. home.aspx



Major vulnerabilities found in new Wi-Fi standard

April 12, 2019 / Sead FadilpaSIC

The latest WPA3 WiFi security and authentication standard may be suffering from serious safety flaws of its own.  This is according to a group of researchers - Mathy Vanhoef and Eyal Ronen, who issued a report called “Dragonblood – A Security Analysis of WPA3’s SAE Handshake”, which identifies design flaws in the WPA3 standard's Dragonfly key exchange, hence the Dragonblood name. They disclosed a total of five vulnerabilities, four of which could be used to recover user passwords, while the fifth one could be used to ‘only’ crash WPA3-compatible access points. The details about the vulnerabilities, how they operate and how they attack the network can be found on this link. The Wi-Fi Alliance, responsible for the creation and the release of the WPA3 standard, issued a security update for the WPA3, after the flaw was made public. "These issues can all be mitigated through software updates without any impact on devices' ability to work...