A secure WiFi network above all requires that devices that you allow it to connect to and that no outsiders can eavesdrop on it. The basic security is the password and transmission encryption. However, even the latest generation of security has vulnerabilities.
WPA (WiFi Protected Access) is a standard that provides secure login to WiFi and traffic encryption. After authentication, AES encryption is used. Recently, a new generation of WiFi network security – WPA3 has been introduced. It is resistant to popular attacks, including more advanced versions of KRACK. WPA3 also uses a safer connection greeting (SAE Dragonfly), making it resistant to offline dictionary attacks. Unfortunately, this is also a disadvantage of WPA3.
More loopholes in WPA3 disclosed
In April, Mathy Vanhoef and Eyal Ronen found a series of vulnerabilities in WPA3, known under the collective name Dragonblood. The WiFi Alliance patched this vulnerability, but did so without consulting specialists, and did so inaccurately. The same team has just presented new attacks on WPA3.
The patch released by the WiFi Alliance protects against some methods, but opens the way for two new attacks. Therefore, cyber criminals can still steal your WiFi network password, even if you are using the latest generation of security.
Time and cryptography of elliptic curves
The vulnerability was cataloged under the grateful number CVE-2019-13377. It is considered part of Dragonblood and its goal is the Dragonfly handshake. Time counts in this attack. “The new vulnerability is located in the Dragonfly password encoding algorithm. […] We have confirmed the leak of information in practice in the latest version of Hostapd and we are able to crack the password using the information obtained, “wrote the vulnerability researchers.
The second vulnerability, designated CVE-2019-13456, targets the FreeRADIUS authorization – the most popular implementation of the centralized authorization server, often used by companies. An attacker can initiate a connection through which to extract information. On their basis, they can conduct a dictionary attack or simply guess the password. This vulnerability also results from the use of Dragonfly.
Analysts have noticed that implementing Dragonfly and WPA3 greetings so that encryption information does not leak is surprisingly difficult. In turn, methods to prevent these attacks are too expensive to implement on weak devices.
The WiFi Alliance has been notified of the vulnerability before and is already working on new protection methods. We can forget about backward compatibility. Patching these vulnerabilities will require solutions that will not work with the initial version of WPA3. Another standard will probably be created.
These problems could have been avoided if the WiFi Alliance did not work behind closed doors patching vulnerabilities found in April.
Hello my name is Karl, I’m from Germany 🙂 you will find here alot of information about cryptocurrencies, especially bitcoin, some information about software for windows, reviews about social media and other usefull stuff ! 🙂 hope you will like that.