New Dragonblood vulnerabilities found in WiFi WPA3 standard
Earlier this year in April, two security researchers disclosed details about five vulnerabilities (collectively known as Dragonblood) in the WiFi Alliance’s recently launched WPA3 WiFi security and authentication standard. Yesterday, the same security researchers disclosed two new additional bugs impacting the same standard. The two researchers — Mathy Vanhoef and Eyal Ronen — found these two new bugs in the security recommendations the WiFi Alliance created for equipment vendors in order to mitigate the initial Dragonblood attacks.
Just like the original Dragonblood vulnerabilities from April, these two new ones allow attackers to leak information from WPA3 cryptographic operations and brute-force a WiFi network’s password. The first bug is CVE-2019-13377 and this impacts the WPA3’s Dragonfly handshake when using Brainpool curves. Dragonfly is the key exchange mechanism through which users authenticate on a WPA3 router or access point.
In April, Vanhoef and Ronen found that Dragonfly key exchanges that relied on P-521 elliptic curves could be downgraded to use the weaker P-256. As a result, the WiFi Alliance recommended that vendors use the stronger Brainpool curves as part of the Dragonfly algorithms.