KRACKs vs Dragonblood: Vulnerabilities that affect Wi-Fi Protected Access Protocols
- KRACKs or Key Reinstallation Attacks is a severe replay attack that affects the WPA2 protocol.
- DragonBlood vulnerability includes a total of five security flaws, two of which can result in downgrade attacks.
The Wi-Fi Protected Access Protocol (WPA) has always been one of the significant reasons for secured Wi-Fi connections. Recently, the Wi-Fi Alliance had announced the released of WPA3 protocol with an aim to tackle the shortcomings in WPA2 and to better secure devices that use wireless technology. However, despite the new and comprehensive features, the WPA3 has been found to be vulnerable to a newly discovered security issue named ‘DragonBlood’.
Serious ‘KRACKs’ in WPA2
KRACKs or Key Reinstallation Attacks is a severe replay attack that affects the WPA2 protocol. The vulnerability was unveiled by Belgian researchers Mathy Vanhoef and Frank Piessens of the University of Leuven in 2017. It is actually a group of vulnerabilities which if exploited could allow attackers to do perform several nefarious activities.
The researchers revealed that the attackers within a range of a victim’s device could exploit the flaw to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on.
All of this personal information can be used later to commit identity theft such as accessing your bank or investment accounts without knowledge.
The research had also revealed that all major software including Microsoft, Windows, macOS, iOS, Android, Linux, and OpenBSD were also affected by some variants of the attack.
Then came WPA3...
WPA3 is the third iteration of a Wi-Fi Protected Access protocol. It is the latest update to WPA2 which has been in use since 2004. The latest protocol came with new features for personal and enterprise uses such as 256-bit Galois/Counter Mode Protocol (GCMP-256), 384-bit Hashed Message Authentication Mode and 256-bit Broadcast/Multicast Integrity Protocol (BIP-GMAC-256). However, not long after its launch, the security researchers have discovered a vulnerability that affects WPA3 protocol.
DragonBlood vulnerability in WPA3
DragonBlood vulnerability was uncovered by the same security researchers who were responsible for the discovery of KRACK attack on WPA2. It affects the WPA3 protocol. The vulnerability includes a total of five security flaws, two of which can result in downgrade attacks. While one vulnerability can trigger a denial of service condition, the other two flaws can result in side-channel information leaks.
Overall, threat actors can abuse the DragonBlood vulnerability to recover the Wi-Fi password and infiltrate the target’s network.