Saturday, January 23, 13:47
Home inet WPA3 Dragonblood vulnerability to the new template

WPA3 Dragonblood vulnerability to the new template

WPA3 Dragonblood: A new vulnerability discovered in the WPA3 template was named Dragonblood (because it affects WPA3's Dragonfly handshake), and can be exploited for DoS attacks on a vulnerable access point or, for theft of sensitive data (such as passwords) Wi-Fi.

"Attackers can read information that WPA3 is supposed to protect by encryption. This can be used to steal sensitive information such as credit cards, passwords, chats, emails, etc., if no additional protection is used, such as HTTPS, ”say researchers Mathy Vanhoef and Eyal Ronen.WPA3 Dragonblood

WPA3 Dragonblood Attack Ways

The error allows an attacker to do DoS attacks by overloading an access point that uses the WPA3 standard, causing countless handshakes.

Researchers reported downgrading attacks where an intruder on a vulnerable access point causes the user to connect with 4 handshake points used by the WPA2 standard. So it collects enough information to start an offline dictionary attack. In another attack, the attacker can downgrade the cryptographic group used in the WPA3 Dragonfly handshake, forcing the user and access point to use a weaker encryption.

Cache-based and timing-based side-channel attacks can exploit a weakness in the Dragonfly algorithm, allowing the attacker to execute a password partitioning attack similar to an offline dictionary attack. ) to obtain the Wi-Fi password.

"The resulting attacks are effective and low-cost: full-character bruteforcing and 8-character password length require less than $ 125 in Amazon EC2 cases," the researchers said.

More details about each of the attacks mentioned above can be found at paper (PDF) which they published for WPA3 Dragonblood.

Researchers have not yet published all of the vulnerability details because they also affect EAP-pwd, the authentication protocol supported by WPA and WPA2.

Unfortunately, our attacks against WPA3 also work for EAP-pwd, which means that an attacker can even recover a user's password when using EAP-pwd. In addition, we found serious bugs in most EAP-pwd products that allow the attacker to emulate any user. This way he can access the Wi-Fi network without knowing the user's password.

"Although we believe that EAP-pwd is used quite infrequently, it still poses serious risks to many users and shows the dangers of incorrectly implementing Dragonfly."

Researchers have published tools that can be used to check if an access point is vulnerable to any of the aforementioned attacks, but have refrained from releasing a tool that facilitates attacks against EAP-pwd (though they say they will do so soon).

The researchers revealed their findings to the WiFi Alliance, which issued a statement explaining that the problems identified "affect a limited number of early WPA3-Personal implementations" (one of two WPA3 modes) and can be resolved with a software update. , which users can download from the Wi-Fi device vendor's page.

"WPA3-Personal is in the early stages of development and the small number of affected device manufacturers have already begun developing fixes for the problem. "Software updates do not require changes that affect interoperability between the Wi-Fi device." WiFi Alliance.

______________

LEAVE ANSWER

Please enter your comment!
Please enter your name here

SecNews
SecNewshttps://www.secnews.gr
In a world without fences and walls, who needs Gates and Windows

LIVE NEWS

How can you unblock sites and services using a VPN?

The Internet is free and open to all. However, there are some sites and services whose content is blocked, which ...

Google Chrome: How to manage your extensions?

Google Chrome extensions can be very useful, as they improve your productivity when using the browser.

Intel CPUs Review: Core i7-10700 vs Core i7-10700K!

Over the years, the Intel series of processors (CPUs) introduced the series of overclocking models "K" and more recently the series ...

The DeLorean can return as an electric car

The DMC DeLorean has been out of production for almost 40 years, but it looks like the iconic vehicle will return as an electric car.

Windows RDP servers are used to support DDoS

Cybercrime gangs are abusing Windows Remote Desktop Protocol (RDP) systems to reinforce the unwanted ...

SEPA: He refused to pay a ransom and thousands of files were leaked

Thousands of stolen files of the Scottish Environmental Protection Agency (SEPA) have been published by hackers, after the organization refused to pay the ransom ...

Fines at Valve, Capcom and Zenimax for geo-exclusion of games

Following a European Commission investigation, a group of video game publishers was fined € 7,8 million following allegations of geo-exclusion practices. In...

Bitcoin helps the middle class survive the pandemic

Regulators still imply that Bitcoin is just a tool for criminals, but it seems that for the middle class ...

Lightworks 2021.1 for Linux, Mac and Windows has been released

Lightworks Professional Multi-Platform Video Editing Software received the first major update to Lightworks 2021.1 for Windows, Linux and Mac.

Netflix: Watch the 9 best Anime movies of all time

One of the good things about the pandemic was that many people were introduced to the anime world. And the issue with anime is ...