‘Devastating' Dragonblood flaws discovered in WPA3 protocol

Researchers say these attacks could've been avoided if the Wi-Fi Alliance was more open when creating WPA3

A blood-red dragonfly to depict the WPA3 protocol vulnerabilities

The recently-launched WPA3 standard for Wi-Fi networks has a number of exploitable flaws that could allow an attacker to recover network passwords and steal information.

Researchers have outlined five "efficient and low cost" attacks that can be exploited to recover Wi-Fi network passwords, launch resource consumption attacks or force devices into using weaker security settings.

Despite safeguards in WPA3 to prevent brute force attacks, an attacker could still recover network passwords if they are within range and at little cost, according to two security researchers Mathy Vanhoef and Eyal Ronen in their academic paper. They have also launched a site dedicated to these vulnerabilities.

The Wi-Fi Alliance launched the Wi-Fi Protected Access 3 certification, or WPA3, in June 2018 as a means of protecting a wider range of devices against hacks, while making it easier for end-users to implement new technology.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Given the WPA2 standard has been in force since 2004, the need for a next-gen iteration was long overdue. The new standard has since been adopted by a host of companies including Intel Qualcomm, Huawei and Cisco.

The researchers prescribed a handful of these vulnerabilities 'Dragonblood' in light of the added security that WPA3 offers - commonly known as the Dragonfly handshake. This Simultaneous Authentication of Equals (SAE) handshake is supposed to protect users by making password cracking near-impossible.

Another WPA3 attack category dubbed a Downgrade Attack specifically targets a backward compatibility mechanism in which a Wi-Fi network supports the usage of both WPA3 and WPA2 with an identical password.

An attacker, in this context, can create a rogue network and force clients that support WPA3 into connecting to WPA2, which is far more easily breached than the next-gen standard.

"WPA3-Personal is in the early stages of deployment, and the small number of device manufacturers that are affected have already started deploying patches to resolve the issues," the Wi-Fi Alliance said in a statement.

"These issues can all be mitigated through software updates without any impact on devices' ability to work well together. There is no evidence that these vulnerabilities have been exploited.

Advertisement - Article continues below

"As with any technology, robust security research that pre-emptively identifies potential vulnerabilities is critical to maintaining strong protections."

The flaws that factor into the Dragonblood category include a security group downgrade attack, a timing-based side-channel attack, a cache-based side-channel attack and a denial of service attack.

The side-channel attacks, alarmingly, can be executed by brute-forcing all 8-character lowercase passwords using as little as $125 of virtual server space, the researchers added.

Despite these flaws, they added, WPA3 still poses a better means to protect users from attacks against WPA2. They did, however, criticise the Wi-Fi Alliance for the way in which it developed the new standard.

Advertisement
Advertisement - Article continues below

"We believe that WPA3 does not meet the standards of a modern security protocol," the researchers said. "Moreover, we believe that our attacks could have been avoided if the Wi-Fi Alliance created the WPA3 certification in a more open manner.

"Notable is also that nearly all of our attacks are against SAE's password encoding method, i.e., against its hash-to-group and hash-to-curve algorithm. Interestingly, a simple change to this algorithm would have prevented most of our attacks."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/business-strategy/public-sector/354608/uk-gov-launches-ps300000-sen-edtech-initiative
public sector

UK gov launches £300,000 SEN EdTech initiative

22 Jan 2020
Visit/hardware/354584/windows-10-and-the-tools-for-agile-working
Sponsored

Windows 10 and the tools for agile working

20 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020