Home » How to remove » Malicious process » New Dragonblood Vulnerabilities Affect WPA3 and Reveal Wi-Fi Passwords

New Dragonblood Vulnerabilities Affect WPA3 and Reveal Wi-Fi Passwords

In April this year, information security experts Mathy Vanhoef and Eyal Ronen published new DragonBlood vulnerabilities of WPA3. This is information on a set of problems called DragonBlood – “in honor of” the vulnerable Dragonfly, the mechanism by which clients authenticate on devices that support the new WPA3 standard.

Although it was previously thought that this “handshake” mechanism was safe, Wanhof and Ronen have proved that this suggestion was wrong.

Five vulnerabilities have been called DragonBlood, including denial of service, two problems leading to side-channel leaks, and two other problems associated with downgrade connections. As a result, DragonBlood allowed an attacker located in the Wi-Fi access zone to recover the victim’s passwords and penetrate the network.

Now Vanhof and Ronen have released data on two more vulnerabilities that appeared after the representatives of the WiFi Alliance prepared protection from the source bugs. Similarly to April vulnerabilities, these new problems allow attackers to “drain” information about WPA3 cryptographic operations and brute-force passwords from Wi-Fi networks.

“It’s exceptionally hard to implement all parts of WPA3 without introducing side-channel leaks. The best approach to securely implement WPA3 that we encountered so far is the one of Microsoft: only support cryptographic group 19, and follow their techniques to implement the hunting and pecking algorithm”, — report researchers.

The first vulnerability received the identifier CVE-2019-13377 and affects the WPA3 Dragonfly handshake mechanism with using Brainpool curves. The fact is that in April, experts found that key exchange based on elliptic curves of P-521 can be reduced to a weaker P-256.

READ  On GitHub published a detailed analysis of BlueKeep vulnerability that simplifies creation of exploits

As a result, the WiFi Alliance recommended suppliers to use more reliable Brainpool curves instead. However, now experts write that this change only created a new opportunity for side-channel attacks and allows cracking passwords using the leak.

“Even if the advice of the Wi-Fi Alliance is followed, implementations remain at risk of attacks. This demonstrates that implementing Dragonfly and WPA3 without side-channel leaks is surprisingly hard. It also, once again, shows that privately creating security recommendations and standards is at best irresponsible and at worst inept”, — consider Vanhoef and Ronen.

The second vulnerability has the identifier CVE-2019-13456 and is associated with the implementation of EAP-pwd in the FreeRADIUS framework, which is used by many vendors. As in the previous vulnerability, the EAP-pwd authentication process on some devices with FreeRADIUS support leads to information leakage, which allows attackers to recover passwords.

Experts have already announced their findings to the WiFi Alliance and are now reporting that fixing new issues could lead to the release of WPA3.1. It is noted that the new security features are incompatible with WPA3, but will protect from majority of the attacks developed by Wanhof and Ronen.

[Total: 0    Average: 0/5]

About Trojan Killer

Carry Trojan Killer Portable on your memory stick. Be sure that you’re able to help your PC resist any cyber threats wherever you go.

Check Also

Adwind attacks energy sector

RAT Trojan Adwind attacks US energy sector

Unknown attackers targeted infrastructure of the US electricity industry. With the help of malicious emails, …

Trojan Bolik masks under NordVPN

Bank Bolik Trojan masks itself under NordVPN

Doctor Web experts warned that attackers use copies of popular services sites to distribute Bolik …

Leave a Reply