WPA3’s SAE handshake includes several design flaws
WPA3 was unveiled in early 2018, 14 years after WPA2
The affected devices are said to be already receiving patches
Wi-Fi Protected Access 3 (WPA3), the next generation wireless security protocol, is affected by several design flaws that make it vulnerable to attacks, researchers have claimed. Released in early 2018, over a decade after WPA2, the WPA3 was touted to be packing several security enhancements but the new revelations show that the security protocol is hardly invulnerable to password partitioning attacks. Wi-Fi Alliance, the industry body that oversees the wireless security protocols and security certification programs, has acknowledged the existence of these vulnerabilities and it says that the device manufacturers have already started releases patches for the problem.
According to a research paper published by Mathy Vanhoef of New York University, Abu Dhabi, and Eyal Ronen of Tel Aviv University, the WPA3’s Simultaneous Authentication of Equals (SAE) handshake, commonly known as Dragonfly, is vulnerable to password partitioning attacks, which can be used to recover the password to a Wi-Fi network. The SAE handshake was introduced in WPA3 for the home networks to prevent dictionary attacks but it has been found having both timing and cache-based side-channel vulnerabilities in its password encoding method.
These vulnerabilities, referred to as Dragonblood, allowed the researchers to successfully guess the passwords of wireless networks protected with WPA3 security. The researchers blame the lack of transparency in the creation of the WPA3 standard for these vulnerabilities. To recall, Vanhoef was also credited with finding the KRACK security flaw. WPA2 security was found to be vulnerable to KRACK attacks in October 2017. Major operating system makers like Microsoft, Apple, and Google soon after developed patches for their systems. Notably, KRACK bug was one of reasons why WPA3 was developed.
“In light of our presented attacks, we believe that WPA3 does not meet the standards of a modern security protocol. Moreover, we believe that our attacks could have been avoided if the Wi-Fi Alliance created the WPA3 certification in a more open manner,” Mathy Vanhoef of New York University, Abu Dhabi, and Eyal Ronen of Tel Aviv University and KU Leuven stated in the research paper.
Following the publication of the research paper, the Wi-Fi Alliance came out and accepted the findings. It also noted that affected device manufacturers are already releasing patches for the same.
“Recently published research identified vulnerabilities in a limited number of early implementations of WPA3-Personal, where those devices allow collection of side channel information on a device running an attacker’s software, do not properly implement certain cryptographic operations, or use unsuitable cryptographic elements,” Wi-Fi Alliance said in a statement. “WPA3-Personal is in the early stages of deployment, and the small number of device manufacturers that are affected have already started deploying patches to resolve the issues. These issues can all be mitigated through software updates without any impact on devices’ ability to work well together. There is no evidence that these vulnerabilities have been exploited.”