

– Pry-Fi for Android 4.2+– The new MAC address is not used by the system when actually

transmitting frames (Pry-Fi tool)

– SpoofMac on OSX 10.7.5– Randomizes the lower 24 bits and uses the VMWare OUI– It allows setting the the U/L bit

Wiki’s status (iii)

• Summary of the results (cont’d)– Apple iOS8 apparently contains a feature to randomize

the MAC address• Tests on iPhone 4s, iPhone 5s and iPad Mini v1 do not confirm the

tool usability

– PowerShell script for MS W7 and later• Requires reloading the driver

– wpa_supplicant• The current dev branch snapshot includes experimental support

for randomizing the local MAC address for both pre-association (active scan and GAS/ANQP while not connected) and connected cases