The new protocol for the protection of Wi-Fi networks announced by the Wi-Fi Alliance in January 2018. WPA3, what is expected be widely deployed before the end of this year.
This is built on the core components of WPA2 and will bring additional features to simplify Wi-Fi security setup for users and service providers, while enhancing security protections.
These included four new features for personal Wi-Fi networks.
According to the Wi-Fi Alliance, two of these features will offer robust protection even when users choose passwords that do not meet common complexity recommendations.
In other words, WPA3 could make public Wi-Fi networks more secure, making it difficult for a person on an open network to intercept data sent by other devices on the same network.
But a new report published by two researchers from New York University and Tel Aviv University, seem to say otherwiseas in some of the security methods used in the new protocol by highlighting some of the problems associated with them.
WPA3 is not yet implemented and is already buggy
Your analysis, described The article focuses on the SAE Handshake WPA3 protocol. This analysis showed that WPA3 is affected by various design flaws and more particularly, it would be vulnerable to "password partition attacks".
However, one of the very important changes introduced by the WPA3 protocol is the SAE (Concurrent Peer Authentication) authentication mechanism.
This is a mechanism that places more emphasis on authentication, a sensitive period during which surveillance of the security system must be operational to distinguish between normal connections and intrusions.
This new, more robust mechanism replaces the PSK (Pre-Shared Key) method in force since the release of WPA2 in 2004.
This last method was discovered by the KRACK technique. SAE resists these attacks, as well as dictionary attacks used in cryptanalysis to find a password, according to IEEE Spectrum.
In other words, according to the report of these two researchers from New York University Mathy Vanhoef, WPA3 certification aims to secure Wi-Fi networks and it offers several advantages over its predecessor WPA2, such as protection against offline dictionary attacks.
However, according to Vanhoef and Ronen, WPA3 has serious flaws, especially in terms of the mechanism SAE authentication, also known as Dragonfly.
According to them, Dragonfly would be affected by attacks called "Password partition attacks".
They explain that these attacks look like dictionary attacks and allow an opponent to retrieve the password by abusing side or secondary channel leaks.
In addition to this, they presented a complete and self-contained description of WPA3 and believe that SAE's anti-congestion mechanisms do not prevent denial of service attacks.
How do employee attacks work?
En particular, by overusing the overhead of SAE Handshake defenses against previously known secondary channels, a device with limited resources can overload an access point's processor professional.
In addition, they carried out a large number of attacks on the various mechanisms that make up the WPA3 protocol, such as a dictionary attack against WPA3 when operating in transition mode, a cache-based microarchitecture side attack against SAE Handshake, and took the opportunity to show how the recovered time can be used and the cache information to carry out an offline “password partition attacks”.
This allows an attacker to recover the password used by the victim.
Finally, they explain having studied the feasibility of timed attacks against the WPA3 SAE handshake.
According to them, this confirms that sync attacks are possible and that the password information is lost. The report details these various attacks of Vanhoef and Ronen and proposes solution approaches to make the standard more secure.
According to their conclusion, WPA3 lacks the security required to be considered as a modern security standard and will need to be further developed before it is widely adopted.