WiFi Protected Access 3 Flashcards
Why was WPA3 introduced?
Because WPA2 was hacked by the Key Reinstallation Attack (KRACK)
Exploits WPA2 four-way handshake
Attacks 3rd message in handshake
WPA/WPA2 Authentication
Authenticator responds to supplicant by sending GTK (Group Temporal Key)
Also protects the frame with MIC ( Message Integrity Code)
At this point after 3rd message is send, if router does not receive acknowledgement that 3rd message was received, it will send it again.
Belgian researchers realised that if you blocked the ack mesg (4th msg), you can force a device to re install the encryption key and this in turn would reset the Nonce
Explain the KRACK Exploit
Here, the entire 4 way handshake is not required to complete authentication process for reconnection between access point and router -
Therefore, to enable faster reconnections, only 3rd message is required for reconnect
Hacker mimics WLAN
3rd message in Handshake resent numerous times - This is where the vulnerability lies with MITM attack: The attacker can mimic a wireless network that user previously connected to -
Once supplicant connects to the network, the hackersends what they believe is the 3rd msg of the 4 way handshake from network’s WAP.
Encryption Key Cracked - The attackers keep sending a 3rd message and with each ack message from client a small piece of data is encrypted
WLAN packets decrypted with MITM
Cannot Decrypt SSL Traffic -> SSL Strip -> MITM attack
Forced to communicate in plaintext over HTTP -
The attacker proxies the modified content from HTTPS server. This is achieved through SSLStrip -> Strips HTTPS URLs to become HTTP URLS so the content can be read
KRACK Exploit continued
4 Way Handshake -> New Session Key - Tricks user in installing a key that the client is alreeady using by replaying 3rd Handshake Message -
The session key is installed by supplicant after it receiving GTK and MIC from AP. This session key is now ready to be used to encrypt data frames.
All OSs were vulnerable - Particularly Android 6.0
KRACK -> Decrypt TCP SYN
CCMP - Can hijack TCP comms when CCMP is used
WiFi Protected Access 3 (WPA3)
WLAN Security Protocol - IEEE 802.11 Protocols
Replaces WPA2 in Jan ‘18
Eliminates brute force attacks (previously wep,wpa and wpa2 allowed for continuous password attempts)
Encryption on per user basis for each connection
WPA3 Security Improvements
More Secure Handshake to secure comms
Increased security for adding new devices
Security for Public WiFi
Longer Key
WPA2 vs WPA3
Describe Simultaneous Authentication of Equals
WPA2 - Krack Vulnerability - MITM -> Tricks user into Key Reinstallation
SAE - Variant of Dragonfly Key Exchange
IEEE 802.11s: WLAN Mesh Networks
WPA3-Personal:SAE - 128-bit Encryption
WPA3 - QR Codes - Easy Connect (allows non tech savvy to connect to router - IoT Device Setup
Connection via smartphone
WPA3 Enterprise Authentication
Back-end Authentication
RADIUS Server
Elliptic Curve Diffie-Hellman (ECDH) Exhange &Elliptic Curve Digital Signature Algorithm (ECDSA)
Describe Dragonfly Key Exchange
Key Exhange using discreet Logarithm Cryptography
Both parties have shared password or phrase
Specific Domain Parameter - Elliptical Curve Cryptography (ECC) or Finite Field Cryptography (FCC)
Designed to protect user from offline dictionary attacks (Obtains a ciphertect generated using the password derived key, and trying each password against the ciphertext. This is invisible to user and much faster that online attack.
Dragonfly Key Exchange Cont’d
Commit Exchange - Both parties commit to single guess of the password
Confirm Exhange - Both parties confirm that they know the password
Password Element (PE) Created - Random Element in Negotiated Group
DragonBlood
Dragonfly Handshake
DragonBlood Hack -
WPA3 - Personal
Recovery Network Key
Downgrade Security
Launch DoS (Denial of Service) Attack
Abuse timiing or Cache-based side channel leaves
Transitional mode of operation - susceptible to downgrade attack - attacker can use to set up a rogue ap that only supports WPA2 - therefore forcing WPA3 devices to connect using WPS 2 4 way handshake
Attacker only needs to know SSID of WPA3 network
DragonBlood Cont’d
Susceptible to:
Security Group Downgrade Attack
Timiing Based Side Channel Attack
Cache Based Side Channel Attack
Denial of Service Attack