Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

WPA3 Wi-Fi still saddled with security flaws, researchers claim [u]

Roger Fingas |

Last updated

WPA3 — a Wi-Fi security protocol launched by the Wi-Fi Alliance in 2018 — is, in practice, better than WPA2, but still fraught with security flaws, according to a recent research paper.

"In light of our presented attacks, we believe that WPA3 does not meet the standards of a modern security protocol," wrote authors Mathy Vanhoef and Eyal Ronen, quoted by Ars Technica. The pair argued that many of the same attacks continue to work and will likely remain effective for years, especially with lower-cost Wi-Fi devices.

WPA3 makes use of a technology dubbed "Dragonfly," more formally Simultaneous Authentication of Equals. This improves a previous four-way "handshake" with a Pairwise Master Key as well as "forward secrecy." In combination, the idea was that WPA3 would be more resistant to password guessing attacks.

The Alliance failed to listen to recommendations about moving away from hash-to-group and hash-to-curve password encoding, Vanhoef and Ronen said, and the result is a group of "Dragonblood" proof-of-concept exploits. Those exploits will also work against networks equipped with the Extensible Authentication Protocol, or EAP, so long as they have EAP-pwd enabled. It's said in fact that with EAP-pwd, an attacker could impersonate any user without knowing the person's password.

The simplest WPA3 exploits involve a transition mode that lets WPA3-ready devices work in backwards compatibility with those that aren't. Another set involves side-channel leaks that leak info about the passwords being used.

In a response, the Alliance said that the paper "identified vulnerabilities in a limited number of early implementations of WPA3-Personal," and that WPA3-Personal is not only "in the early stages of deployment," but that "the small number of device manufacturers that are affected have already started deploying patches to resolve the issues."

Neither the researchers nor the Alliance have identified any "Dragonblood" exploits being used by real-world hackers.

Mac, iPhone, and iPad owners can mitigate WPA3 threats by updating compatible Wi-Fi routers to the latest available firmware. They should also use unique, ideally randomly-generated router passwords that are at least 13 characters long — password management apps may make it easier to meet requirements.

At present, it isn't clear if Apple's line of AirPort routers, now discontinued, will see a firmware update for the exploits. Sources inside Apple not authorized to speak on behalf of the company has told us previously that there is still a corps of software engineers tasked with keeping the AirPort "as safe as possible for as long as possible."

Update: On Thursday afternoon, the Wi-Fi Alliance cited a later tweet by Vanhoef stating that WPA3 is better than WPA2, but the flaws are still serious.

25 Comments

GeorgeBMac 8 Years · 11421 comments
About

THE primary rule remains:   "If they want in bad enough, they will.   The trick is to make it hard enough that they go after your neighbor instead."
...  That's sort of a take off on the joke that you don't have to outrun the bear, just your friend.

Too often it seems we think we can rely on having big locks (aka "13 character passwords") on things.   But, often better is:
1)  Security through obscurity
2)  Immediate notification (such as when a sign on is attempted or a new device connected or especially if there is an invalid attempt.)

For myself, I keep MAC authorization enabled so that, if I don't know your MAC address, you aren't getting in.

Soli 9 Years · 9981 comments
About

THE primary rule remains:   "If they want in bad enough, they will.   The trick is to make it hard enough that they go after your neighbor instead."
...  That's sort of a take off on the joke that you don't have to outrun the bear, just your friend.

Too often it seems we think we can rely on having big locks (aka "13 character passwords") on things.   But, often better is:
1)  Security through obscurity
2)  Immediate notification (such as when a sign on is attempted or a new device connected or especially if there is an invalid attempt.)

For myself, I keep MAC authorization enabled so that, if I don't know your MAC address, you aren't getting in.

I appreciate your vigilance, but you should know that it's trivial to locate a valid MAC address as they are sent with each and every packet, and they are easily spoofable since they are a virtual representation of the BiA (burn-in address). It's effectively just a speedbump for any would be attacker, and one so small that they don't even have to slow down.

