Home>Blog>The Hacker News Headlines>Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password
The Hacker News Headlines

Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password

hack wifi password wpa3

It has been close to just one year since the launch of
next-generation Wi-Fi security
standard WPA3[1]
and researchers have unveiled several serious vulnerabilities in
the wireless security protocol that could allow attackers to
recover the password of the Wi-Fi network.

WPA, or Wi-Fi Protected Access, is a standard designed to
authenticate wireless devices using the Advanced Encryption
Standard (AES) protocol and is intended to prevent hackers from
eavesdropping on your wireless data.

The Wi-Fi Protected Access III (WPA3) protocol was launched in
an attempt to address technical shortcomings of the WPA2 protocol
from the ground, which has long been considered to be
insecure and found vulnerable to KRACK (Key
Reinstallation Attack).
[2][3]

Though WPA3[4] relies on a more secure
handshake, known as Dragonfly, that aims to protect Wi-Fi
networks against offline dictionary attacks, security researchers
Mathy Vanhoef and Eyal Ronen found weaknesses in the early
implementation of WPA3-Personal, allowing an attacker to recover
WiFi passwords by abusing timing or cache-based side-channel leaks.

“Concretely, attackers can then read information that WPA3 was
assumed to safely encrypt. This can be abused to steal sensitive
transmitted information such as credit card numbers, passwords,
chat messages, emails, and so on,” the researchers say.

Vulnerabilities in WPA3 — Cracking WiFi Password

In a research paper, dubbed DragonBlood, published today,
researchers detailed two types of design flaws in WPA3—first leads
to downgrade attacks and second to side-channel leaks.

Also Read: How to Hack WiFi
Password Easily Using New Attack On WPA/WPA2[5].

Since the 15-year-old WPA2 protocol has been widely used by
billions of devices and considering that widespread adoption of
WPA3 won’t happen overnight, WPA3 Certified devices offer a
“transitional mode of operation” to maintain interoperability with
WPA2.

Researchers find that the transitional mode is vulnerable to
downgrade attacks, which attackers can abuse to set up a rogue AP
that only supports WPA2, forcing WPA3-supported devices to connect
using insecure WPA2’s 4-way handshake.

“We also discovered a downgrade attack against SAE [Simultaneous
Authentication of Equals handshake, commonly known as Dragonfly] itself, where we can force a device into using a weaker elliptic
curve than it normally would use,” the researchers say.

Researchers also detail two side-channel attacks—Cache-based
(CVE-2019-9494) and Timing-based (CVE-2019-9494)
attacks—against Dragonfly’s password encoding method that could
allow attackers to perform a password partitioning attack, similar
to an offline dictionary attack, to obtain Wi-Fi password.
Besides these, the duo also documented a Denial of Service attack
that can be launched by overloading an “AP by initiating a large
amount of handshakes with a WPA3-enabled Access Point.”

Some of these vulnerabilities also affect devices using the
EAP-pwd (Extensible Authentication Protocol-Password) protocol,
which is also based on the Dragonfly password-authenticated key
exchange method.

As a proof-of-concept, researchers have also released four
separate scripts that can be used to test the above-mentioned
vulnerabilities.

“Nearly all of our attacks are against SAE’s password encoding
method, i.e., against its hash-to-group and hash-to-curve
algorithm. Interestingly, a simple change to this algorithm would
have prevented most of our attacks,” the researchers say.

The duo reported their findings to the WiFi Alliance, the
non-profit organization that certifies WiFi standards and Wi-Fi
products for conformity, who acknowledged the issues and are
working with vendors to patch existing WPA3-certified devices.

“The software updates do not require any changes that affect
interoperability between Wi-Fi devices. Users can refer to their
device vendors’ websites for more information,” the WiFi Alliance
says in its press release.

“The software updates do not require any changes that affect
interoperability between Wi-Fi devices. Users can expect all their
Wi-Fi devices, whether patched or unpatched, to continue working
well together.”

[6]

You can read more information about these vulnerabilities on the
DragonBlood[7] dedicated website, and
the research paper [PDF[8]], which also explains
how minor changes to the protocol could prevent most of the attacks
detailed by the researchers.

References

  1. ^
    Wi-Fi security standard WPA3
    (thehackernews.com)
  2. ^
    considered to be insecure
    (thehackernews.com)
  3. ^
    KRACK
    (thehackernews.com)
  4. ^
    WPA3
    (thehackernews.com)
  5. ^
    How to Hack WiFi Password Easily Using
    New Attack On WPA/WPA2     (thehackernews.com)
  6. ^
    press release
    (www.wi-fi.org)
  7. ^
    DragonBlood
    (wpa3.mathyvanhoef.com)
  8. ^
    PDF
    (papers.mathyvanhoef.com)

Read more

Leave a Reply

Powered By Anakyst UK Work done easy Discover Great Places People Websites in Nigeria. Be Discovered and Discover Great Places People Products & Websites in Nigeria. Tell us what you need to advertise online onradio ontv and where you want to advertise and discover talented publishers and advertisers within minutes for just a fraction of the cost!JobScout | Developed By Rara Theme. Powered by WordPress.