Last year, after the exploit of the KRACK (Key Reinstallation Attack) which affected nearly every WIFI supported device, the WPA3 released the next WLAN WLAN (Wi-Fi Protected Access 3). WPA3 was introduced to protect the Wi-Fi devices and provide Wi-Fi network authentication and encryption from attacks by brute-force dictionaries.
Although WPA3 uses a "dragonfly" handshake which makes a network password almost impossible for attackers to break out, Mathy Vanhoef (NYUAD), and Eyal Ronen (Tel Aviv University & KU Leuven), two security researchers, have detected new vulnerabilities in the WpA3 Personal Protocol, which allows an attacker who is in the victim's range to access the encrypted network traffic and to re-shape them.
"Attackers can read information, which WPA3 is supposed to encrypt safely. The researchers explained, in their paper, Dragonblood: a Security Analysis for WPA3 SAE Handshake, that the use of sensible transmitted data, such as credit card numbers, passwords, chat messages, e-mails etc, can be abused.
The scientists discovered two different types of WPA3 design faults, in which both faults can be exploited to recover the WiFi Network password. The first type of attacks is downgrade and the second type is side channel leaks, which reveal information concerning the password.
The first failure is the downgrade on WP3 because of a transition mode, which allows the network to support WPA2 and WPA3 simultaneously.
"Our downgrade attack allows an adversary to force a client to execute part of the WPA2 4-way handshake which can later be used to attack partial WPA2 handshake by a traditional brute force. We also found downgrade attacks on the handshake of Dragonfly, which could lead to a malfunction to force a victim to use a lower elliptical curve than normal, "the researchers added.
The second fault of side-channel leaks allows attackers to launch side-channel attacks based on caching and timing due to the Dragonfly handshake vulnerabilities.
"The Dragonfly password encoding method is target of our side channel attacks. The cache attack uses the hash-to-curve algorithm of Dragonfly and our timing-based attack takes advantage of the hashto-group algorithm. In the same way that the information leaked in these attacks could be used to attack with a password that is similar to a dictionary attack. "Similar to dictionary attacks, the side channel attacks are cost-effective and cost-effective. You could brutize all 8-character lowercase passwords requiring less than 40 Amazon EC2 hand-shakes and a value of US$ 125.
In addition, Cache-based Side-Channel Attack CVE-2019-9494 allows attackers to use the victim machine with unprivileged code. It allows attackers to determine the branch of the first password generation iteration. This can then be used to perform a partitioning password attack (similar to an offline dictionary attack).
Similarly, timing-based CVE-2019-9494 side channel attack allows an attacker to attack the password coding algorithm remotely. This lets an attacker determine the number of iterations needed for the password encoding. Recovered information can then be abused to perform an Offline Dictionary Attack-like password partitioning.
The following four different instruments were created by the two researchers to detect the vulnerabilities of Dragonblood found in WPA3:
- Dragonslayer: implements EAP-pwd attacks (so soon to be released).
- Dragondrain: this tool can be used to test how a denial of service attacks against the SAE handshake of WPA3 could extend the access point.
- Timing Attacks against a SAE handshake: this is an experimental tool, if MODP Group 22, 23, or 24 is used. Note that these groups are not enabled by most WPA3 implementations by default.
- Dragonforce: This is an experimental tool that takes the information from our attacks by time or cache, and attacks the password. It's like a dictionary attack.
"Almost all our attacks go wrong with the encoding method of SAE's password, that is, its hash-to-group and hash-to-curve algorithms. Focused, it would have prevented most of our attacks by simply changing that algorithm, "the researchers say.
The duo informed WLAN of their findings and said that all flaws can be addressed by updates on software, a non-profit organization that decides on WLAN standards, which recognizes the flaws. They work with suppliers to repair existing WPA3-certified devices.
"Software updates require no changes that affect Wi-Fi interoperability. For more information, users can visit their device provider websites, "says the Wi-Fi Alliance in its press release.
No comments:
Post a Comment