Nangona umgangatho omtsha we-WPA3 ungekaphunyezwa ngokupheleleyo, iziphene zokhuseleko kule protocol zivumela abahlaseli ukuba baqhekeze amagama ayimfihlo e-Wi-Fi.
I-Wi-Fi Protected Access III (WPA3) yasungulwa ngeenzame zokujongana neziphene zobugcisa beprotocol ye-WPA2, ebikade ithathwa njengengakhuselekanga kwaye isesichengeni kwi-KRACK (Key Reinstallation Attack). Nangona i-WPA3 ixhomekeke ekuxhawulweni ngesandla okukhuseleke ngakumbi okwaziwa ngokuba yi-dragonfly, ejolise ekukhuseleni uthungelwano lwe-Wi-Fi kuhlaselo lwesichazi-magama ngaphandle kwe-intanethi (umkhosi ongekho intanethi), abaphandi bokhuseleko uMathy Vanhoef kunye no-Eyal Ronen bafumene ubuthathaka ekuphunyezweni kwangaphambili kwe-WPA3-Personal enokuvumela. umhlaseli ukubuyisela i-passwords ye-Wi-Fi ngokusebenzisa kakubi amaxesha okanye i-cache esecaleni.
βAbahlaseli banokufunda iinkcukacha ekufuneka i-WPA3 ibhalwe ngokukhuselekileyo. Oku kunokusetyenziswa ukubiwa ulwazi olubuthathaka olunje ngeenombolo zekhadi letyala, amagama ayimfihlo, imiyalezo yencoko, ii-imeyile, njl.
Ipapashiwe namhlanje , ebizwa ngokuba yi-DragonBlood, abaphandi bajonga ngokuthe kratya kwiintlobo ezimbini zeempazamo zokuyila kwi-WPA3: eyokuqala ikhokelela ekuhlaselweni kwe-downgrade, kwaye okwesibini ikhokelela ekuvuzeni kwe-cache cache.
Uhlaselo lwetshaneli esecaleni olusekwe kwi-cache
I-algorithm yokufaka i-password ye-dragonfly, ekwabizwa ngokuba yi-algorithm yokuzingela kunye ne-pecking, iqulethe amasebe anemiqathango. Ukuba umhlaseli unokugqiba ukuba leliphi isebe le-ukuba-ke-enye isebe elithathiweyo, unokufumanisa ukuba igama legama lokugqitha lifunyenwe kuphinda-phindo oluthile lwalo algorithm. Ngokwenza, kufunyenwe ukuba ukuba umhlaseli angakwazi ukuqhuba ikhowudi engafanelekanga kwikhompyutheni yexhoba, kunokwenzeka ukusebenzisa uhlaselo olusekelwe kwi-cache ukumisela ukuba yeyiphi isebe elizanyiweyo kwi-iteration yokuqala ye-algorithm yokuvelisa iphasiwedi. Olu lwazi lunokusetyenziselwa ukwenza uhlaselo lokwahlulahlula igama lokugqitha (oku kuyafana nohlaselo lwesichazi-magama olungaxhunyiwe kwi-intanethi).
Obu buthathaka bulandelwa kusetyenziswa i-CVE-2019-9494.
Ukhuselo lubandakanya ukutshintshwa kwamasebe anemiqathango axhomekeke kumaxabiso ayimfihlo kunye nezinto eziluncedo zokukhetha rhoqo. Ukuphunyezwa kufuneka kwakhona kusebenzise izibalo kunye nexesha rhoqo.
Ungqamaniso olusekwe ecaleni kwendlela uhlaselo
Xa I-dragonfly handshake isebenzisa amaqela athile aphindaphindayo, i-algorithm yokufakwa kwekhowudi yegama lokugqitha isebenzisa inani eliguquguqukayo lokuphinda-phinda ukubethelela igama lokugqitha. Inani elichanekileyo lokuphindaphinda kuxhomekeke kwigama lokugqitha elisetyenzisiweyo kunye nedilesi ye-MAC yendawo yokufikelela kunye nomxhasi. Umhlaseli unokwenza uhlaselo lwexesha elikude kwi-algorithm yokufakwa kwekhowudi yokugqitha ukuze amisele ukuba zingaphi naphindo oluthathiweyo ukubethelela igama lokugqithisa. Ulwazi olufunyenweyo lunokusetyenziswa ukwenza uhlaselo lwegama lokugqitha, olufana nohlaselo lwesichazi-magama olungasebenziyo kwi-intanethi.
