cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion

WPA3 - Another day, another flawed protocol...

The Dragonblood team continue to hack away at WPA3. To their credit they have found that the initial recommendation to use Brainpool curves, was go figure, not a good one. It introduces another class of side-channel leaks in the Dragonfly handshake of WPA3.

 

The new side-channel leak is located in the password encoding algorithm of Dragonfly. This algorithm first tries to find a hash output that is smaller than the prime of the elliptic curve being used. With the default NIST curves, such a hash output is practically always found immediately! However, with Brainpool curves, several iterations may have to be executed before finding a hash output smaller than the prime. What was found that only 8 iterations are needed! That costs less than $1 of EC2 compute time! Check out the research at this years Black Hat!

 

Ps. don't get PWNED!

 

0 Replies