Dragonblood is Still Leaking: Practical Cache-based Side-Channel in the Wild

12/04/2020
by   Daniel De Almeida Braga, et al.
0

Recently, the Dragonblood attacks have attracted new interests on the security of WPA-3 implementation and in particular on the Dragonfly code deployed on many open-source libraries. One attack concerns the protection of users passwords during authentication. In the Password Authentication Key Exchange (PAKE) protocol called Dragonfly, the secret, namely the password, is mapped to an elliptic curve point. This operation is sensitive, as it involves the secret password, and therefore its resistance against side-channel attacks is of utmost importance. Following the initial disclosure of Dragonblood, we notice that this particular attack has been partially patched by only a few implementations. In this work, we show that the patches implemented after the disclosure of Dragonblood are insufficient. We took advantage of state-of-the-art techniques to extend the original attack, demonstrating that we are able to recover the password with only a third of the measurements needed in Dragonblood attack. We mainly apply our attack on two open-source projects: iwd (iNet Wireless Daemon) and FreeRADIUS, in order underline the practicability of our attack. Indeed, the iwd package, written by Intel, is already deployed in the Arch Linux distribution, which is well-known among security experts, and aims to offer an alternative to wpa_supplicant. As for FreeRADIUS, it is widely deployed and well-maintained upstream open-source project. We publish a full Proof of Concept of our attack, and actively participated in the process of patching the vulnerable code. Here, in a backward compatibility perspective, we advise the use of a branch-free implementation as a mitigation technique, as what was used in hostapd, due to its quite simplicity and its negligible incurred overhead.

READ FULL TEXT
research
06/22/2020

IXmon: Detecting and Analyzing DRDoS Attacks at Internet Exchange Points

Distributed reflective denial of service (DRDoS) attacks are a popular c...
research
12/19/2021

Attacks of the Knights: Exploiting Non Uniform Cache Access Time

Intel Knights Landing Processors have shared last level cache (LLC) acro...
research
05/24/2023

An Efficient Key Management Scheme For In-Vehicle Network

Vehicle technology has developed rapidly these years, however, the secur...
research
07/22/2020

Exploiting Behavioral Side-Channels in Observation Resilient Cognitive Authentication Schemes

Observation Resilient Authentication Schemes (ORAS) are a class of share...
research
07/10/2020

Microarchitecture Online Template Attacks

Online template attack (OTA) is a powerful technique previously used to ...
research
01/24/2022

On the Complexity of Attacking Elliptic Curve Based Authentication Chips

In this paper we discuss the difficulties of mounting successful attack ...
research
07/18/2023

From Dragondoom to Dragonstar: Side-channel Attacks and Formally Verified Implementation of WPA3 Dragonfly Handshake

It is universally acknowledged that Wi-Fi communications are important t...

Please sign up or login with your details

Forgot password? Click here to reset