all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

From Dragondoom to Dragonstar: Side-channel Attacks and Formally Verified Implementation of WPA3 Dragonfly Handshake. (arXiv:2307.09243v1 [cs.CR])

Add to bookmarks
July 19, 2023, 1:10 a.m. | Daniel De Almeida Braga, Natalia Kulatova, Mohamed Sabt, Pierre-Alain Fouque, Karthikeyan Bhargavan

cs.CR updates on arXiv.org arxiv.org

It is universally acknowledged that Wi-Fi communications are important to
secure. Thus, the Wi-Fi Alliance published WPA3 in 2018 with a distinctive
security feature: it leverages a Password-Authenticated Key Exchange (PAKE)
protocol to protect users' passwords from offline dictionary attacks.
Unfortunately, soon after its release, several attacks were reported against
its implementations, in response to which the protocol was updated in a
best-effort manner.


In this paper, we show that the proposed mitigations are not enough,
especially for a complex …

alliance attacks channel communications dictionary attacks dragonfly exchange feature handshake implementation important key password passwords protect protocol security side-channel side-channel attacks verified wi-fi wpa3

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Quantum $X$-Secure $B$-Byzantine $T$-Colluding Private Information Retrieval 12 minutes ago | arxiv.org
arxiv capabilities context cs.cr +13
Approximation of Pufferfish Privacy for Gaussian Priors 12 minutes ago | arxiv.org
adversary arxiv cs.cr cs.it +9
Polynomial XL: A Variant of the XL Algorithm Using Macaulay Matrices over Polynomial Rings 12 minutes ago | arxiv.org
algorithm arxiv computer computer science +11
Families of sequences with good family complexity and cross-correlation measure 12 minutes ago | arxiv.org
alphabet arxiv binary complexity +12
Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation 12 minutes ago | arxiv.org
access arxiv attack breaking +26
Seeing Is Not Always Believing: Invisible Collision Attack and Defence on Pre-Trained Models 12 minutes ago | arxiv.org
arxiv attack bert big +14
Proceedings of the 2nd International Workshop on Adaptive Cyber Defense 12 minutes ago | arxiv.org
applications artificial artificial intelligence arxiv +16
Sharpness-Aware Data Poisoning Attack 12 minutes ago | arxiv.org
aim arxiv attack attacks +18
Fant\^omas: Understanding Face Anonymization Reversibility 12 minutes ago | arxiv.org
anonymization arxiv can claims +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cyber Security Engineer I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com

Senior DevSecOps Engineer

@ Wisk Aero | Remote United States
View on infosec-jobs.com

Vulnerable Adult Investigator - Vice President

@ JPMorgan Chase & Co. | Chicago, IL, United States
View on infosec-jobs.com

Consultant Réseaux IT Digital Impulse - H/F

@ Talan | Paris, France
View on infosec-jobs.com

DevSecOps Engineer (Onsite)

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Senior Security Engineer

@ Minitab | State College, Pennsylvania, United States
View on infosec-jobs.com
View more jobs