Two new Dragonblood vulnerabilities discovered in WiFi WPA3 standard
- The first one is a side-channel attack flaw in WPA3’s Dragonfly handshake implementation, while the second is an information disclosure vulnerability in EAP-pwd authentication.
- WPA3 is the latest among the WPA standards brought out by the Wi-Fi Alliance. The organization introduced WPA3 in 2018.
Security researchers have uncovered a couple more Dragonblood vulnerabilities in WPA3. These new flaws are particular to two implementations, Dragonfly handshake in WPA3, and Extensible Authentication Protocol (EAP).
Back in April 2019, the Wi-Fi security standard was found having five flaws that were collectively termed as ‘Dragonblood’. The flaws were discovered by researchers Mathy Vanhoef and Eyal Ronen.
- The first flaw, tracked as CVE-2019-13377, is a timing-based side-channel attack flaw in Dragonfly handshake.
- The second flaw tracked as CVE-2019-13456, is a information leak flaw present in the EAP-pwd implementation of FreeRADIUS, which is meant for authentication in Wi-Fi products.
- According to Vanhoef and Ronen, the side-channel attack issue was due to another standard called Brainpool curves incorporated in WPA3.
- The researchers also indicate that timing attacks against EAP-pwd implementations are feasible in practice.
- Both the flaws have been reported to the Wi-Fi Alliance by the researchers. As of now, the two flaws are yet to be addressed.
Root cause identified
In a blog, the researchers suggest that the introduction of Brainpool curves in WPA3 for resolving Dragonblood vulnerabilities was the reason for these side-channel issues.
“In these recommendations, they (Wi-Fi Alliance) claim that Brainpool curves are safe to use, at least if products securely implement Dragonfly's quadratic residue test (i.e. it must be implemented without side-channel leaks),” explained the researchers.
“However, we found that using Brainpool curves introduces a second class of side-channel leaks in the Dragonfly handshake of WPA3. In other words, even if the advice of the Wi-Fi Alliance is followed, implementations remain at risk of attacks,” wrote the researchers.