The same security researchers that disclosed the initial five WPA3 vulnerabilities (referred to as Dragonblood) earlier this year in April, have recently disclosed two additional WPA3 vulnerabilities. Just like the initial five Dragonblood vulnerabilities, these two new ones allow attackers to either downgrade or bypass WPA3 encryption protected networks via brute force password cracking. As the researchers previously stated, using readily available cloud-based Graphical Processing Unit (GPU) services to brute force using even the largest known dictionaries costs less than $1 USD making the practical impact of these attacks quite dangerous.
The Handshake
Historically, hackers have been capturing WPA2 handshake (known as the four-way-handshake) messages out of the air and using that information to brute force crack Wi-Fi passwords to gain access to encrypted Wi-Fi networks, eavesdropping and intercepting credit card data, personal information, emails, social media accounts, and more. In WPA3, the handshake was completely re-designed to be more secure. However, as recently stated by the security researchers, “…even if the advice of the Wi-Fi Alliance is followed [to patch the original Dragonblood vulnerabilities], implementations remain at risk of attacks.”
The Two New Dragonblood Vulnerabilities
The first new one is CVE-2019-13377 and applies to the password encoding algorithm within the new handshake (Simultaneous Authentication of Equals or SAE) that WPA3 utilizes. This vulnerability was introduced as a result of the use of new, stronger cryptographic elliptical curves (from P-256 to P-521) in the WPA3 protocol. An attacker can still exploit a side channel attack determine encoding timing and execution information which can be used to brute force crack the Wi-Fi password.
The second vulnerability is CVE-2019-13456 and applies to the EAP-pwd (Extensible Authentication Protocol) algorithm used in a commonly used RADIUS service, FreeRADIUS. This is also a side channel attack that allows attackers to steal information needed to brute force the Wi-Fi password and gain access to encrypted networks. This vulnerability is implementation-specific, meaning a Wi-Fi administrator would need to configure a network to use RADIUS authentication to be affected.
For additional technical detail, please see the White Paper by Mathy Vanhoef and Eyal Ronen.
What’s Being Done to Patch?
The Wi-Fi Alliance is currently working to provide a solution to these two new WPA3 vulnerabilities. Vanhoef speculated in his tweet that that this could lead to WPA3.1, meaning that the fixes to these security flaws may not be backwards compatible with the current WPA3 standard.
Complete Protection for a Wi-Fi Network
As with the five initial Dragonblood vulnerabilities disclosed in April this year, the attacker must bring in either a Rogue AP (access point) or Evil Twin AP into the Wi-Fi environment’s air space. The same situation applies to these two new vulnerabilities. A Rogue AP and Evil Twin AP are two of the six layer two Wi-Fi threats defined by the Trusted Wireless Environment Framework. In order to properly protect a Wi-Fi network from attack sequences utilized in Dragonblood, technology must be utilized in the air space to automatically detect and prevent the presence of Rogue APs and Evil Twin APs. In order for a network to meet Trusted Wireless Environment security standards, the Wi-Fi security used must automatically detect and prevent six Wi-Fi threats. The Rogue AP and Evil Twin AP are among two of the six. Historically the technology to provide Wi-Fi air space security has been referred to as Wireless Intrusion Prevention System (WIPS). A big problem in the Wi-Fi vendor ecosystem today is that there is no standard which defines the security capabilities of WIPS and therefore AP vendors have delivered widely varying WIPS implementations to the market. The mission of the Trustd Wireless Environment Movement is to advocate the Wi-Fi industry to develop new security standards so that everyday users of Wi-Fi services are protected properly without need to download software or other manual intervention. Show your support for this important advocacy movement and sign the petition.
Déjà vu?
WPA3 was created in 2018 by the Wi-Fi Alliance on the heels of the same two security researchers’ 2017 disclosure of serious design flaws in WPA2 (referred to as KRACK). In 2017, the KRACK disclosure informed the world that it had been living with a false sense of security with WPA2 being vulnerable for ten years before the disclosure. If anything, the research from Vanhoef and Ronen have strengthened their argument that Wi-Fi security standards should not be solely developed behind a closed door (single or collection of Wi-Fi companies). Instead, they argue the design of Wi-Fi security standards should be opened up to the public community of security researchers to expose more vulnerabilities and develop safer solutions, faster.