Dragonblood - Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd
Offered By: IEEE via YouTube
Course Description
Overview
Analyze the Dragonfly handshake protocol used in WPA3 and EAP-pwd Wi-Fi security standards. Explore vulnerabilities in the hash-to-curve algorithm, potential attacks on clients and access points, and information leakage risks. Examine the impact on password brute-force costs, denial-of-service possibilities, and downgrade attack scenarios. Evaluate the Wi-Fi Alliance's response to these security concerns and discuss remaining issues in Wi-Fi security implementation. Gain insights into the fundamental challenges of securing wireless networks and the ongoing efforts to address vulnerabilities in widely-used protocols.
Syllabus
Intro
Background: Wi-Fi Security
Background: Dragonfly in WPA3 and EAP-pwd
Hash-to-curve: EAP-pwd
Attacking Clients
Attacking Access Points
What information is leaked?
Leaked information: #iterations needed
Raspberry Pi 1 B+: differences are measurable
Hash-to-curve: WPA3
Cache attack on NIST curves
Password Brute-force Cost
Denial-of-Service Attack
Downgrade Attacks
Reaction of the Wi-Fi Alliance
Fundamental issue still unsolved
Remaining issues
Conclusion
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Develop Java Embedded Applications Using a Raspberry PiOracle via Independent Introducción a Raspberry Pi (Ver-2)
Galileo University via Independent Interfacing with the Raspberry Pi
University of California, Irvine via Coursera Robotic Motion Systems
University of California, Irvine via Coursera The Raspberry Pi Platform and Python Programming for the Raspberry Pi
University of California, Irvine via Coursera