UMathy Vanhoef no-Eyal Ronen) indlela entsha yokuhlasela (CVE-2019-13377) kumanethiwekhi angenawaya asebenzisa ubuchwepheshe bokuphepha be-WPA3, okuvumela ukuthola ulwazi mayelana nezici zephasiwedi ezingasetshenziswa ukuyiqagela ungaxhunyiwe ku-inthanethi. Inkinga ivela enguqulweni yamanje .
Masikhumbule ukuthi ngo-April ababhali abafanayo ubungozi obuyisithupha ku-WPA3, ukumelana nakho i-Wi-Fi Alliance, ethuthukisa izindinganiso zamanethiwekhi angenantambo, yenze izinguquko ezincomweni zokuqinisekisa ukuqaliswa okuphephile kwe-WPA3, obekudinga ukusetshenziswa kwamajika ayi-elliptic avikelekile. , esikhundleni samajika angama-elliptic avumelekile ngaphambilini P-521 kanye ne-P-256.
Kodwa-ke, ukuhlaziya kubonise ukuthi ukusetshenziswa kwe-Brainpool kuholela ekilasini elisha lokuvuza kwesiteshi eseceleni ku-algorithm yezingxoxo zokuxhuma ezisetshenziswa ku-WPA3. , isivikelo ekuqageleni iphasiwedi kumodi engaxhunyiwe ku-inthanethi. Inkinga ekhonjiwe ibonisa ukuthi ukudala ukusetshenziswa kwe-Dragonfly ne-WPA3 mahhala kokuputshuka kwedatha yenkampani yangaphandle kunzima kakhulu, futhi kubonisa ukwehluleka kwemodeli yokuthuthukisa izindinganiso ngaphandle kweminyango evaliwe ngaphandle kwengxoxo yomphakathi yezindlela ezihlongozwayo nokucwaninga komphakathi.
Uma usebenzisa ijika eliyielliptic le-Brainpool, Ujekamanzi ubhala iphasiwedi ngokwenza iziphindaphindo ezimbalwa zokuqala zephasiwedi ukuze ubale ngokushesha i-hashi emfushane ngaphambi kokufaka ijika eliyielliptic. Kuze kutholakale i-hashi emfushane, imisebenzi eyenziwe incike ngokuqondile kuphasiwedi yeklayenti nekheli le-MAC. Isikhathi sokwenza (esihlobene nenani lokuphindaphinda) kanye nokubambezeleka phakathi kwemisebenzi phakathi kweziphindaphindo zokuqala kungalinganiswa futhi kusetshenziselwe ukunquma izici zephasiwedi ezingasetshenziswa ungaxhunyiwe ku-inthanethi ukuze kuthuthukiswe ukukhethwa kwezingxenye zephasiwedi kwinqubo yokuqagela iphasiwedi. Ukuze wenze ukuhlasela, umsebenzisi oxhuma kunethiwekhi engenantambo kufanele abe nokufinyelela ohlelweni.
Ukwengeza, abacwaningi bahlonze ukuba sengozini kwesibili (CVE-2019-13456) okuhlobene nokuvuza kolwazi ekusetshenzisweni kwephrothokholi. , usebenzisa i-algorithm ye-Dragonfly. Inkinga iqondene ngqo neseva ye-FreeRADIUS RADIUS futhi, ngokusekelwe ekuvuzeni kolwazi ngokusebenzisa iziteshi zezinkampani zangaphandle, njengokuba sengozini kokuqala, ingenza kube lula ukuqagela iphasiwedi.
Kuhlanganiswe nendlela ethuthukisiwe yokuhlunga umsindo enqubweni yokulinganisa ukubambezeleka, izilinganiso ezingama-75 ngekheli ngalinye le-MAC zanele ukunquma inani lokuphindaphinda. Uma usebenzisa i-GPU, izindleko zensiza zokuqagela iphasiwedi yesichazamazwi esisodwa zilinganiselwa ku-$1. Izindlela zokuthuthukisa ukuphepha kwephrothokholi ukuvimba izinkinga ezikhonjiwe sezivele zifakiwe kuzinguqulo ezisalungiswa zamazinga e-Wi-Fi azayo () futhi . Ngeshwa, ngeke kwenzeke ukuqeda ukuvuza ngamashaneli ezinkampani zangaphandle ngaphandle kokwephula ukuhambisana okusemuva kuzinguqulo zamanje zephrothokholi.
Source: opennet.ru