Vulnerabilities are discovered in the new Wi-Fi security standard 'WPA3'
A standard called “
Dragonblood: Analyzing WPA3's Dragonfly Handshake
Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password
One widely used standard as of 2019 is ' WPA2 ', which is one previous to WPA3. This is called ' KRACK ' which can intercept Wi-Fi traffic without a password Vulnerable It had sexual problems, and WPA3 was trying to fix those problems.
However, in the 'Dragonblood' paper published on April 10, 2019, it was pointed out that WPA3 is vulnerable to two attacks , called downgrade attacks and side channel attacks .
The spread of WPA3 compatible devices has just started, and many devices support WPA2 in case the other party does not support WPA3. A downgrade attack is an attack that uses that, and it is possible to intervene in the connection of the devices corresponding to WPA3 and make it connect by WPA2. If WPA2 can be connected, it will be possible to intercept communication using existing vulnerabilities such as KRACK.
Also, the side channel attack found in WPA3 can be made to use a weak algorithm by encryption of WPA3 equipment. If this weak algorithm is used, part of the network password will be leaked, and repeating this attack will allow an attacker to obtain a complete password.
A website called Dragonblood has been set up for this article, and tools for testing the details and vulnerabilities of articles have been published on this site.
in Security, Posted by log1d_ts