Researchers Find Flaws in WPA2's 4-way Handshake Implementations

Discussion in '0-day Release' started by silversurfer, Aug 9, 2018.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    Researchers have discovered several security vulnerabilities in implementations of Wi-Fi Protected Access two (WPA2)’s 4-way handshake, which is used by nearly all protected Wi-Fi networks.

    The discovery was the result of simulating cryptographic primitives during symbolic execution for the analysis of security protocol implementations, KU Leuven researchers Mathy Vanhoef and Frank Piessens explain in a recently published whitepaper (PDF).

    By applying the technique on three client-side implementations of WPA2’s 4-way handshake, the researchers discovered timing side-channels when verifying authentication tags, a denial-of-service attack, a stack-based buffer overflow, and a non-trivial decryption oracle. [...]

    Source: https://www.securityweek.com/researchers-find-flaws-wpa2s-4-way-handshake-implementations
     
    RGiskardR and Der.Reisende like this.
  2. Google Adsense

Share This Page