YoVDO

Dragonblood - Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd

Offered By: IEEE via YouTube

Tags

Network Security Courses Cybersecurity Courses Raspberry Pi Courses Cache Attacks Courses

Course Description

Overview

Analyze the Dragonfly handshake protocol used in WPA3 and EAP-pwd Wi-Fi security standards. Explore vulnerabilities in the hash-to-curve algorithm, potential attacks on clients and access points, and information leakage risks. Examine the impact on password brute-force costs, denial-of-service possibilities, and downgrade attack scenarios. Evaluate the Wi-Fi Alliance's response to these security concerns and discuss remaining issues in Wi-Fi security implementation. Gain insights into the fundamental challenges of securing wireless networks and the ongoing efforts to address vulnerabilities in widely-used protocols.

Syllabus

Intro
Background: Wi-Fi Security
Background: Dragonfly in WPA3 and EAP-pwd
Hash-to-curve: EAP-pwd
Attacking Clients
Attacking Access Points
What information is leaked?
Leaked information: #iterations needed
Raspberry Pi 1 B+: differences are measurable
Hash-to-curve: WPA3
Cache attack on NIST curves
Password Brute-force Cost
Denial-of-Service Attack
Downgrade Attacks
Reaction of the Wi-Fi Alliance
Fundamental issue still unsolved
Remaining issues
Conclusion


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Beginning Custom Projects with Raspberry Pi
Johns Hopkins University via Coursera
Intro C/C++ Prog Micoroctl
Cabrillo College via California Community Colleges System
Learn Raspberry Pi
Codecademy
Learn Raspberry Pi: Command Line
Codecademy
Learn Raspberry Pi: Electronics
Codecademy