A group of researchers and experts who go by the name Dragonblood (MathyVanhoef and Eyal Ronen) have come up with methods of hacking WPA3 protected WiFi passwords by manipulating two sets of vulnerabilities popularly referred to as Dragonblood flaws.
We first go to interact with this team in April after they revealed the weaknesses and faults in WPA3, which can be exploited to recover passwords by corruptingcache-based side-channel leaks or timing.
In June 2018, the WiFi Protected Access 3(WPA3) was launched, which addressed all the security concerns and issues that affect previous versions and provide solutions to these wireless attacks from DEUTH attacks and KRACK attacks.
The standard WPA Wireless security is specially designed to verify all the wireless devices through the use of an advanced Encryption Standard (AES) protocol that establishes a secure platform that cannot be hacked or spied on.
WPA3 replaced its previous predecessor, WPA2, that’s being used by billions of devices worldwide. It executes and provides essential improvements on WI-FI enabled mobile devices and PCs whose sole role is to enhance encryption, configuration, and authentication issues, which might pop up.
The enterprise model has implemented 192-bit encryption for those networks that require an extra layer of protection. Experts fromDragonblood have created dual side-channel attacks, which allows hackers to steal your password info by exploiting the flaws in the protocol system.
The first exploited issue is the tracking of CVE-2019-13377, a time-based channel attack against the WPA3’s Dragonfly handshake if you are using Brainpool curves.
A security advisory published stated that ‘Security recommendations were formulated by WI-FI alliance to cushion against these attacks. The recommendations advocated for the use of Brainpool curves, which were considered safer.’
‘But the use of Brainpool curves provides the introduction of the second class of side-channel leaks, in simpler terms the system is still vulnerable to attacks. The experts highlighted that a new side-channel leak would affect the algorithm of the encoding password of Dragonfly.
The leaks by Brainpool will work against the newer Hostapd version; the hackers may exploit the leaked information to execute other brute-force attacks. The 2nd exploited issue was the CVE-2019-13456, which highlights the information flow leak that emanates from the implementation of EAP-pwd (Extensible Authentication Protocol-Password) in FreeRADIUS.
Experts deduced that ‘Other firmware with Cypress chips can execute only eight iterations which curb the side-channel leaks. However, it only makes the chances of these brute-force attacks just a bit harder, but it will not prevent them from happening.
‘This notion only seeks to embolden our hypothesis that these backward-compatible security countermeasures against these attacks are quite tasking and costly for light and medium devices.
The finding of the WI-FI alliance addressed the underlying security measures with the new update, but its security solutions and mitigations will not work with previous versions of WPA3.