Dragonblood - A Security Analysis of WPA3’s SAE Handshake

Dragonblood - A Security Analysis of WPA3’s SAE Handshake

TheIACR via YouTube Direct link

Thank you! Questions?

15 of 15

15 of 15

Thank you! Questions?

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Dragonblood - A Security Analysis of WPA3’s SAE Handshake

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Background: Dragonfly in WPA3 and EAP-pwd
  3. 3 Convert password to MODP element
  4. 4 What about elliptic curves?
  5. 5 Hash-to-curve: WPA3 for (counter - 1; counter 40; counter:-)
  6. 6 Attack Optimizations Timing & cache attack result in password signature Both use the same brute-force algorithm
  7. 7 Invalid Curve Attack
  8. 8 Reflection Attack: EAP-pwd example
  9. 9 Other Implementation Vulnerabilities
  10. 10 Denial-of-Service Attack
  11. 11 Downgrade Against WPA3-Transition Transition mode: WPA2/3 use the same password
  12. 12 Crypto Group Downgrade Handshake can be performed with multiple curves Initiator proposes curve & responder accepts/rejects Spoof reject messages to downgrade used curve
  13. 13 Fundamental issue still unsolved On lightweight devices, doing 40 iterations is too costly Even powerfull devices are at risk: handshake might be offloaded the lightweight Wi-Fi chip itself
  14. 14 Conclusion
  15. 15 Thank you! Questions?

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.