Home » News » Researchers found vulnerabilities in WPA3 protocol that allow obtaining Wi-Fi passwords

Researchers found vulnerabilities in WPA3 protocol that allow obtaining Wi-Fi passwords

Though Wi-Fi Protected Access III (WPA3) standard released less than a year ago, researchers found significant vulnerabilities in a standard that enable Wi-Fi extraction and network access.

WPA3 was created to improve flaws in WPA2 protocol that for a long time was considered unsafe and vulnerable to Key Reinstallation Attack (KRACK).

Despite WPA3 protocol relies on safer handshake SAE (Simultaneous Authentication of Equals), also known as a Dragonfly, that aims networks protection from autonomous vocabulary attacks, Mathy Vanhoef and Eyal Ronen discovered several disadvantages in the WPA3-Personal design of early realization that allow Wi-Fi passwords restoration through timing-attacks and attacks on cash.

“In particular, attackers can read information that is considered to be fully protected. They can use it for taking advantages of personal data as credit card numbers, passwords, chat messages, emails etc.,” – explained experts.

Specialists localized five problems that got a common name DragonBlood. In the report Vanhoef and Ronen described two main design issues, one of the leads to downgrade attacks and second – to cash leaks.

As WPA3 is not so wide spread, for protection of earlier devices WPA3 suggest “transitional working mode” that enables both WPA3 and WPA2 connection. However, this mode is vulnerable to downgrade attacks that can use intruders for creation of malware access point that would support WPA2 only and that would force devices with WPA3 to connect with the unsafe quadrilateral handshake WPA2. Moreover, Dragonfly handshake is vulnerable to attacks.

As noted, for realization of downgrade attacks intruders have to know only SSID of WPA3-SAE network.

READ  APT group MuddyWater expanded its arsenal and uses new attack vectors

Researches also described series of attacks on the base of synchronization (CVE-2019-9494) and attacks on cash (CVE-2019-9494) that enable obtaining Wi-Fi access and DoS-attack, the latter can be realized by initiation of great number of handshakes with WPA3 point.

Experts have already informed Wi-Fi Alliance about their discovery. Organization acknowledged issues and together with vendors are addressing this issues. Researchers posted four instruments for vulnerability checks as Dragonforce, Dragonslayer, Dragondrain and Dragontime on GitHub website.

Wi-Fi Alliance (WECA) is non-governmental organization that certifies and releases Wi-Fi equipment and has rights on Wi-Fi brand. Alliance consists of 36 companies as Apple, Microsoft, Qualcom and others.

Source: https://www.zdnet.com/article/dragonblood-vulnerabilities-disclosed-in-wifi-wpa3-standard/

[Total: 1    Average: 5/5]

About Trojan Killer

Carry Trojan Killer Portable on your memory stick. Be sure that you’re able to help your PC resist any cyber threats wherever you go.

Check Also

Exim server under attack

Millions of unpatched Exim mail servers are now under active attack

Cybercriminals are now actively attacking mail servers that use Exim for their work to exploit …

Researchers taught Rowhammer to steal data

A team of researchers from the United States, Australia and Austria developed a new version …

Leave a Reply