The next generation of Wi-Fi security – WPA3 – was launched in the summer of 2018, which promised to be the most secure form of Wi-Fi with the vulnerabilities of WPA2 eliminated.
However, WPA3 was found to not be as secure as was initially thought. In total, five methods have been identified that allow the WPA3 standard to be hacked to obtain WiFi passwords.
The hacking methods were uncovered by Mathy Vanhoef of New York University Abu Dhabi and Eyal Ronen at Tel Aviv University.
WPA2 had vulnerabilities in the handshake system which is used to authenticate a user who is attempting to connect to a Wi-Fi access point. The vulnerabilities were discovered by Mathy Vanhoef who described the attack method as a Key Reinstallation Attack or KRACK for short.
WPA3 was thought to have corrected the problem, but five vulnerabilities were discovered. Two are downgrade attacks which cause networks to revert to older, insecure password exchange systems, and two are side-channel leaks which trick devices into using weak algorithms which leak information about the network password. All four of these attack methods exploit the Simultaneous Authentication of Equals (SAE) handshake – The Dragonfly key exchange – which replaced the vulnerable Pre-Shared Key (PSK) used in WPA2. The fifth flaw is could be exploited in a denial of service attack.
The vulnerabilities have been named Dragonblood and, according to the researchers, are relatively easy and to perform and require approximately $125 of Amazon EC2 instances to conduct the attacks.
The researchers also note that the Dragonblood vulnerabilities are also present in the Extensible Authentication Protocol (EAP-pwd) which is supported by both WPA and WPA2.
The Wi-Fi Alliance has responded to the announcement by claiming the vulnerabilities only exist in early implementations of WPA3 and affect a small number of device manufacturers. Those manufacturers are currently in the process of patching the software used by their devices to correct the flaws. The Wi-Fi Alliance said that to date there have been no reports received of the WPA3 vulnerabilities actually being exploited.
“These issues can all be mitigated through software updates without any impact on devices’ ability to work well together,” said the WiFi Alliance in a recent press release. The software updates will need to be applied by device manufacturers through firmware updates.