YoVDO

Dragonblood - Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd

Offered By: IEEE via YouTube

Tags

Network Security Courses Cybersecurity Courses Raspberry Pi Courses Cache Attacks Courses

Course Description

Overview

Analyze the Dragonfly handshake protocol used in WPA3 and EAP-pwd Wi-Fi security standards. Explore vulnerabilities in the hash-to-curve algorithm, potential attacks on clients and access points, and information leakage risks. Examine the impact on password brute-force costs, denial-of-service possibilities, and downgrade attack scenarios. Evaluate the Wi-Fi Alliance's response to these security concerns and discuss remaining issues in Wi-Fi security implementation. Gain insights into the fundamental challenges of securing wireless networks and the ongoing efforts to address vulnerabilities in widely-used protocols.

Syllabus

Intro
Background: Wi-Fi Security
Background: Dragonfly in WPA3 and EAP-pwd
Hash-to-curve: EAP-pwd
Attacking Clients
Attacking Access Points
What information is leaked?
Leaked information: #iterations needed
Raspberry Pi 1 B+: differences are measurable
Hash-to-curve: WPA3
Cache attack on NIST curves
Password Brute-force Cost
Denial-of-Service Attack
Downgrade Attacks
Reaction of the Wi-Fi Alliance
Fundamental issue still unsolved
Remaining issues
Conclusion


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Develop Java Embedded Applications Using a Raspberry Pi
Oracle via Independent
Introducción a Raspberry Pi (Ver-2)
Galileo University via Independent
Interfacing with the Raspberry Pi
University of California, Irvine via Coursera
Robotic Motion Systems
University of California, Irvine via Coursera
The Raspberry Pi Platform and Python Programming for the Raspberry Pi
University of California, Irvine via Coursera