Explore practical side-channel attacks against WPA-TKIP in this 34-minute Black Hat conference talk. Discover why legacy protocols like WPA-TKIP are still widely used in modern Wi-Fi networks, despite the introduction of more secure alternatives like WPA3. Learn about the systematic analysis of WPA-TKIP implementations, including wardriving efforts across cities in the United States, Germany, and Belgium. Delve into topics such as Wi-Fi history, TKIP countermeasures, quality of service, the ChopChop attack, side-channels, and hardware decryption. Gain insights into the impact of these vulnerabilities, potential improvements, and countermeasures against the presented attacks. Understand the CTR mode with CBC-MAC Protocol and witness a demonstration of the discussed techniques. Conclude with a comprehensive overview of the practical implications for wireless network security.
Overview
Syllabus
Intro
Brief Wi-Fi History
Wi-Fi Survey
Outline
TKIP Countermeasures
Quality of Service
The ChopChop Attack
Side-Channels
Methodology
Fragment 1/2
Return of Power Management
Hardware Decryption
Recall TKIP Header
Impact
Improvements
Countermeasures to our Attacks
CTR mode with CBC-MAC Protocol
Demonstration.
Conclusion
Taught by
Black Hat
