Weaknesses in WPA3's Dragonfly Handshake

Explore the vulnerabilities in WPA3's Dragonfly handshake and their practical implications in this comprehensive conference talk. Delve into the discovered attacks, including password partitioning attacks that exploit timing and cache-based side-channel leaks. Understand the efficiency and low cost of these attacks, with examples of brute-forcing 8-character lowercase passwords using Amazon EC2 instances. Examine backwards-compatible countermeasures and discuss why WPA3 may not meet modern security protocol standards, especially on devices with lightweight processors. Learn about the Dragonfly handshake, mod P groups, elliptic curves, and WPA3 hashing. Investigate invalid curve attacks, denial of service, and downgrade attacks. Evaluate the effectiveness of proposed solutions, WiFi standard updates, and the removal of timing leaks. Gain insights into the future of WPA3 and draw conclusions about its security implications for Wi-Fi networks.

Introduction
Dragonfly Handshake
How it works
What is a mod P group
A dictionary of passwords
Main takeaway message
Test setup
Eelliptic curves
WPA3 hashing
WPA3 countermeasure
Brainpool curves
If condition
Conclusion
Solution
Takeaway
Password Dictionary
Cost
Summary
Dragonfly implementations
Invalid curve attack
Curve check
Curve check as adversary
Guessing the key
EP PWD
Free Radius
Denial of Service
Downgrade Attacks
Downgrade Attack 2
S10 Patch
WiFi Standard Update
No More Timing Leaks
Possible Downgrade Attacks
Should You Use WPA3
Conclusions