Abstract
After the KRACK (Key Reinstallation AttaCK) attack on WPA2 (Wi-Fi Protected Access 2) in Fall 2017, the Wi-Fi Alliance started developing WPA3 which was announced in Summer 2018. WPA3 is a certification that adds protection mechanisms to its predecessor WPA2, such as dictionary attack resistance, management frame protection, and forward secrecy. In April 2019, researchers discovered a set of vulnerabilities in WPA3. These vulnerabilities allow an attacker to perform different types of attacks, varying from denial of service to network-password cracking. This has worried the community including organizations and device vendors who have already started implementing WPA3 on their devices. In this paper, we present three possible denial of service attacks on WPA3. We start by presenting the WPA3-SAE (Simultaneous Authentication of Equals) mechanism. Then, we analyze the mechanism and show the existence of specification flaws in WPA3 protocol. An attacker exploits these flaws to generate attacks on Wi-Fi availability to deprive legitimate devices from connecting to WPA3 networks. We experimentally show the feasibility of these attacks and propose possible countermeasures to mitigate the attacks and direct device vendors to better implement security in their future devices.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
ECDLP is the problem of finding a scalar n given two elliptic points \(P\in \mathfrak {\xi }(\mathbb {F}_p)\) and \(Q\in \mathfrak {\xi }(\mathbb {F}_p)\) such that Q is the product of the scalar n by the point P (\(Q=n.P\)), where \(\mathfrak {\xi }\) is an elliptic curve defined over a finite field \(\mathbb {F}_p\) and \(p=q^m\) (q is prime) [18].
- 2.
MFP (Management Frame Protection) was introduced as part of the IEEE 802.11w amendment to add protection to management frames that are originally not authenticated and hence can be easily spoofed for denial of service attacks.
- 3.
MSC (Message Sequence Chart) is a graphical language for the description of the interaction between different components of a system. This language is standardized by the ITU (International Telecommunication Union).
- 4.
In 802.1X terminology, Wi-Fi users are called supplicants. They authenticate themselves to the access point, which is known by the authenticator. In the rest of the paper, we use the term Wi-Fi supplicant and Wi-Fi user interchangeably. We also use the term Wi-Fi access point and Wi-Fi authenticator interchangeably.
- 5.
In the IEEE 802.11 standard, the authentication sequence number indicates the type of the authentication frame: 0x0001 is used to indicate an authentication request frame, whereas 0x0002 is used to indicate an authentication response frame.
- 6.
hostapd-2.7 is an open source package that allows to emulate access points on a computer. The version 2.7 supports the use of WPA3-PSK authentication protocol. It can be downloaded from https://w1.fi/releases/hostapd-2.7.tar.gz.
- 7.
wpa_supplicant-2.7 is an open source package that allows to implement Wi-Fi supplicant on a computer. The version 2.7 supports the use of WPA3-PSK. It can be downloaded from https://w1.fi/releases/wpa_supplicant-2.7.tar.gz.
- 8.
Typically, beacons are sent every 100 time units (beacon interval), where a time unit is 1.024 ms. The attacker can change the beacon interval to be 15 instead of 100.
- 9.
EAPoL (Extensible Authentication Protocol over LAN) is a network protocol used in 802.1X for authentication. It uses EAP protocol over Ethernet.
- 10.
We have modified the code located in /hostapd-2.7/src/ap/ieee802_11.c.
References
Tews, E., Beck, M.: Practical attacks against WEP and WPA. In: Proceedings of the Second ACM Conference on Wireless Network Security, pp. 79–86 (2009)
AlFardan, N., Bernstein, D.J., Paterson, K.G., Poettering, B., Schuldt, J.C.N.: On the security of RC4 in TLS. In: Presented as part of the 22nd USENIX Security Symposium, pp. 305–320. USENIX (2013)
Stubblefield, A., Ioannidis, J., Rubin, A.D.: Using the Fluhrer, Mantin, and Shamir attack to break WEP. In: Proceedings of the Network and Distributed System Security Symposium (2002)
Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the key scheduling algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45537-X_1
Borisov, N., Goldberg, I., Wagner, D.: Intercepting mobile communications: the insecurity of 802.11. In: Proceedings of the 7th Annual International Conference on Mobile Computing and Networking, pp. 180–189. ACM (2001)
IEEE: “IEEE STD 802.11i” amendment 6: medium access control security enhancement (2004)
Paterson, K.G., Poettering, B., Schuldt, J.C.N.: Plaintext recovery attacks against WPA/TKIP. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 325–349. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46706-0_17
Bellardo, J., Savage, S.: 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In: Proceedings of the 12th Conference on USENIX Security Symposium, vol. 12, pp. 15–27. USENIX Association (2003)
Alabdulatif, A., Ma, X., Nolle, L.: Analysing and attacking the 4-way handshake of IEEE 802.11i Standard. In: The IEEE 8th International Conference for Internet Technology and Secured Transactions, pp. 382–387 (2013)
Singh, R., Sharma, T.P.: On the IEEE 802.11i security: denial-of-service perspective. In: Security and Communication Networks, pp. 1378–1407 (2014)
Vanhoef, M., Piessens, F.: Denial-of-service attacks against the 4-way Wi-Fi handshake (2017). https://papers.mathyvanhoef.com/ncs2017.pdf
Bai, Z., Bai, Y.: 4-way handshake solutions to avoid denial of service attack in ultra wideband networks. In: The 3rd International Symposium on Intelligent Information Technology Application, vol. 3, pp. 232–235 (2009)
Vanhoef, M., Piessens, F.: Key reinstallation attacks: forcing nonce reuse in WPA2. In: The Proceedings of the ACM Conference on Computer and Communications Security, pp. 1313–1328 (2017)
Wi-Fi-Alliance. WPA3 specification version 1.0 (2018). https://www.wi-fi.org/
Vanhoef, M., Ronen, E.: Dragonblood: a security analysis of WPA3’s SAE handshake, April 2019. https://papers.mathyvanhoef.com/dragonblood.pdf
Lounis, K., Zulkernine, M.: Bad-token: a denial of service attack on WPA3. In: Proceedings of the 12th International Conference on Security of Information and Networks, Sochi, Russia, 12–15 September 2019
Harkins, D.: Simultaneous authentication of equals: a secure, password-based key exchange for mesh networks. In: Second International Conference on Sensor Technologies and Applications, pp. 839–844 (2008)
Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, New York (2004). https://doi.org/10.1007/b97644
Acknowledgment
This work is partially supported by the Natural Sciences and Engineering Research Council of Canada (NSERC) and the Canada Research Chairs (CRC).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Lounis, K., Zulkernine, M. (2020). WPA3 Connection Deprivation Attacks. In: Kallel, S., Cuppens, F., Cuppens-Boulahia, N., Hadj Kacem, A. (eds) Risks and Security of Internet and Systems. CRiSIS 2019. Lecture Notes in Computer Science(), vol 12026. Springer, Cham. https://doi.org/10.1007/978-3-030-41568-6_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-41568-6_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-41567-9
Online ISBN: 978-3-030-41568-6
eBook Packages: Computer ScienceComputer Science (R0)