Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dragonblood Vulnerabilities Disclosed in Wi-Fi WPA3 Standard (zdnet.com)

Posted by msmash on from the security-woes dept.

Two security researchers disclosed details this week about a group of vulnerabilities collectively referred to as Dragonblood that impact the Wi-Fi Alliance's recently launched WPA3 Wi-Fi security and authentication standard. From a report: If ever exploited, the vulnerabilities would allow an attacker within the range of a victim's network to recover the Wi-Fi password and infiltrate the target's network. In total, five vulnerabilities are part of the Dragonblood ensemble -- a denial of service attack, two downgrade attacks, and two side-channel information leaks.

While the denial of service attack is somewhat unimportant as it only leads to crashing WPA3-compatible access points, the other four are the ones that can be used to recover user passwords. Both the two downgrade attacks and two side-channel leaks exploit design flaws in the WPA3 standard's Dragonfly key exchange -- the mechanism through which clients authenticate on a WPA3 router or access point. In a downgrade attack, Wi-Fi WPA3-capable networks can be coerced in using an older and more insecure password exchange systems, which can allow attackers to retrieve the network passwords using older flaws.

4 of 46 comments (clear)

  1. Let me guess ... by Anonymous Coward · · Score: 2, Interesting

    Wi-Fi Alliance's recently launched WPA3 Wi-Fi security and authentication standard

    Let me guess ... one of the members insisted on a stupid feature that the marketing department wanted which utterly broke security.

    It seems like as we try to build in new things the time until we find out how flawed the system is keeps dropping.

    All software seems to be shit these days, especially where security is concerned.

  2. No Public Reviews by Anonymous Coward · · Score: 2, Interesting

    This is what happens when you don't open source your crypto, dipshits.

    In other news, all of the problems for secure wireless have basically been solved. How to exchange an ephemeral key, how to encrypt a block of bytes, how to initialize an IV, all of it. Quit trying to implement QUIC or whatever-other Google-sponsored fucking backdoor adware shit Hitachi fucking wants. Do the right thing and be done with this bullshit.

  3. Vulnerabilities in key exchange by sinij · · Score: 3, Interesting

    Someone more familiar with cryptography, could you please explain why WPA3 didn't use known-good key exchange methods implemented and tested in modern protocols and instead appears to chose its own method that was found to be vulnerable?

    1. Re:Vulnerabilities in key exchange by Anonymous Coward · · Score: 2, Interesting

      for the lazy:

      https://www.schneier.com/blog/archives/2018/07/wpa3.html
      https://www.mathyvanhoef.com/2018/06/wpa3-missed-opportunity.html

      basically; not enough mandatory security features allows downgrade attacks.

      this in turn will make a nightmre for security minded admins. fking please, just choose a strong suite and make it all mandatory: ala TLS 1.3
      https://en.wikipedia.org/wiki/Transport_Layer_Security#Key_exchange_or_key_agreement