- The Wi-Fi Alliance assured vendors that Dragonblood vulnerabilities are sealed, but the latest discovery questions the safety of the WPA3 standard.
- The newly discovered Dragonblood vulnerabilities allow malicious actors to steal Wi-Fi password and access restricted networks.
- Security researches are warning against Wi-Fi Alliance's closed development standards, preventing the community from acting faster.
Back in April, TechNadu’s editorial team reported about five vulnerabilities in the Wi-Fi WPA3 standard. Collectively known as ‘Dragonblood Vulnerabilities’, these allow attackers to take advantage of WPA3 (Wi-Fi Protected Access) cryptographic operations with the goal of stealing Wi-Fi passwords. Once the passwords are stolen, attackers could easily gain access to a particular Wi-Fi network and inflict a high level of damage. Even though the Wi-Fi Alliance has issued updates to resolve the previously reported vulnerabilities, this isn’t where this story ends.
The two cyber-security researchers that have found the initial vulnerabilities have now discovered two additional bugs. Previously, the Wi-Fi Alliance revealed that once the updates were published, Brainpool curves were yet again safe to use. The solution included the implementation of Dragonfly’s quadratic residue test without any side-channel leaks. The researchers (Mathy Vanhoef and Eyal Ronen) now report that using Brainpool curves does introduce a second class of side-channel leaks in the Dragonfly handshake of WPA3. Ultimately, this means that despite the advice made by the Wi-Fi Alliance, this vulnerability is still out there, which could lead to someone stealing Wi-Fi passwords and endangering your privacy. The two newly reported vulnerabilities are named CVE-2019-13377 and CVE-2019-13456.
More precisely, the CVE-2019-13377 vulnerability is related to WPA3’s Dragonfly handshake when using Brainpool curves. In simple terms, this is a method of authenticating users on WPA3 routers or access points. Even though the Wi-Fi Alliance is now recommending vendors to use P-521 curves, attackers could use the newly found vulnerability to downgrade that to the weaker P-256. The second Dragonblood vulnerability relates to the EAP-pwd implementation, which is an authentication system used by WPA and WPA2. However, EAP-pwd can still be used in WPA3 routers since it’s implemented for supporting legacy purposes.
The researchers have once again warned against Wi-Fi Alliance’s practices of implementing security updates. Instead of using open standards and allowing security experts to easily contribute, the Wi-Fi Alliance still relies on closed standards in terms of its development process. When a vulnerability is discovered, it goes through a lengthy period of implementation, which gives plenty of time for malicious actors to plan their attacks.
As a result of the previously mentioned Dragonblood vulnerabilities, the Wi-Fi Alliance is now updating the Wi-Fi standard with proper defenses. You can find additional information in an updated version of the Dragonblood white paper. And if you’re concerned about your privacy, you should wait for a firmware update for your router (with higher-end models likely to receive it first - if at all). And also, you might want to check our overview of the best secure routers in 2019.
What are your thoughts on the recently discovered Dragonblood vulnerabilities? Are you worried about the security of your Wi-Fi network? Let us know in the comments section below, and don’t forget to follow us via our social media profiles, on Facebook and Twitter.