Security researchers discovered new vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices.
According to a press release from the Wi-Fi Alliance, the devices impacted by these security vulnerabilities in the WPA3 Wi-Fi standard “allow collection of side channel information on a device running an attacker’s software, do not properly implement certain cryptographic operations, or use unsuitable cryptographic elements.”
WPA3 uses Wi-Fi Device Provisioning Protocol (DPP) instead of shared passwords to sign up new devices to the network, a protocol which allows users to scan QR codes or NFC tags to log devices onto the wireless network. Additionally, unlike WPA2, all network traffic will be encrypted after connecting to a network which uses WPA3 WiFi Security.
Design Flaw in WPA3 Dragonblood Vulnerability
In this case, Researchers uncovered 2 different design flaw in WPA3 Protocol, and the both vulnerabilities can be abused by the attacker to steal the password in the targetted Wi-Fi network.
1. Downgrade attacks
2. Side-channels leaks
First flaw is the Downgrade attack on WP3 is due to a transition mode that implemented in WPA3 by WiFi Alliance allows a network can simultaneously support both WPA2 and WPA3.
Since the WP3 enabled WiFi Network supports both WP2 and WPA3, by setting up a rogue Access point that only supports WPA2 let an attacker connect using WPA2’s 4-way handshake to perform offline Dictionary Attack.
Researchers said, “Although the client detects the downgrade-to-WPA2 during the 4-way handshake, this is too late. The 4-way handshake messages that were exchanged before the downgrade was detected, provide enough information to launch an offline dictionary attack.”
The second flaw, Side-channels leaks allows attackers to perform Cache-based side channel attack and Time-Based Side channel Attack due to the vulnerabilities in the Dragonfly handshake.
Cache-Based Side-Channel Attack CVE-2019-9494. let attackers run unprivileged code on the victim machine and this attack allows to determine which branch was taken in the first iteration of the password generation algorithm of Dragonfly.
“This information can be abused to perform a password partitioning attack (this is similar to an offline dictionary attack). “
Similarly, time-based side channel Attack CVE-2019-9494 abuse the password encoding algorithm of Dragonfly handshake to perform the same password partitioning attack, which is similar to an offline dictionary attack.
- Dragonslayer: implements attacks against EAP-pwd (to be released shortly).
- Dragondrain: this tool can be used to test to which extend an Access Point is vulnerable to denial-of-service attacks against WPA3’s SAE handshake.
- Dragontime: this is an experimental tool to perform timing attacks against the SAE handshake if MODP group 22, 23, or 24 is used. Note that most WPA3 implementations by default do not enable these groups.
- Dragonforce: this is an experimental tool which takes the information recover from our timing or cache-based attacks, and performs a password partitioning attack. This is similar to a dictionary attack.