Sweet Dreams: Abusing Sleep Mode to Break Wi-Fi Encryption and Disrupt WPA2/3 Networks

This presentation introduces two novel attacks that abuse the power-save (sleep) functionality of Wi-Fi. In our first attack, we target a protected Wi-Fi network and abuse sleep mode to leak frames in plaintext. The idea is that the adversary forces an Access Point to buffer frames, and then causes the buffered frames to be transmitted using the wrong or no key. For instance, some affected APs will leak buffered frames by encrypting them using an all-zero key, and some APs …

abuse abusing access access point adversary attack attacks buffer disrupt encryption leak mode network networks novel plaintext point power presentation sleep target wi-fi wpa2