The Dragonblood team continue to hack away at WPA3. To their credit they have found that the initial recommendation to use Brainpool curves, was go figure, not a good one. It introduces another class of side-channel leaks in the Dragonfly handshake of WPA3.
The new side-channel leak is located in the password encoding algorithm of Dragonfly. This algorithm first tries to find a hash output that is smaller than the prime of the elliptic curve being used. With the default NIST curves, such a hash output is practically always found immediately! However, with Brainpool curves, several iterations may have to be executed before finding a hash output smaller than the prime. What was found that only 8 iterations are needed! That costs less than $1 of EC2 compute time! Check out the research at this years Black Hat!
Ps. don't get PWNED!