A researcher investigating strengths and weaknesses of the new WPA3 Wi-Fi standard accidentally discovered a new way to attack networks protected by the widespread WPA2 standard (WPA2 was introduced in September 2004). Jens 'Atom' Steube revealed an outline of the streamlined new attack and why it works on the HashCat forums this weekend.
As Computing magazine makes clear, the newfound hackability of WPA2 is due to its Pre-Shared Key exchange process. This won't be an issue with WPA3, as it replaces this authentication method with a Simultaneous Authentication of Equals, claimed to be "much harder to attack".
Looking back at common WPA2 attack methods, Computing explains that "Most attack methods against Wi-Fi networks involve waiting until a user connects and capturing information from the ‘handshake' procedure between user and network, before conducting a brute-force attack for the password." The new attack doesn't need this information, or thus any time waiting for an end user to be logging in. Instead the attack is performed on the RSN IE (Robust Security Network Information Element) of a single EAPOL frame. Furthermore, the new attack requires just three freely downloadable software tools from Github.
Steube went on to outline the new WPA2 attack's advantages:
- No more regular users required - because the attacker directly communicates with the AP (aka "client-less" attack)
- No more waiting for a complete 4-way handshake between the regular user and the AP
- No more eventual retransmissions of EAPOL frames (which can lead to uncrackable results)
- No more eventual invalid passwords sent by the regular user
- No more lost EAPOL frames when the regular user or the AP is too far away from the attacker
- No more fixing of nonce and replaycounter values required (resulting in slightly higher speeds)
- No more special output format (pcap, hccapx, etc.) - final data will appear as regular hex encoded string
Discussing which routers might be vulnerable to the new attack method, Steube said that all 802.11i/p/q/r networks with roaming functions enabled, or more simply "most modern routers," could fall victim to it.
Steube told Bleeping Computer that now it is much easier to access a hash that contains the pre-shared key - but that hash still needs to be cracked. It is best not to use the "obvious pattern" following manufacturer generated PSK, Steube advised users; rather make up your own with complex arrangements of letters and symbols. "A typical manufacturers PSK of length 10 takes 8 days to crack (on a 4 GPU box)," explained Steube.
The WPA3 Wi-Fi security standard was launched back in June this year and it is expected to become firmly established but it will take time. As well as strengthened security, WPA3 will deliver an easier network joining method, so even screenless devices can quickly and simply connect.