To WPA2's credit, this protocol has been going strong since its release in the mid-aughts, and without a successor that greatly increases protection it looks like it'll be used for many years to come.

tnet-primary 13 Years · 242 comments
About

THE primary rule remains:   "If they want in bad enough, they will.   The trick is to make it hard enough that they go after your neighbor instead."
...  That's sort of a take off on the joke that you don't have to outrun the bear, just your friend.

Too often it seems we think we can rely on having big locks (aka "13 character passwords") on things.   But, often better is:
1)  Security through obscurity
2)  Immediate notification (such as when a sign on is attempted or a new device connected or especially if there is an invalid attempt.)

For myself, I keep MAC authorization enabled so that, if I don't know your MAC address, you aren't getting in.

Your primary rule is flawed.  The concept of “more secure than your neighbor” assumes the attacker is searching for the lowest hanging fruit.  

If the attacker is specifically targeting YOU for some reason (see: every celebrity hack ever), then simply trying to be more secure than your neighbor may be a pretty low bar.

GeorgeBMac 8 Years · 11421 comments
About

ttollerton said:
THE primary rule remains:   "If they want in bad enough, they will.   The trick is to make it hard enough that they go after your neighbor instead."
...  That's sort of a take off on the joke that you don't have to outrun the bear, just your friend.

Too often it seems we think we can rely on having big locks (aka "13 character passwords") on things.   But, often better is:
1)  Security through obscurity
2)  Immediate notification (such as when a sign on is attempted or a new device connected or especially if there is an invalid attempt.)

For myself, I keep MAC authorization enabled so that, if I don't know your MAC address, you aren't getting in.
Your primary rule is flawed.  The concept of “more secure than your neighbor” assumes the attacker is searching for the lowest hanging fruit.  

If the attacker is specifically targeting YOU for some reason (see: every celebrity hack ever), then simply trying to be more secure than your neighbor may be a pretty low bar.

Unless you are rich or famous or powerful, there is no reason for a hacker to go after you and only you.  The vast majority are simply looking to hack somebody, anybody -- in the same realm as a credit card skimmer is not looking for YOUR card number.   They just want A card number.

GeorgeBMac 8 Years · 11421 comments
About

Soli said:
THE primary rule remains:   "If they want in bad enough, they will.   The trick is to make it hard enough that they go after your neighbor instead."
...  That's sort of a take off on the joke that you don't have to outrun the bear, just your friend.

Too often it seems we think we can rely on having big locks (aka "13 character passwords") on things.   But, often better is:
1)  Security through obscurity
2)  Immediate notification (such as when a sign on is attempted or a new device connected or especially if there is an invalid attempt.)

For myself, I keep MAC authorization enabled so that, if I don't know your MAC address, you aren't getting in.
I appreciate your vigilance, but you should know that it's trivial to locate a valid MAC address as they are sent with each and every packet, and they are easily spoofable since they are a virtual representation of the BiA (burn-in address). It's effectively just a speedbump for any would be attacker, and one so small that they don't even have to slow down.

To WPA2's credit, this protocol has been going strong since its release in the mid-aughts, and without a successor that greatly increases protection it looks like it'll be used for many years to come.

As I said, there are no bullet proof security schemes.   If they want in bad enough, they will get in.   The trick is to make it hard enough that they go elsewhere for easier pickings.  Finding and spoofing a valid Mac address can be done, but it would be easier, quicker and cheaper to go pick on somebody else.

Read More on our Forums ->
 

Sponsored Content

article thumbnail

How to stop spam calls and reclaim some sanity on your iPhone

Top Stories

article thumbnail

How Apple's smart home revolution begins in 2025

article thumbnail

AirPods Max four years later: a missed spatial computing opportunity

article thumbnail

Apple says EU interoperability laws pose severe privacy risks

article thumbnail

Don't believe what you see on TikTok - AirDrop doesn't allow thieves to steal your credit card info

article thumbnail

Holiday 2024 MacBook Buyer's Guide — Which Mac laptop you should buy?

article thumbnail

Holiday coupon: save up to $300 on every 14" & 16" MacBook Pro M4