Hacking WPA3 with Mathy Vanhoef & Retia

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

today we're talking about WPA 3 its promise for safer Wi-Fi and the problems along the way let's go [Music] WPA 3 is the next generation of Wi-Fi security unlike the wpa2 used in coffee shops like this it doesn't leave you vulnerable to snooping or other sorts of wireless attacks now in spite of this it is a new standard and it's not perfect and that means it's actually already been hacked twice so to get to the bottom of this we spoke with Mathieu van Hoff a Wi-Fi security researcher well-known for finding vulnerabilities in wpa2 and WPA 3 after his talk and the blackhat security conference in Las Vegas so I am motivo loop on the topic of my research is essentially network security will focus on wireless security so the main issue is that it used to be with wpa2 if you would connect to a network and there's an attacker or adversary nearby he or she would be able to then capture the connection attempt to your access points to your router and they can then take that information and try to brute force try to recover the passwords that the network is using and they fix that with WPA 3 to make that almost impossible one of our edition of WPA 3 is that they now try to protect management frames meaning a deal the authentication attack where you forcibly try to disconnect clients from a network that should also be presented with wk3 with wpa2 today two major flaws give rise to the most serious types of attacks the way all modern devices connect to password protected Wi-Fi networks is to exchange information called a handshake in this exchange your device and the router share a hashed version of the Wi-Fi password in the first major flaw an attacker within range can simply listen in and capture the hashed password when you connect once they capture the handshake they can leave and use a program like half-cat to try to crack the network password now if the attacker isn't in range when a device is connecting they don't really need to wait they can just force a handshake by sending management frames called deaaath packets this will disconnect your device from the Wi-Fi network forcing it to exchange a new handshake anyway while the attacker just listens in this is the second major flaw should an attacker decide to not let you reconnect they can send a continuous flow of deaaath packets thus denying you all network connection in a protocol based on mile of service attack now WPA 3 is supposed to be response to these security problems using the new dragonfly handshake designed to frustrate attackers while a nearby attacker could capture a handshake it takes too long to brute-force and they have to stay in rein to the router to try every single password guess the auth packets and other management frames are also now encrypted in WPA 3 which prevents attackers from jamming a WPA 3 network by forging D off packets between a router and any connected devices WPA 3 also includes a feature called forward secrecy and what this means is that if someone was able to capture some of your Wi-Fi traffic and later on learned your password they wouldn't be able to go back and decrypt everything that they gathered now for this and all the other security updates you should definitely update to WPA 3 however because it's a new standard that means it's not without its own flaws so I would say that there are two main categories of flaws the first one is if you configure a network to support boats WPA 2 on WPA 3 then it's possible that even if you have a new smartphone for example that supports WK 3 an adversary can still force your smartphone into using WPA 2 and then some of the old attacks against WPA 2 they would still apply the second flaw is that in the new handshake of WPA 3 when a device executes that handshake belief briefly summarized it leaks some data through either how long it takes the access point to reply as one example an attacker can use this leaked information who still try to recover the password of the network even though that shouldn't be possible after Mathieu discovered that WPA 3 could leak data the news took the security community by storm viewers of hack 5 should remember Shannon covering these same issues recently as well the creators of WPA 3 were forced to react with a hasty fix to address the timing attack but in doing so they also made it possible to jam WPA 3 so to break down the original issue when a device joins a WPA 3 network the router converts the password into a point on an elliptic curve most passwords however will generate an invalid point now when this happens the router simply adds a number and tries again until it gets a valid point on the curve problem solved right well unfortunately a nearby attacker can measure this by the time it takes for the router to reply and this information lets the attacker more easily brute-force the Wi-Fi password then based on the unique amount of time it takes for WPA 3 routers to process different passwords hackers can rule out large groups of password guesses to try brute forcing attacks this breaks WPA threes promise of immunity from brute forcing attacks less than a year after its release they decide to solve this by always making the access points perform a lot of computations and in a sense always reply a bit slower the way that the mated reply slower is by making this algorithm that is used and turtley perform 40 iterations of a certain function now this is and this this prevents the timing link you've done properly however doing these 14 iterations it adds a lot of overhead so if you then for example implement wk3 on a very lightweight device or IOT device this would mean that your handshake becomes very slow or that it drains the battery of the device a lot meaning you result in a denial of service attacks so the implementers they're really met with a dilemma here either they implement this countermeasure and this means they possibly are vulnerable to denial of service attacks or they don't or implement just a weak version and then they might be vulnerable to the side channels as mentioned their fix paved the way for a fairly simple denial service attack the fix required each device to hide the number of iterations by running 40 times masking the timing issue by making all handshakes take the exact same amount of time on devices like routers with limited resources hackers can send many handshakes at the same time causing the router to crash and taking the network completely offline with over a billion different devices using the Wi-Fi standard the security the connected world relies on the final version of WPA 3 that's released to the public now while none of these flaws are yet fatal for WPA 3 researchers are definitely anxious that some flaws this big are already cropping up now ideally the development of WPA 3 would be open to researchers who want to contribute but unfortunately for now it remains primarily closed until a secure version of WPA 3 is made available to the public WP 2 will have to suffice and users will need to be careful about connecting to open networks or networks with weak passwords and make decisions about whether or not it's safe to connect that's all we have for this episode thanks for watching and if you have ideas for future episodes you can hit me up on Twitter at Kody Kinsey you can also check out our channel ready to see more content like this thanks for watching and we'll see you next time

Info

Channel: Hak5

Views: 65,054

Rating: undefined out of 5

Keywords: hak5, hack, technology, hack5, hacker, WPA3, WPA, WPA2, Wi-Fi hacking, wifi, retia, kody kinzie, wifi hacking, Mathy Vanhoef

Id: 44I1wfgGT80

Channel Id: undefined

Length: 8min 7sec (487 seconds)

Published: Thu Apr 22 2021