WPA3 Vulnerabilities Persist - ThreatWire Crosspost (Patreon)

By Shannon Morse, ThreatWire 

Way back in April, two security researchers reached out to the WiFi Alliance about a group of vulnerabilities they called Dragonblood, which affect WPA3 by enacting a denial of service attack, two downgrade attacks and two side channel info leaks. WPA3 is the next generation of wireless protocol, which will include better simplicity while also improving upon the cryptography and security of WPA2. But that doesn’t mean it’s without its faults. The Dragonblood vulnerabilities rely on WPA3’s new handshake authentication standard called SAE or simultaneous authentication of equals, dubbed Dragonfly. These same researchers also found the KRACK attack in WPA2, so they’ve had experience when it comes to wireless security research. The WiFi Alliance fixed the the WPA3 Dragonblood flaws via software updates on impacted devices rather quickly, but that wasn’t the end of the story.

The same researchers - Mathy Vanhofe and Eyal Ronen - found two new bugs that also affect WPA3. While the Wifi Alliance did update security recommendations for vendors back in April to secure against Dragonblood, those updates came with their own flaws. These would led attackers leak information from the protocol, and also brute force a Wifi networks password. Yikes.

Bug number one is CVE-2019-13377 which occurs during the handshake between WPA3 devices. Users authenticate using the Dragonfly key exchange, which is simply put an updated, encrypted form of authentication. These use two different kinds of elliptic curves, which are used to randomize the encryption. The first was P-521, which had the Dragonblood vulnerability, so the WiFi Alliance told vendors to use Brainpool elliptic curves instead. Unfortunately Brainpool also has a flaw which allows for side-channel leaks of data that allowed the researchers to brute force the password.

Bug number two is CVE-2019-13456, which impacts the authentication system that was originally used in WPA and WPA2, called EAP-pwd, which stands for Extensible Authentication Protocol. Since this was brought over to WPA3 for legacy usage, it is also included here. This bug allows for an information leak in much the same way but only affect FreeRADIUS supported devices. Again, these could let an attacker grab the WiFi password for an authenticated network.

This update isn’t backwards compatible so any current deployments of WPA3 will likely have to upgrade to WPA3.1 to be secure.

Both of the researchers adamantly criticized the Wifi Alliance for not allowing the open source community to help combat vulnerabilities, keeping any development under a closed standard. This means, with fewer eyes, the standard made it to market with multiple vulnerabilities, when it could have been secured much earlier if a large community was working on it together.

https://www.zdnet.com/article/dragonblood-vulnerabilities-disclosed-in-wifi-wpa3-standard/

https://www.zdnet.com/article/new-dragonblood-vulnerabilities-found-in-wifi-wpa3-standard/

https://thehackernews.com/2019/08/hack-wpa3-wifi-password.html

https://wpa3.mathyvanhoef.com/#new

https://eprint.iacr.org/2019/383.pdf

https://www.youtube.com/shannonmorse --  subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire