Please check with your vendors for updates. We collaborated with the Wi-Fi Alliance and CERT/CC to notify all affected vendors in a coordinated manner,Īnd helped with implementing backwards-compatible countermeasures. This paper will be presented at the IEEE Symposium on Security and Privacy on 18- in Oakland (San Francisco),Īnd it will be presented at Black Hat USA on 7 August in Las Vegas. These bugs allow an adversary to impersonate any user, and thereby access the Wi-Fi network, without knowing the user's password.Īlthough EAP-pwd is used fairly infrequently in practice, these results illustrate the risks of incorrectly implementing the Dragonfly handshake.ĭetails behind our findings are explained in our paper Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd. We also discovered serious bugs in most products that implement EAP-pwd. More precisely, Dragonfly is also used by the EAP-pwd protocol,Īnd our attacks work against this protocol as well.įor example, an adversary can use similar techniques against EAP-pwd to recover a user's password. The Dragonfly handshake is also used certain in enterprise Wi-Fi networks that require a username and password for access control. We hope our disclosure motivates vendors to mitigate our attacks before WPA3 becomes widespread. This allows an attacker to steal sensitive information such as passwords and emails. If the victim uses no extra protection such as HTTPS, Unfortunately, we found that even with WPA3, an attacker within range of a victim can still recover the password. One of the supposed advantages of WPA3 is that, thanks to its underlying Dragonfly handshake, it's near impossible to crack the password of a network. The Wi-Fi Alliance recently announced the new and more secure WPA3 protocol. However, because WPA2 is more than 14 years old, Modern Wi-Fi networks use WPA2 to protect transmitted data.
0 kommentar(er)
