Some security flaws of the new WPA3 have already been exposed. Network security has always been a debate with constant advances in technology. However, many people out there still do not know much about network security
Some security flaws of the new WPA3 have already been exposed. Network security has always been a debate with constant advances in technology. However, many people out there still do not know much about network security. This does not stop geeky or talented tech-minded individuals or group of people from hunting for possible vulnerabilities or flaws.
Though Wi-Fi passwords are now tougher to crack, each of its protocols has had its fair share of flaws. What is surprising is that the reasonably new WPA3 ( Wi-Fi Protected Access protocol version 3) still remains vulnerable to attack, thanks to some serious flaws in the design.
Mathy Vanhoef and Eyal Ronentitled recently authored a paper termed Dragonblood - A Security Analysis of WPA3’s SAE Handshake. In it, they discuss elements of WPA3 that in some cases still leave it vulnerable to attacks like the previous WPA2. This is summarized as follows:
What are the Exposed Security Flaws of the WPA3 Wi-Fi Protocol
- WPA3-Transition mode is one of the remarkable things of the WPA3 protocol. This brings backwards-compatible with older ones which otherwise do not support it. Unfortunately, this backwards-compatible process can be exploited. This is because it allows for networks to support both WPA3 and WPA2 using the same password. This potentially allows an attacker the ability to create a malicious WPA2 system with the same SSID as the original. Client devices in the transition mode will then connect to the malicious network using WPA2, leaving the handshake exposed. Many newer methods were tested and found to have the flaw, but it remains a serious concern, especially in low-cost devices.
- WPA2 relied on a four-way handshake as a means of authentication for devices. This handshake contains a hash of the network password which leaves it open to cracking if intercepted or exposed. This process is still shared by the new protocol. Hence it can easily be compromised.
See Also the new Mediatek G85 with a much better Wi-Fi Reception module
- WPA3 is also vulnerable to side-channel leaks, both cache-based and timing-based. These leaks can potentially reveal information about the network password.
In conclusion, a strong password on your network is strongly recommended, while we hope for resolutions in the future.
Did you know with your Wi-Fi connection and a web browser, you can connect to Google Meet for free? Check it out here.