Vulnerabilities in the WPA3 Giving Hackers an Easy Way to Steal Wi-Fi passwords

Researchers have found several vulnerabilities in the WPA3 Wi-Fi security protocol. They’re severe enough to let hackers get Wi-Fi passwords easily.

WPA3 was launched in January 2018 by the Wi-Fi Alliance. WPA3 had claimed to be better than WPA2 in various ways like protecting from offline dictionary attacks and forward secrecy, and WPA3 certification also was aiming at making Wi-Fi network more secure. But, the study revealed that there have been many design flaws in WPA3.

Researchers Mathy Vanhoef of New York University Abu Dhabi and Eyal Ronen of Tel Aviv University & KU Leuven discovered the flaws in the WPA3 Wi-Fi authentication protocol. They published the results of their research in a technical paper. Vanhoef also discovered the KRACK vulnerability that affected WPA2 in 2017.

The researchers discovered several attacks against the protocol that fall into three categories.

The first category consists of downgrade attacks against WPA3-capable devices.

The second category consists of weaknesses in the Dragonfly handshake of WPA3, which in the Wi-Fi standard is better known as the Simultaneous Authentication of Equals (SAE) handshake. The flaws gives hackers enough information to deduce a password using side channel information, which is data leaked incidentally as part of another process.

Finally, there’s a denial of service attack. an attacker can also flood an access point by bypassing the technique that WPA3 uses to stop people using fake MAC addresses. It can bring a network to its knees with as few as 16 forged connection attempts per second.

The researchers also discovered serious flaws in EAP-PWD. This is a protocol that authenticates using a password. It is used in Android 4.0, and remote access servers using the RADIUS protocol. It is also used infrequently by some Wi-Fi networks. These bugs could allow an attacker to impersonate a user and access a Wi-Fi network without knowing the user’s password.

The researchers informed the Wi-Fi Alliance before releasing their findings, and it issued a press release.

In response to the issue, the Wi-Fi alliance clarified that all these vulnerabilities can be resolved through a simple and regular software update, as people usually perform on their mobile apps.

The WPA-Personal is still in its early stages of deployment, but the device manufacturers which are effected with this have already started to make efforts to resolve these issues.