Dragonblood – the vulnerability affecting WiFi Protected Access 3 (WPA3)

The WiFi Alliance recently released their latest security and authentication standard, WiFi Protected Access 3 (WPA3), but two security researchers have discovered a weakness in one of its protocols.


WPA3 is the newest standard in WiFi security, better securing public and private networks.

It makes connecting to non-HTTPS websites and unsecured WiFi a lot safer.

Linus Sebastian of Techquickie has an excellent video explaining WPA3 in an easily digestible five minutes.

“[WPA3] will encrypt each individual gadget’s connection to an unsecured access point, making it much less likely you’ll have your data stolen…” Linus says.

WPA3 uses the same level of encryption as the currently-mainstream WPA2, which is 128-bit encryption.

If properly implemented, 128-bit encryption is extremely hard to crack.

Sr. Systems Engineer and Security Architect Mohit Arora explains in an article on EE Times that “even with a supercomputer, it would take 1 billion billion years to crack the 128-bit AES key using brute force attack.”

“This is more than the age of the universe (13.75 billion years).” Arora says.

But WPA3’s biggest boon arguably lies in its security for networks with weak passwords, which are still all too common.

This security comes in the form of a new handshake protocol called Simultaneous Authentication of Equals (SAE), commonly referred to as Dragonfly.

With WPA2, attackers can intercept encrypted data and try to decrypt it endlessly with brute force attacks, which guess passwords until correct.

“With WPA3, attackers only get one guess at your password each time they try to crack the code, and they have to interact with your network every time they do; meaning that even weak passwords will be made much more time-consuming to crack, which will hopefully dissuade attacks which require assailants to continuously hang out in range of your [WiFi] router.” Linus Sebastian of Techquickie says.

However, as two security researchers have discovered, Dragonfly does have its flaws, which are commonly referred to as Dragonblood.


Unfortunately, Dragonfly is vulnerable to password partitioning attacks.

Mathy Vanhoef (New York University Abu Dhabi) and Eyal Ronen (Tel-Aviv University), the security researchers that discovered and named Dragonblood, explain how these attacks work in their in-depth paper on the security flaw.

“These attacks resemble dictionary attacks and allow an adversary to recover the [network passwords] by abusing timing or cache-based side-channel leaks.” Vanhoef and Ronen say.

“…our cache-based attack exploits [Dragonfly’s] hash-to-curve algorithm.

“The resulting attacks are efficient and low cost: bruteforcing all 8-character lowercase password requires less than 125$ in Amazon EC2 instances.”

They also discuss in the paper how to protect against the attacks and how small changes to Dragonfly could prevent such attacks.

Vanhoef and Ronen immediately notified The WiFi Alliance of Dragonblood, who say there is “no evidence of the vulnerability being used against Wi-Fi users maliciously…”

The WiFi Alliance have also took immediate steps to deliver stronger security protections to WPA3 users.

“These issues can be resolved through a straightforward software update – a process much like the software updates Wi-Fi users regularly perform on their mobile devices.” The WiFi Alliance say.

“WPA3-Personal is in the early stages of deployment, and the small number of device manufacturers that are affected have already started deploying patches to resolve the issue.”

WPA3 has not hit the mainstream yet, with WPA2 remaining the most widely-implemented WiFi standard, but people can expect to see WPA3’s slow rollout into the public space continue over the next year.

How Useful Was This Post?

Let Us Know How We Are Doing - Click A Star To Rate This Post

Average Vote Rating 5 / 5. Vote Count : 3

No Votes So Far! Be The First To Rate This Post