WiFi Protected Access 3

Question 1

Why was WPA3 introduced?

Answer 1

Because WPA2 was hacked by the Key Reinstallation Attack (KRACK)
Exploits WPA2 four-way handshake
Attacks 3rd message in handshake

Question 2

WPA/WPA2 Authentication

Answer 2

Authenticator responds to supplicant by sending GTK (Group Temporal Key)
Also protects the frame with MIC ( Message Integrity Code)
At this point after 3rd message is send, if router does not receive acknowledgement that 3rd message was received, it will send it again.
Belgian researchers realised that if you blocked the ack mesg (4th msg), you can force a device to re install the encryption key and this in turn would reset the Nonce

Question 3

Explain the KRACK Exploit

Answer 3

Here, the entire 4 way handshake is not required to complete authentication process for reconnection between access point and router -
Therefore, to enable faster reconnections, only 3rd message is required for reconnect
Hacker mimics WLAN
3rd message in Handshake resent numerous times - This is where the vulnerability lies with MITM attack: The attacker can mimic a wireless network that user previously connected to -
Once supplicant connects to the network, the hackersends what they believe is the 3rd msg of the 4 way handshake from network’s WAP.

Encryption Key Cracked - The attackers keep sending a 3rd message and with each ack message from client a small piece of data is encrypted

WLAN packets decrypted with MITM

Cannot Decrypt SSL Traffic -> SSL Strip -> MITM attack

Forced to communicate in plaintext over HTTP -
The attacker proxies the modified content from HTTPS server. This is achieved through SSLStrip -> Strips HTTPS URLs to become HTTP URLS so the content can be read

Question 4

KRACK Exploit continued

Answer 4

4 Way Handshake -> New Session Key - Tricks user in installing a key that the client is alreeady using by replaying 3rd Handshake Message -
The session key is installed by supplicant after it receiving GTK and MIC from AP. This session key is now ready to be used to encrypt data frames.

All OSs were vulnerable - Particularly Android 6.0

KRACK -> Decrypt TCP SYN
CCMP - Can hijack TCP comms when CCMP is used

Question 5

WiFi Protected Access 3 (WPA3)

Answer 5

WLAN Security Protocol - IEEE 802.11 Protocols
Replaces WPA2 in Jan ‘18
Eliminates brute force attacks (previously wep,wpa and wpa2 allowed for continuous password attempts)
Encryption on per user basis for each connection

Question 6

WPA3 Security Improvements

Answer 6

More Secure Handshake to secure comms
Increased security for adding new devices
Security for Public WiFi
Longer Key

Question 7

WPA2 vs WPA3

Answer 7

Question 8

Describe Simultaneous Authentication of Equals

Answer 8

WPA2 - Krack Vulnerability - MITM -> Tricks user into Key Reinstallation
SAE - Variant of Dragonfly Key Exchange
IEEE 802.11s: WLAN Mesh Networks
WPA3-Personal:SAE - 128-bit Encryption
WPA3 - QR Codes - Easy Connect (allows non tech savvy to connect to router - IoT Device Setup
Connection via smartphone

Question 9

WPA3 Enterprise Authentication

Answer 9

Back-end Authentication
RADIUS Server
Elliptic Curve Diffie-Hellman (ECDH) Exhange &Elliptic Curve Digital Signature Algorithm (ECDSA)

Question 10

Describe Dragonfly Key Exchange

Answer 10

Key Exhange using discreet Logarithm Cryptography
Both parties have shared password or phrase
Specific Domain Parameter - Elliptical Curve Cryptography (ECC) or Finite Field Cryptography (FCC)
Designed to protect user from offline dictionary attacks (Obtains a ciphertect generated using the password derived key, and trying each password against the ciphertext. This is invisible to user and much faster that online attack.

Question 11

Dragonfly Key Exchange Cont’d

Answer 11

Commit Exchange - Both parties commit to single guess of the password
Confirm Exhange - Both parties confirm that they know the password

Password Element (PE) Created - Random Element in Negotiated Group

Question 12

DragonBlood

Answer 12

Dragonfly Handshake

DragonBlood Hack -
WPA3 - Personal
Recovery Network Key
Downgrade Security
Launch DoS (Denial of Service) Attack
Abuse timiing or Cache-based side channel leaves

Transitional mode of operation - susceptible to downgrade attack - attacker can use to set up a rogue ap that only supports WPA2 - therefore forcing WPA3 devices to connect using WPS 2 4 way handshake

Attacker only needs to know SSID of WPA3 network

Question 13

DragonBlood Cont’d

Answer 13

Susceptible to:
Security Group Downgrade Attack
Timiing Based Side Channel Attack
Cache Based Side Channel Attack
Denial of Service Attack