A handshake for vulnerabilities - A short dive into Krack and Dragonblood presented at BSidesVienna 2019

by Christoph Madelmayer,

Summary : We all know and love it and would like to have it available all over the world - Wireless LAN. A technology that is used in many places to provide free Internet access, enable networking for various components or to move freely in offices and at home. But how secure is the wireless network that connects so many devices?This talk will explore this question and try to give a brief overview of the functionality of the encryption standards WPA2 and WPA3 and explain known attacks on these two standards. The talk will also demonstrate the use of the well-known Krackattack.This talk deals with the different attacks like Krackattack and the Dragonblood attack on the known WPA vulnerabilities. In order to explain the vulnerabilities in an understandable way, some basics of the respective WPA standards are explained first, such as the 4-Way Handshake in WPA2.Building upon this, the attack "Krackattack" for the WPA2 standard is explained in detail. In the course of this, the susceptible functionalities, weak points and involved components are explained and the resulting possibilities for an attacker are explained. Furthermore, appropriate countermeasures are presented which users or administrators can use to protect themselves against these attacks or what should be considered when eliminating the vulnerabilities. So that the attack is not only described theoretically, a live demo is part of the presentation. This demo shows how this vulnerability can actually be exploited and which tools and hardware are necessary.The new wireless encryption standard WPA3 was finalized and released by the Wi-Fi Alliance in 2018. In the near future, this new standard is supposed to replace the WPA2 standard, which has been in use for many years. The innovations and improvements compared to the WPA2 standard are therefore also part of this presentation. Many of these innovations also promise improvements in terms of security. Nevertheless, researchers have already identified vulnerabilities in the standard published by the Wi-Fi Alliance - the so-called "Dragonblood" attack. This attack will also be examined and explained in detail during the presentation. As with the WPA2 vulnerabilities, the vulnerable functionalities, vulnerabilities and components involved are explained and the resulting possibilities for an attacker are explained. Finally, appropriate countermeasures are presented.