loader gif

Two new Dragonblood vulnerabilities discovered in WiFi WPA3 standard

router, home, apps, on, email, horizontal, texting, line, telephone, video, male, millennial, applications, digital, cellular, technology, rest, youth, text, electronic, resting, house, access, device, hotel, wireless, man, game, reading, network, media, music, internet, social, wifi, relaxing, wi-fi, connection, young, smart, person, offline, cell, connectivity, player, phone, message, networking
  • The first one is a side-channel attack flaw in WPA3’s Dragonfly handshake implementation, while the second is an information disclosure vulnerability in EAP-pwd authentication.
  • WPA3 is the latest among the WPA standards brought out by the Wi-Fi Alliance. The organization introduced WPA3 in 2018.

Security researchers have uncovered a couple more Dragonblood vulnerabilities in WPA3. These new flaws are particular to two implementations, Dragonfly handshake in WPA3, and Extensible Authentication Protocol (EAP).

Back in April 2019, the Wi-Fi security standard was found having five flaws that were collectively termed as ‘Dragonblood’. The flaws were discovered by researchers Mathy Vanhoef and Eyal Ronen.

Key highlights

  • The first flaw, tracked as CVE-2019-13377, is a timing-based side-channel attack flaw in Dragonfly handshake.
  • The second flaw tracked as CVE-2019-13456, is a information leak flaw present in the EAP-pwd implementation of FreeRADIUS, which is meant for authentication in Wi-Fi products.
  • According to Vanhoef and Ronen, the side-channel attack issue was due to another standard called Brainpool curves incorporated in WPA3.
  • The researchers also indicate that timing attacks against EAP-pwd implementations are feasible in practice.
  • Both the flaws have been reported to the Wi-Fi Alliance by the researchers. As of now, the two flaws are yet to be addressed.

Root cause identified

In a blog, the researchers suggest that the introduction of Brainpool curves in WPA3 for resolving Dragonblood vulnerabilities was the reason for these side-channel issues.

“In these recommendations, they (Wi-Fi Alliance) claim that Brainpool curves are safe to use, at least if products securely implement Dragonfly's quadratic residue test (i.e. it must be implemented without side-channel leaks),” explained the researchers.

“However, we found that using Brainpool curves introduces a second class of side-channel leaks in the Dragonfly handshake of WPA3. In other words, even if the advice of the Wi-Fi Alliance is followed, implementations remain at risk of attacks,” wrote the researchers.

loader gif