Mathy Vanhoef naEyal Ronen) nzira itsva yekurwisa (CVE-2019-13377) pamhepo isina waya uchishandisa WPA3 kuchengetedza tekinoroji, iyo inobvumira kuwana ruzivo nezve password maitiro anogona kushandiswa kufembera kunze kwenyika. Dambudziko rinoonekwa mune yazvino vhezheni .
Ngatiyeukei kuti muna Kubvumbi vanyori vamwechete vaive kusasimba kutanhatu muWPA3, kupikisa iyo Wi-Fi Alliance, iyo inovandudza zviyero zvemawaya asina waya, yakaita shanduko kune kurudziro yekuona kwakachengeteka kuita kweWPA3, iyo yaida kushandiswa kwakachengeteka elliptic curves. , pachinzvimbo chezvaimboshanda elliptic curves P-521 uye P-256.
Nekudaro, iyo ongororo yakaratidza kuti kushandiswa kweBrainpool kunotungamira kune kirasi nyowani yedivi-chiteshi inodonha mukubatanidza kutaurirana algorithm inoshandiswa muWPA3. , dziviriro kubva pakufungidzira pasiwedhi mune offline mode. Dambudziko rakaonekwa rinoratidza kuti kugadzira mashandisirwo edragonfly neWPA3 mahara echitatu-bato rekuburitswa kwedata kwakaoma zvakanyanya, uye zvakare inoratidza kutadza kweiyo modhi yekugadzira zviyero kuseri kwemasuo akavharwa pasina hurukuro yeruzhinji pamusoro penzira dzakarongwa uye kuongororwa nenharaunda.
Paunenge uchishandisa Brainpool's elliptic curve, Dragonfly inoisa pasiwedhi nekuita akati wandei ekutanga iterations yepassword kuti ikurumidze kuverengera hashi pfupi isati yaisa elliptic curve. Kusvikira hashi pfupi yawanikwa, mashandiro akaitwa anoenderana nepassword yemutengi uye kero yeMAC. Nguva yekuuraya (yakabatana nehuwandu hwekudzokororwa) uye kunonoka pakati pekushanda panguva yekutanga iterations inogona kuyerwa uye kushandiswa kuona mapassword ayo anogona kushandiswa kunze kwenyika kuvandudza kusarudzwa kwezvikamu zvepassword mune yekufungidzira password. Kuti uite kurwiswa, mushandisi anobatanidza kune isina waya network anofanira kuwana iyo system.
Pamusoro pezvo, vaongorori vakaratidza kusazvibata kwechipiri (CVE-2019-13456) kwakabatana nekuburitswa kweruzivo mukuitwa kweprotocol. , uchishandisa iyo Dragonfly algorithm. Dambudziko rakanangana neiyo FreeRADIUS RADIUS server uye, zvichibva pakuburitswa kweruzivo kuburikidza nematanho echitatu-bato, sekusagadzikana kwekutanga, inogona kurerutsa kufungidzira kwepassword.
Yakasanganiswa neyakagadziridzwa nzira yekusefa kunze ruzha mune latency kuyerwa maitiro, 75 zviyero paMAC kero inokwana kuona huwandu hwekudzokororwa. Paunenge uchishandisa GPU, mutengo wekushandisa wekufungidzira password imwe yeduramazwi unofungidzirwa pamadhora 1. Nzira dzekuvandudza kuchengetedzeka kweprotocol kuvharira matambudziko akaonekwa akatoverengerwa mushanduro dzeramangwana reWi-Fi zviyero () uye . Nehurombo, hazvizogone kubvisa kuvuza kuburikidza neyechitatu-bato chiteshi pasina kutyora kumashure kuenderana mune zvazvino protocol shanduro.
Source: opennet.ru