Ukuthintela uhlaselo lwexesha, ukuphunyezwa kufuneka kukhubaze amaqela aphindaphindekayo asesichengeni. Ukusuka kumbono wobugcisa, amaqela e-MODP angama-22, ama-23 kunye nama-24 kufuneka akhubazwe. Kukwacetyiswa ukuba ukhubaze amaqela e-MODP 1, 2 kunye no-5.
Obu buthathaka bukwalandelwa kusetyenziswa i-CVE-2019-9494 ngenxa yokufana ekuphunyezweni kohlaselo.
WPA3 ukuthoba
Ekubeni iprotocol ye-WPA15 eneminyaka eyi-2 isetyenziswe ngokubanzi ngamawaka ezigidi zezixhobo, ukwamkelwa ngokubanzi kwe-WPA3 akuyi kwenzeka ngobusuku. Ukuxhasa izixhobo ezindala, izixhobo eziqinisekisiweyo ze-WPA3 zinika "imowudi yokusebenza yenguqu" enokuthi iqwalaselwe ukuba yamkele imidibaniso isebenzisa zombini i-WPA3-SAE kunye ne-WPA2.
Abaphandi bakholelwa ukuba imodi edlulayo isengozini yokuhlaselwa kokunciphisa, abahlaseli abangasebenzisa ukudala indawo yokufikelela ekhohlakeleyo exhasa kuphela i-WPA2, ukunyanzelisa izixhobo ezinikwe amandla i-WPA3 ukuba zidibanise usebenzisa i-WPA2 ene-handshake yendlela ezine.
"Siphinde safumanisa uhlaselo oluphantsi oluchasene ne-SAE (i-Simultaneous Authentication of Peers, eyaziwa ngokuba yi-Dragonfly) ukuxhawula izandla ngokwayo, apho sinokunyanzela isixhobo ukuba sisebenzise ijika le-elliptic elibuthathaka kunesiqhelo," abaphandi bathi.
Ngaphezu koko, isikhundla somntu ophakathi asidingeki ukuba senze uhlaselo oluphantsi. Endaweni yoko, abahlaseli kufuneka bazi kuphela i-SSID yenethiwekhi ye-WPA3-SAE.
Abaphandi baxela iziphumo zabo kwi-Wi-Fi Alliance, umbutho ongenzi nzuzo oqinisekisa imigangatho ye-WiFi kunye neemveliso ze-Wi-Fi zokuthotyelwa, eziye zavuma iingxaki kwaye zisebenzisana nabathengisi ukulungisa izixhobo ezikhoyo eziqinisekisiweyo ze-WPA3.
I-PoC (404 ngexesha lokupapashwa)
Njengobungqina bengqikelelo, abaphandi baya kukhupha ngokukhawuleza ezi zixhobo zine zilandelayo zahlukeneyo (kwiindawo zokugcina ze-GitHub ezidityaniswe ngezantsi) ezinokuthi zisetyenziswe ukuvavanya ubuthathaka.
sisixhobo esinokuvavanya ukuba indawo yofikelelo isengozini kuhlaselo lwe-Dos kwi-WPA3 Dragonfly handshake.
-Isixhobo sokulinga ukwenza uhlaselo lwamaxesha ngokuchasene nokuxhawulana ngesandla kwe-Dragonfly.
sisixhobo sokulinga esifumana ulwazi lokubuyisela kuhlaselo lwexesha kwaye senze uhlaselo lokugqitha.
- isixhobo esenza uhlaselo kwi-EAP-pwd.
Iwebhusayithi yeprojekthi -
umthombo: www.habr.com